Security & trust
ModelPilot is built so the sensitive data physically can't reach us. This page describes exactly how your data is handled, our security practices, and our compliance posture — stated plainly, without overclaiming.
What we receive — and what we never do
| Never sent to ModelPilot | Sent to ModelPilot |
|---|---|
| Prompt text & system prompts | Task category (e.g. classification) |
| Model outputs / completions | Numeric features (token estimates, boolean flags) |
| Your Anthropic API key | Requested model + your deployment id / API key |
| Any of your customers' data | Aggregate savings dollars & counts (billing) |
Your application calls a local proxy that forwards requests to Anthropic with your key, directly. ModelPilot is not in the path of your prompt content. See the architecture page for the full request flow.
Defense in depth. Our routing, metering, telemetry, and logging endpoints reject any payload that contains prompt/output/secret-looking fields (HTTP 422) — even though the client already guarantees aggregates only.
Optional request logs
Per-request logging is opt-in and metadata-only (timestamps, models, category, token counts, cost, status, routed/escalated flags) — never content. You can also export this telemetry to your own OTLP collector so it never reaches us at all. Logging is off until you enable it.
Encryption
- In transit: all traffic to ModelPilot services is over TLS (HTTPS).
- At rest: our datastores (accounts, aggregates, opt-in metadata) are encrypted at rest by our cloud provider.
- Your API key: stays on your machine and is used by the local proxy to call Anthropic; we never store or transmit it.
Access & account security
- Passwords are hashed with PBKDF2-SHA256 (200k iterations); we never store plaintext.
- API keys are shown once and stored only as a SHA-256 hash; they're scoped to a deployment, revocable, and track last use.
- Sessions are HMAC-signed; suspended accounts lose access immediately.
- Per-deployment isolation; least-privilege internal access to production systems.
Availability
The proxy fails open: if ModelPilot is ever unreachable, your request is forwarded straight to the Claude API, unrouted. We can degrade your savings, never your uptime. Live service status: app.modelpilot.app/status.
Data retention & deletion
We retain account data while your account is active, aggregate savings data for billing history, and any opt-in metadata logs you choose to send. You can export your data (CSV) from the console and request deletion at any time by emailing krethikram@gmail.com.
Compliance posture — stated honestly
We believe in being precise about what is and isn't true today:
- Architectural guarantees (today): prompts/outputs/keys never reach us; aggregates-only metering; opt-in metadata logging; fail-open routing; inspectable thin client. These are properties of the design, verifiable in the client.
- Data Processing Addendum: we will sign a DPA with customers (a template is published for review).
- Subprocessors: a current list is published here.
- Formal certifications (SOC 2 Type II, etc.): we are not yet certified. If your procurement requires SOC 2, HIPAA/BAA, penetration-test summaries, or a security questionnaire, email us — we'll share our current posture and roadmap. We will not claim certifications we don't hold.
Reporting a vulnerability
Found a security issue? Please email krethikram@gmail.com with details and steps to reproduce. We'll acknowledge promptly, keep you updated, and credit you if you'd like once it's resolved. Please don't disclose publicly until we've had a chance to fix it.
Questions about security or procurement? krethikram@gmail.com · DPA · Subprocessors · Status · Architecture