Legal
Privacy Policy
Last updated: April 30, 2026
The short version. Metriq is open-source software you can run on your own machine. The code is licensed under BSL 1.1 and lives at github.com/karinje/metriq. Notebook content, queries, and data on the self-hosted free notebook never reach our servers. This policy covers our website, signup flow, and the cloud LLM gateway you may opt into.
1. What we collect
On the website (usemetriq.com)
- HTTP request logs at the Cloudflare edge: IP address, user-agent, country, requested URL, response code. Cloudflare retains these for security and analytics; we do not separately store them.
- If you submit a form (signup, topup), we collect the fields you submit (email, name) plus the IP that submitted them.
In the open-source notebook (self-hosted)
- Nothing. All notebook content, kernel state, agent traces, queries, and data live on your machine. The open-source code does not phone home.
- If you configure cloud LLM providers (Anthropic, OpenAI, Google, OpenRouter, Metriq Cloud), prompts and responses transit those providers per their privacy policies.
When you sign up for a Metriq Cloud key
- Email address (required to receive your API key).
- Authentication identifier from your chosen OAuth provider (Google, GitHub) or email magic link, mediated via Clerk.
- Trial budget usage (token counts, request counts, timestamps) tracked in our LiteLLM proxy for rate limiting and billing.
- If you top up credits via Stripe: payment metadata (last 4 of card, billing country) returned by Stripe. We do not store full card numbers.
2. What we don't collect
- Your notebook contents (cell code, outputs, queries) on the self-hosted free notebook.
- Your data warehouse contents. We never proxy or store query results from your databases.
- Full credit card numbers (Stripe handles those).
- Telemetry from the open-source notebook beyond crash reports you explicitly opt into via
METRIQ_TELEMETRY=1.
3. Sub-processors
We use the following third parties to operate the website, signup flow, and LLM gateway:
| Sub-processor | What it does |
|---|---|
| Cloudflare | Website hosting (Pages), DNS, CDN, Workers, KV, Turnstile CAPTCHA |
| Clerk | User authentication (Google / GitHub / email magic link) |
| Stripe | Payment processing for credit top-ups |
| Resend | Transactional email (delivers your API key after signup) |
| Fly.io | Hosts our LiteLLM proxy (api.usemetriq.com) |
| Langfuse | LLM observability — request/response logging for proxy debugging and rate-limit enforcement |
| Anthropic, OpenAI, Google, OpenRouter | LLM inference, only when you route through Metriq Cloud. Bypassed if you bring your own API keys or run Ollama locally. |
4. Data retention
- Account data (email, auth identifier, key metadata): retained while your account is active. Deleted within 30 days of account deletion request.
- LLM proxy logs (prompts and responses transiting Metriq Cloud): retained 30 days for debugging and abuse detection, then purged.
- Billing records: retained 7 years per US tax/accounting requirements.
- Cloudflare edge logs: retained per Cloudflare's defaults (typically 30 days).
5. Your rights
You can request access to, correction of, or deletion of any personal data we hold about you. Email privacy@usemetriq.com. We respond within 30 days.
If you're in the EU/UK, you have additional rights under GDPR including data portability and the right to object. Same email applies.
6. Security
TLS in transit on all surfaces (Pages, Workers, LiteLLM proxy). Authentication tokens stored hashed. API keys encrypted at rest. Report security issues responsibly to security@usemetriq.com — please do not file public GitHub issues for vulnerabilities.
7. Changes
We update this policy when we change what we collect or how we use it. Material changes are announced via email to active users at least 30 days before they take effect.
8. Contact
Questions about this policy: privacy@usemetriq.com
v1 boilerplate. Attorney-reviewed text replaces this before scaling beyond beta.