Back to Home

Security

We take security seriously. Here is how we protect your data and our infrastructure.

Encryption

All data in transit is encrypted using TLS 1.2+. Data at rest is encrypted using AES-256. Passwords are hashed with bcrypt (cost factor 12) and never stored in plaintext.

Prompt Privacy

We do not store, log, or retain your API prompt content or AI model responses. This is a core design principle — your prompts are private between you and the AI model provider.

Infrastructure

Our servers run in secure data centers with 24/7 monitoring, DDoS protection, and automated failover. Regular security audits and penetration testing are conducted.

Compliance

We comply with GDPR (EU) and PIPL (China) regulations. Data breach notifications are sent within 72 hours per GDPR Art. 33. See our Privacy Policy

To report a security vulnerability, please email security@chinaapi.com