Privacy Policy
Last updated: February 2026
In this Privacy Policy, “Pipelex” refers to Evotis S.A.S. and its affiliates. We are committed to protecting your personal data and being transparent about what we collect and why.
Our guiding principle is simple: We build tools for agents and humans, not surveillance for users. We only process information necessary to provide you with the best possible experience and to improve our software.
This policy distinguishes between three types of interactions:
- As a Visitor to our public website.
- As a User of the Pipelex Open Source Software and Closed Source Products.
- As a Subscriber to Pipelex Cloud services.
1. As a Visitor to the Website
We use Google Analytics to understand how developers find our documentation and which pages are most useful.
Public Browsing (Logged Out)
When you browse pipelex.com or our docs without logging in:
- What we track: Pages visited, referrer (where you came from), device type, and approximate location (country/city) derived from IP.
- Your Privacy: We do not link this data to your personal identity. Google Analytics uses cookies to identify a “session,” but we do not upload your name or email to Google Analytics in this state.
- Opt-Out: You can prevent Google Analytics from using your data by installing the Google Analytics Opt-out Browser Add-on.
Authenticated Usage (Logged In)
When you log in to the Pipelex Dashboard or Cloud platform using Google or GitHub SSO:
- Data Association: To provide a seamless experience, we may associate your analytics session with your internal User ID. This helps us understand how specific features are used by our customers.
- SSO Data: When you authenticate via Google or GitHub, we receive your email address, name, and profile avatar. We use this strictly for account creation, identification, and communication. We do not sell this contact information.
2. As a User of Pipelex Software
When you use the Pipelex Software with your own keys, you are in full control of your data observability.
Custom Telemetry (User-Controlled)
As detailed in our documentation, Pipelex supports Custom Telemetry. This allows you to send traces and logs to your own observability backends (e.g., your own PostHog instance, Langfuse, or OTLP collectors).
- Configuration: Controlled via
.pipelex/telemetry.toml. - Default: Disabled by default (
pipelex init telemetrycreates the file with options disabled).
Privacy:
- PostHog: Supports redaction. You can enable redaction to strip sensitive properties (like prompts/completions) before sending.
- Langfuse & OTLP: These exporters receive full span data (including prompts and completions) because they are designed for your internal observability. Enable these only if you trust the destination endpoint.
Our Access: Pipelex S.A.S. does not have access to your Custom Telemetry stream unless you explicitly configure the endpoint to a server we own (which is not the default).
3. As a Subscriber to Pipelex Cloud Services
When you use Pipelex Cloud Services (such as our AI inference service “Pipelex Gateway”) to host workflows or proxy inference requests, we act as a processor of your data.
Gateway Telemetry (Pipelex-Controlled)
When you use Pipelex Gateway as your inference backend, Gateway Telemetry is automatically enabled. This is a separate stream tied to your Pipelex Gateway API Key.
What We Collect:
- Metadata: Model names (e.g., gpt-4o, nano-banana), Pipe types (e.g., PipeLLM, PipeSequence), and parameters (e.g., temperature, max_tokens, width, height, structuring_method).
- Usage Metrics: Input/Output token counts and latency.
- Reliability: Errors (e.g., error codes and error types).
What We NEVER Collect:
- ✘Your Prompts & Completions: The actual content (e.g., text, images) sent to/from the AI models.
- ✘File Contents: Business data, documents, or images processed by the AI models.
- ✘Workflow Logic: The specific code or logic inside your workflows.
This data is used to improve the product, enforce fair usage limits, calculate billing, and monitor service health.
Cloud Infrastructure
Hosting: Our platform is hosted on AWS (Amazon Web Services) in various locations. Data is secured according to industry standards.
AI Model Providers & Data Routing
Pipelex Gateway acts as an intelligent orchestration layer. When you execute a workflow, your inputs (prompts, files, text) are routed to specific inference providers.
Dynamic Routing & Hosting:
Unlike a simple proxy, the specific provider used may be determined by Pipelex’s internal configuration to ensure reliability. This includes mechanisms for load balancing and automatic fallbacks (e.g., switching to a backup provider if the primary is down). Additionally, some models are hosted directly by Pipelex (“Internal”) within our own cloud infrastructure.
Authorized Providers:
Your data may be processed by one or more of the following providers, depending on the models selected and our optimization logic:
- Anthropic
- AWS Bedrock
- Azure OpenAI
- Blackbox AI
- Fal.ai
- Google (Gemini / Vertex AI)
- Groq
- Internal (Hosted directly by Pipelex; covered by this Privacy Policy)
- Mistral AI
- Ollama (Note: When used via Pipelex Gateway, Ollama instances are typically hosted on our “Internal” infrastructure)
- OpenAI
- Portkey
- Scaleway
- xAI
Note: We continuously evaluate new technologies. We reserve the right to add new high-performance providers to this list to improve service quality.
Data Usage & No-Training Guarantee:
Your privacy is our priority.
- Pipelex: We do not use your data (inputs or outputs) to train our own internal AI models.
- Providers: We utilize enterprise-grade API agreements with these providers. Under their respective policies applicable to our commercial contracts, they strictly commit not to use data sent via the API to train or improve their foundation models.
Authentication & API Keys
- Portkey: We use Portkey.ai to securely generate and manage Gateway API keys.
- SSO: We rely on Google and GitHub for secure authentication. We do not store user passwords.
Payment Information
Lemon Squeezy: We act as the software provider; Lemon Squeezy is our Merchant of Record. They handle all payment processing and PCI compliance. We do not store credit card details.
Mandatory Telemetry
For Gateway and Cloud users, telemetry is mandatory in accordance with our terms of use for billing and license verification.
By using these services, you explicitly agree that:
- You must not set the
DO_NOT_TRACKenvironment variable within the cloud/gateway context. - You must not alter the Pipelex source code to block the “Gateway Telemetry” stream.
4. Global Kill Switch (DO_NOT_TRACK)
For local usage or self-hosting, we respect the universal privacy standard.
Setting the environment variable DO_NOT_TRACK=1 will strictly disable ALL telemetry (both Custom and Gateway streams).
Note: As mentioned above, setting this variable will cause the Pipelex Gateway service to stop functioning immediately.
5. Contact
For questions regarding this policy or your data rights (access/deletion), please contact us at: privacy@pipelex.com
Evotis SAS10 Rue Mabillon
75006 Paris
France