Legal
Privacy policy
Last updated · July 4, 2026
This policy explains what n4n ("we", "us") collects when you use n4n.io, the n4n AI gateway at n4n.ai, and related n4n services — and what we do with it. The short version: we collect what we need to run your account, route your requests and bill you. We do not sell your data, and we do not use your prompts to train models.
What we collect
- Account data. When you sign in with Google we receive your name, email address and profile picture, plus a stable account identifier. We do not receive your Google password.
- API keys. Keys are stored as salted SHA-256 hashes together with a short prefix so you can recognize them. We cannot recover a full key after it is created.
- Request metadata. For each API request we record the model, provider, token counts, latency, status and cost. This powers your usage dashboard and billing.
- Billing records. Top-ups, balances and a ledger of credits and charges. Card and wallet details stay with the payment processor — we never see or store them.
- Server logs. Standard access logs (IP address, user agent, timestamps) kept for security and debugging.
Prompts and completions
The content of your requests — prompts, messages, files and model outputs — is processed in transit to fulfil your request and returned to you. We store request metadata (token counts, model, cost), not the content itself. Content is never used to train models, ours or anyone else's.
To serve a request we forward its content to the upstream model provider you selected (for example OpenAI, Anthropic or an aggregator such as OpenRouter). Their handling of that content is governed by their own terms and privacy policies.
Cookies
We set a single HttpOnly session cookie (n4n_session) after you sign in, so we know it's you. We do not use advertising cookies or third-party trackers.
Payments
Credit top-ups are processed by PayPal or a cryptocurrency payment processor. We receive a confirmation of your payment (amount, status, a transaction reference) but not your payment credentials.
How long we keep data
- Account and billing records: for as long as your account exists, and afterwards as required for accounting and tax law.
- Request metadata: retained to provide usage history; you can ask us to delete it.
- Server logs: rotated on a short schedule, typically within 30 days.
Your rights
You can ask us to export or delete the personal data we hold about you, correct inaccurate data, or close your account entirely. Email support@n4n.io and we will respond within 30 days. If you are in the EEA or UK, you also have the right to lodge a complaint with your local supervisory authority.
Security
All traffic is encrypted in transit with TLS. API keys are stored only as hashes, sessions are opaque server-side tokens, and access to production systems is restricted. No system is perfectly secure — if we learn of a breach affecting your data we will notify you without undue delay.
Children
n4n services are not directed at children under 16, and we do not knowingly collect their data.
Changes
If we change this policy we will update the date at the top of this page, and for material changes we will notify you by email or in the console before they take effect.
Contact
Questions about privacy: support@n4n.io.