Privacy Policy

Distill.ai ("we", "us", "our") is a model distillation platform operated from India. We help businesses fine-tune AI language models on their own data. Our service is available at distillfast.com.

For any privacy-related questions, contact us at hello@distillfast.com.

Account information: Name, email address, and password (hashed — we never store plain-text passwords) when you register.

Uploaded data: Datasets, JSONL files, and training examples you upload to our platform. This data is stored in AWS S3 (Mumbai region, ap-south-1) and used solely to perform the services you request.

Usage data: API call counts, token usage, latency, and job history — used for billing, rate-limiting, and improving the service.

Payment information: We use Razorpay to process payments. We do not store your card numbers or UPI credentials. Razorpay's privacy policy governs payment data.

Technical data: IP address, browser type, and access logs for security and debugging purposes.

• Provide and operate the Distill.ai platform
• Process training jobs and store fine-tuned model adapters
• Calculate and bill usage
• Send transactional emails (job completion, billing receipts)
• Improve our models and platform performance
• Comply with legal obligations

We do not use your uploaded datasets to train our own models or any third-party models. Your data stays yours.

We do not sell your personal data. We share data only with:

• AWS — cloud infrastructure and storage (ap-south-1)
• Razorpay — payment processing
• Anthropic — synthetic data generation (your seed examples may be sent to Claude API; no data is retained by Anthropic beyond their standard API terms)

All sub-processors are contractually bound to protect your data.

All data is stored on AWS infrastructure in the Mumbai region (India). We use:

• Encryption at rest (AES-256) and in transit (TLS 1.2+)
• JWT-based authentication with short-lived access tokens
• API keys with per-key rate limiting
• IAM roles with least-privilege access on AWS

No security system is 100% foolproof. In the event of a data breach, we will notify affected users within 72 hours.

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where required by law (e.g., billing records retained for 7 years per Indian GST requirements).

Uploaded datasets and model adapters are deleted immediately upon your request or account deletion.

You have the right to:

• Access — request a copy of all data we hold about you
• Correction — update inaccurate data via your dashboard
• Deletion — delete your account and all associated data
• Portability — export your datasets and usage history
• Opt-out — unsubscribe from non-transactional emails at any time

To exercise these rights, email hello@distillfast.com. We respond within 7 business days.

We use only essential cookies required for authentication (JWT tokens stored in localStorage). We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

Distill.ai is not intended for anyone under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it immediately.

We may update this policy as the product evolves. We will notify you by email and post the updated policy at distillfast.com/privacy at least 14 days before changes take effect. Continued use after that date constitutes acceptance.

This policy is governed by the laws of India, including the Information Technology Act 2000 and the Digital Personal Data Protection Act 2023 (DPDPA). Any disputes shall be subject to the exclusive jurisdiction of courts in India.