Policy Gateway Security & Privacy

Service notes

• Pricing model: Usage-based pricing (~$5 per 1M tokens) billed on total tokens (input + output). See the API pricing page for current plans.
• Data retention: No prompt/output retention by default. Operational telemetry (token counts, timestamps, error codes) is retained for billing and reliability.
• Compatibility: OpenAI-style /v1/chat/completions request and response format with a base URL switch.
• Latency: Depends on model size, prompt length, and load. Streaming reduces time-to-first-token.
• Throughput: Team plans include priority throughput. Actual throughput varies with demand.
• Rate limits: Limits vary by plan and load. Handle 429s with backoff and respect any Retry-After header.

On this page

• What Policy Gateway stores
• What we do not store
• Retention
• Redaction behavior
• Scoped keys & isolation
• Audit log fields
• Export destinations
• Identifiers and privacy

What Policy Gateway stores

• Policy configuration (current config plus revision history when saved).
• Project records (name, status, monthly limits).
• Policy API key metadata (label, project_id, key_preview, revoked flags).
• Audit history entries when org_controls.audit_logs is enabled.
• Usage logs for billing (token counts, credits, timestamps).
• Quota usage counters per window (requests and tokens).

What we do not store

• Prompt, completion, and image content (processed in-memory per request).
• Raw API keys (only a hash and preview are stored).
• Full user PII unless you include it in policy metadata fields.

Retention

• Policy history is capped by POLICY_HISTORY_LIMIT (default 50) and pruned by count.
• Quota usage is keyed by window (daily/weekly/monthly) and rolls forward each window.
• Config and project records persist until updated or deleted.

Redaction behavior

• When rules.redact is true and enforcement is active, responses are pattern-redacted.
• Patterns include emails, phone numbers, SSNs, payment cards, and API keys.
• Redaction happens before streaming chunks are sent, and response text is not logged.

Scoped keys & isolation

• Create a project per app or agent to isolate budgets and audit trails.
• Scoped keys attach a project id automatically and can be revoked independently.

Audit log fields

• Common: id, type, created_at, policy_id, policy_name.
• Enforcement: decision, reason_code, triggered_categories, allowlist_hits, denylist_hits, rollout_mode, enforced.
• Metadata: policy_user, quota_subject, policy_target, project_id, project_label, data_classification, model.
• Simulation: scenario_categories plus decision metadata.
• Revision: config snapshot.

Export destinations

Forward audit logs into tools your security team already uses.

Exports are available on enterprise plans; contact help@abliteration.ai to enable a log export sink.

• Splunk HEC
• Datadog Logs
• Elastic
• Amazon S3
• Azure Monitor / Log Analytics

Identifiers and privacy

• Policy Gateway stores the identifiers you send (policy_user, policy_project_id stored as project_id, policy_target).
• policy_user and project_id are normalized to lowercase slugs; policy_target is lowercased and whitespace is collapsed.
• Avoid direct PII in identifiers if you do not want it stored.

Common errors & fixes

• 401 Unauthorized: Check that your API key is set and sent as a Bearer token.
• 404 Not Found: Make sure the base URL ends with /v1 and you call /chat/completions.
• 400 Bad Request: Verify the model id and that messages are an array of { role, content } objects.
• 429 Rate limit: Back off and retry. Use the Retry-After header for pacing.

Related links

• Policy Gateway integration contract
• Policy Gateway onboarding checklist
• Policy gateway feature page
• Rate limits and retries
• Anthropic Pentagon case explainer
• API pricing
• Privacy policy