Legal
Privacy Policy
Last Updated: June 20, 2026
Operated by HIGH ORDER TECHNOLOGY PTE. LTD., registered in Singapore.
1. Introduction
TokenPortal ("we," "us," "our") is operated by HIGH ORDER TECHNOLOGY PTE. LTD. ("Company"), registered in Singapore. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website, APIs, and related services (the "Service"). We are committed to protecting your privacy and handling your personal data in accordance with applicable data protection laws, including the Singapore Personal Data Protection Act 2012 ("PDPA").
2. Data We Collect
2.1 Information You Provide
| Category | Examples | Purpose |
|---|---|---|
| Account Data | Email address, name, account credentials (hashed) | Account creation, authentication, communication |
| Verification Data | Government ID, name, date of birth, facial image | Identity verification (KYC) for certain features |
| Payment Data | Payment method information | Processing payments through our payment processor |
| Content Data | Prompts, inputs, and other content you submit to the Service | Providing the Service, content safety review |
2.2 Information Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Usage Data | API calls, token consumption, model selections | Billing, service improvement, analytics |
| Technical Data | IP address, browser type, device information, timestamp | Security, fraud prevention, service optimization |
| Session Data | Login timestamps, session duration | Security monitoring |
We do not sell your personal data to third parties, collect sensitive biometric data beyond KYC requirements, track your activity across other websites, or use your input content to train AI models.
3. How We Use Your Data
3.1 Service Delivery: To provide, maintain, and improve the Service, including processing API requests, managing your account, and providing customer support. 3.2 Billing and Payments: To process payments, calculate usage charges, and maintain financial records. 3.3 Security and Fraud Prevention: To detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal activities. 3.4 Content Safety: To review content for compliance with our Acceptable Use Policy. This may involve sending a sample of API request content (prompt and completion only, not associated with your identity) to third-party AI safety services for automated content moderation. See Section 7. 3.5 Communications: To send service-related notifications (account updates, security alerts, billing notices) and, with your consent, promotional communications. 3.6 Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.
4. Legal Basis for Processing
We process personal data based on: • Contractual necessity: Processing required to provide the Service under our Terms of Service • Legitimate interests: Fraud prevention, security, service improvement • Legal obligation: Compliance with applicable laws and regulations • Consent: Where required by law or where you have explicitly provided consent
5. Data Sharing and Disclosure
5.1 Payment Processors: Payment information is processed by our payment service provider (MartianPay) and is subject to their privacy policy. 5.2 Content Safety Services: A sample of API request content may be processed by third-party AI safety services for automated content moderation. Such samples contain only the text of the prompt and completion, not associated with your identity. 5.3 Service Providers: We engage trusted third-party service providers to assist with infrastructure, email delivery, analytics, and other operational functions. These providers are bound by data processing agreements. 5.4 Legal Requirements: We may disclose information if required by law, court order, or governmental authority. 5.5 Business Transfers: In the event of a merger, acquisition, or asset sale, personal data may be transferred as part of the transaction.
6. Data Storage and Retention
Your personal data is stored on servers located in Singapore and Hong Kong. We retain personal data only as long as necessary:
| Data Category | Retention Period |
|---|---|
| Account Data | Duration of account + 90 days after deletion |
| Verification Data | Duration of verified status + 90 days after unverification |
| Payment Records | 7 years (legal requirement) |
| Usage / Technical Data | Rolling 30 days |
| Content Safety Samples | 30 days after review |
7. Content Safety Review
7.1 To maintain a safe environment, we perform automated content safety reviews on a sample of API requests. 7.2 Such reviews may involve sending the text content of prompts and completions to third-party AI safety services for automated analysis for harmful content categories including but not limited to: child safety, violence, hate speech, harassment, and self-harm. 7.3 Review Content is stripped of user identification before transmission. The review service receives only the text and does not receive your name, email, IP address, or account identifier. 7.4 Review Content samples are retained for no more than 30 days and are used solely for content safety purposes. 7.5 You acknowledge and agree to this content safety review process. This review is a security measure and cannot be opted out of.
8. Your Rights and Choices
Depending on your jurisdiction, you may have the following rights: • Access: Request a copy of personal data we hold about you. • Correction: Request correction of inaccurate or incomplete personal data. • Deletion: Request deletion of your personal data, subject to legal retention requirements. • Data Portability: Request a copy of your data in a structured, machine-readable format. • Withdraw Consent: Withdraw consent where processing is based on consent. • Communication Preferences: Opt out of promotional communications at any time. Service-related communications cannot be opted out of. To exercise these rights, contact us at privacy@tokenportal.ai. We will respond within the timeframe required by applicable law.
9. Cookies and Tracking
We use essential cookies necessary for the operation of the Service (authentication, session management, security). We use analytics cookies to understand how the Service is used; you may disable non-essential cookies through your browser settings. We do not use advertising cookies or third-party tracking cookies.
10. Data Security
We implement appropriate technical and organizational measures to protect personal data, including: • Encryption of data in transit (TLS 1.3) and at rest (AES-256) • Hashing of passwords and sensitive identifiers • Access controls and audit logging • Regular security assessments No method of transmission or storage is completely secure. We cannot guarantee absolute security of your data.
11. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it promptly.
12. Contact Us
Data Protection Officer: To be appointed Email: privacy@tokenportal.ai Address: HIGH ORDER TECHNOLOGY PTE. LTD., 1 North Bridge Road, #18-06, High Street Centre, Singapore 179094
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy on our website and, where reasonably practicable, by email. Continued use of the Service after changes take effect constitutes acceptance.