We take security seriously. Here is how we protect your data and our infrastructure.
All data in transit is encrypted using TLS 1.2+. Data at rest is encrypted using AES-256. Passwords are hashed with bcrypt (cost factor 12) and never stored in plaintext.
We do not store, log, or retain your API prompt content or AI model responses. This is a core design principle — your prompts are private between you and the AI model provider.
Our servers run in secure data centers with 24/7 monitoring, DDoS protection, and automated failover. Regular security audits and penetration testing are conducted.
We comply with GDPR (EU) and PIPL (China) regulations. Data breach notifications are sent within 72 hours per GDPR Art. 33. See our Privacy Policy。
To report a security vulnerability, please email security@chinaapi.com