Trust & Security

RodiumAI is building AI infrastructure for Africa. We are an early-stage, not-yet-registered startup, and we take the trust you place in us seriously. This document explains how we protect you, your data, and your operations in plain language.

RodiumAI does not store, log, read, or analyse the content of API prompts or model responses.

• Your request is authenticated and routed.
• OpenRouter executes the call against the selected catalogue model.
• The response is returned to you.
• We record metadata only: time, model, tokens, RODI cost, latency, status.

Even if our systems were compromised, your prompt text would not be exposed — because we do not retain it.

• Request timestamp.
• API key identifier (not the secret).
• Catalogue model slug and upstream route.
• Input and output token counts (or modality-specific units for image/audio/video).
• RODI credits consumed.
• Latency and HTTP status.

This powers accurate billing and dashboard analytics without knowing what you asked or what the model answered.

Production traffic is routed through OpenRouter (openrouter.ai/privacy), which connects to the underlying model vendor. We do not control downstream retention.

Providers available in our catalogue today include:

• OpenRouter — openrouter.ai/privacy
• OpenAI — openai.com/policies/privacy-policy
• Anthropic — anthropic.com/privacy
• Google — policies.google.com/privacy
• DeepSeek — deepseek.com/privacy
• MiniMax — minimax.io/privacy-policy

For strict data residency or zero-retention requirements, review each vendor's enterprise options before production use.

• Passwords are hashed; never stored in plaintext.
• API keys are encrypted at rest and shown in full only once at creation.
• All API traffic uses HTTPS/TLS.
• Sessions use secure timeout and invalidation.

We recommend: strong unique passwords, never committing API keys to public repos, rotating keys regularly, and using descriptive key names per application.

• Owner — full control: members, RODI transfers, org settings.
• Member — API usage and personal usage view; cannot manage other members or org-wide billing.

Members cannot see each other's API keys or individual usage unless they hold the owner role.

6.1 FedaPay checkout — Instant recharges redirect you to FedaPay. We do not receive or store your full Mobile Money wallet credentials. Payment sessions are hosted by the aggregator; we credit your wallet only after a confirmed, signed webhook from FedaPay.

6.2 Manual recharge — Where manual transfer is offered, you upload a proof image via a signed upload to Cloudinary (HTTPS). Only authorized staff review proofs to approve or reject. Status is visible in your billing dashboard; rejections include a reason when applicable. See our Privacy Policy for how proof data is handled.

6.3 Financial integrity — Every RODI movement is recorded in an immutable wallet ledger. We send transactional emails at key billing steps (submission, approval, rejection, low balance). A minimum recharge of 500 RODI helps reduce micro-fraud and processing overhead.

• We do not store full card numbers on our servers.
• Two payment paths are clearly distinguished in the recharge UI: instant checkout vs. manual transfer.
• Estimated RODI and operator fees are shown before you pay.
• All transactions are logged for audit and dispute resolution.

Report unauthorized charges immediately at legal@rodiumai.io.

• Per-account and per-plan rate limits.
• Detection of unusual usage patterns.
• IP- and key-based restrictions when needed.
• Administrative audit logs.

We prohibit uses that harm or exploit individuals (especially minors), enable fraud or deception, or facilitate unauthorized system access. Build applications that benefit your users and communities.

• Prompt investigation of security incidents.
• Notify affected users as soon as practicable after a confirmed breach.
• Take immediate remediation steps.
• Provide clear communication on impact and next steps.

Report vulnerabilities or concerns at legal@rodiumai.io.

• Email: legal@rodiumai.io
• Website: https://rodiumai.io