How we handle data.

How Switchboard, operated by DW Labs, handles data for the site, hosted API, billing, and CLI account features. Your provider accounts, API keys, and local model config stay on your machine.

The minimum needed to authenticate you, grant credits, classify requests, show usage, and support the service.

• Account: email, auth profile, session records, device names, token hashes.
• Billing: Stripe customer IDs, Checkout Session IDs, payment status, top-up amounts, ledger entries.
• Usage: request hashes, difficulty scores, tier choice, timestamps, credit debits.
• Classifier packets: truncated snippets of the latest request, recent assistant text, tool output, and errors when available.
• Operational metadata: IP-derived metadata, auth headers, rate-limit data, and logs.

Switchboard does not proxy your full provider request. The CLI sends a compact routing summary so the API can score difficulty and debit one credit on success.

Snippets in that summary are used to preserve routing quality. They are not used by Switchboard to train a model.

Processed by Stripe. We don't store full card numbers or CVCs — only the Stripe identifiers and metadata needed to reconcile top-ups, grant credits, and answer support questions.

Supabase (auth + database), Cloudflare (API Worker, classifier, rate limiting), Stripe (payments). They process data only as needed to deliver, secure, or bill the service. We do not sell personal data.

We keep account, billing, and usage records as long as needed to run Switchboard, meet payment and accounting obligations, prevent abuse, and resolve disputes. We use access controls, hashed session tokens, and provider-managed infrastructure. Keep your machine and tokens secure.

You can log out, revoke local sessions, stop using classification, or contact us about access, export, correction, or deletion. Some billing and ledger records may be retained for legal or anti-abuse reasons.

We may update this policy. Material changes will update the date above with reasonable notice.