No training on customer data
The product promise is service-level, not vague model mythology. Customer inputs should not become future training material.
Privacy
Private means operationally private.
Customer trust has to map to a real system boundary: domestic serving, no training on customer data, body logging disabled by default, and explicit retention behavior.
Founder review
One sentence. One benchmark. One obvious next step.
Operator reviewSimple pricing. Domestic routing. Honest limits.
Privacy
Trust language has to map to an implemented boundary.
The site should explain the operational reality: no training on customer data, body logging disabled by default, domestic routing for paid private traffic.
Prompt and response bodies off by default
Operational metadata is retained for reliability and billing. Body logging is debug-only, explicit, and temporary.
Domestic paid routing
Paid private traffic stays on approved US-hosted infrastructure. If no eligible region is healthy, the system fails closed.
Enterprise boundaries
Retention modes, routing classes, and account policies should be visible, auditable, and separate from public benchmark traffic.
System map
Privacy has to map to a request path.
Edge
Cloudflare handles WAF, rate limiting, and bot checks before the request reaches the product control plane.
Control plane
Toolkit resolves the account, plan, rolling limits, metered usage, and the allowed model route without default body retention.
Inference
Domestic vLLM pools on Runpod serve the request, using the backbone plus the correct adapter and region class.
Audit trail
Only operational metadata, usage, and billing records persist by default. Debug body logging is opt-in and expiring.
Toolkit-LLM
The smarter machine to buy.
Run the benchmark, inspect the routing and pricing posture, and decide with numbers instead of brand gravity.