How does MegaLLM pricing work?

Pay only for what you use with transparent per-token pricing. We add a small markup (typically 2%) on top of provider costs to cover infrastructure and features. No monthly fees, no minimums. Volume discounts available for enterprise usage with over 10M tokens per month.

How quickly can I migrate from OpenAI?

Migration takes less than 5 minutes. Our API is OpenAI-compatible - just change your base URL and API key. We provide migration scripts for Python, Node.js, and popular frameworks. Your existing prompts and parameters work without modification.

Which models and providers do you support?

Access 70+ models including GPT-5/4/3.5, Claude 4/3/3.5, Gemini Pro/Ultra, Llama 4, Mistral, Command R+, and more. We add new models within 24-48 hours of release. Custom model endpoints and fine-tuned models are also supported.

How do fallbacks and retries work?

Configure primary and backup models with automatic failover on errors, rate limits, or timeouts. Set fallback chains (e.g., GPT-5 → Claude → Gemini) with configurable retry logic. Transparent to your application - same response format regardless of which model responds.

MegaLLM - One API for 70+ LLMs | AI Gateway for Developers

1. Controller Identity (GDPR Art. 13(1)(a))

Data Controller

Ghostlytics Payments Pvt. Ltd.
No. 472/7, Balaji Arcade, AVS Compound
20th L Cross Road, AVS Layout, Ejipura
Koramangala, Bengaluru - 560095, India

Data Protection Officer

dpo@megallm.io

EU Representative (GDPR Art. 27)

DataRep, The Cube, Monahan Road
Cork, T12 H1XY, Republic of Ireland
Contact: megallm@datarep.com

UK Representative (UK GDPR Art. 27)

DataRep, 107 Cheapside
London, EC2V 6DN, United Kingdom
Contact: megallm@datarep.com

2. Information We Collect

2.1 Account Data (You Provide)

Full name or organization name
Email address
Password (stored hashed only; we never store plaintext passwords)
Company/organization name (if applicable)
Billing address
Payment method details (processed and stored by Stripe; we do not store full card numbers)
Tax identification numbers (if provided for invoicing)
Phone number (if provided for two-factor authentication or account recovery)

2.2 Support Data

Content of messages, emails, support tickets, live chat transcripts (via Intercom), and attachments you provide when contacting us.

2.3 API Data

Input Data: Prompts, instructions, and content submitted through the API.
Output Data: AI-generated responses returned by third-party providers.
Usage Metadata: Request timestamps, model selected, token counts (input and output), response latency, HTTP status codes, API key identifier (hashed), IP address of requesting system, request headers (excluding content), provider routing decisions, failover events.

By default, MegaLLM does NOT retain API request or response logs (Input/Output Data). You may opt in to log retention (up to thirty (30) days) through the dashboard. Even when logging is enabled, you may reduce or disable retention at any time. MegaLLM may retain minimal metadata as required for billing metering and compliance regardless of your logging preferences.

2.4 Automatically Collected Data

IP address, browser type/version, operating system, device type
Referring URL, pages visited, navigation paths, time on page
Search queries within documentation
Language and timezone settings
Cookies and similar technologies (see Cookies Policy)

2.5 Information We Do NOT Collect

MegaLLM does not knowingly collect: Social Security numbers or government IDs (except tax IDs for invoicing), biometric data, genetic data, health or medical information, or data from children under 18.

3. Lawful Bases for Processing (GDPR Art. 6)

Data Category	Lawful Basis	GDPR Article	Details
Account Data	Contractual necessity	Art. 6(1)(b)	Required to provide the Service
Billing Data	Contractual necessity	Art. 6(1)(b)	Required to process payments
Input/Output Data (as processor)	Customer's instruction	Art. 28	Processed on your behalf per DPA
Usage Metadata	Legitimate interest	Art. 6(1)(f)	Analytics, security, abuse prevention
Tax Records	Legal obligation	Art. 6(1)(c)	Tax and regulatory compliance
Support Data	Contractual necessity	Art. 6(1)(b)	Required to provide support
Cookie Data (analytics)	Consent	Art. 6(1)(a)	See Cookies Policy for details
Cookie Data (essential)	Legitimate interest	Art. 6(1)(f)	Required for site functionality

Where we rely on legitimate interest (Art. 6(1)(f)), we have conducted legitimate interest assessments. You may request a copy of the relevant assessment by contacting dpo@megallm.io.

4. How We Use Information

4.1 Purposes

We use information to:

Provide, operate, and maintain the Service
Process payments and billing
Respond to support requests
Detect, prevent, and address fraud, abuse, and security incidents
Comply with legal obligations
Analyze usage to improve the Service
Send service-related communications

4.2 Data Use Guarantee

MegaLLM does not use Input Data or Output Data to train, fine-tune, or improve any machine learning model — whether MegaLLM's own or any third party's. See Section 8.3 of the Terms of Service.

5. Data Sharing and Disclosure

5.1 Third-Party AI Model Providers

Your Input Data is transmitted to the third-party model provider that processes your request. Each provider's handling of data is governed by their own privacy policy and terms. MegaLLM does not control providers' data practices. A list of providers and links to their terms is at https://megallm.io/providers.

5.2 Service Providers (Sub-Processors)

We share data with categories of service providers including:

Category	Purpose	Examples
Cloud Infrastructure	Hosting and compute	AWS, GCP, Cloudflare
Payment Processing	Billing and payments	Stripe
Analytics	Website and product analytics	Google Analytics, Mixpanel, PostHog
Customer Support	Live chat and ticketing	Intercom
Email	Service communications	SendGrid

A current list of sub-processor categories is at https://megallm.io/legal/sub-processors.

5.3 Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of MegaLLM, our users, or the public.

5.4 Business Transfers

In connection with a merger, acquisition, or sale of assets, personal information may be transferred. We will notify you of any such change.

5.5 No Sale of Personal Information

MegaLLM does not sell or share personal information as defined by CCPA/CPRA. We do not use personal information for cross-context behavioral advertising.

6. International Data Transfers

6.1 Transfer Mechanisms

MegaLLM is based in the United States. Personal data from the EEA, UK, or Switzerland is transferred using: (a) Standard Contractual Clauses (SCCs) approved by the European Commission (Decision 2021/914) with Module 2 and Module 3; (b) adequacy decisions where applicable; or (c) other approved mechanisms under GDPR Chapter V. MegaLLM has conducted Transfer Impact Assessments (TIAs) for material third-country transfers.

6.2 China-Based Providers

Certain AI model providers (including DeepSeek, Alibaba/Qwen) are based in the People's Republic of China. When you use these models, Input Data may be transmitted to China, subject to PIPL and Data Security Law. Users processing EEA/UK personal data should exclude these providers using the x-megallm-exclude-providers header or the EU-only routing option on Business/Enterprise tiers.

7. Data Retention

Data Category	Retention Period
Account Data	Duration of account + 12 months post-deletion
Billing/Invoice Data	7 years (tax and legal obligation)
Input/Output Data (logs)	Not retained by default; up to 30 days if opt-in enabled
Usage Metadata	24 months
Support Data	24 months after ticket resolution
Cookie Data	See Cookies Policy

Upon account deletion, MegaLLM deletes or anonymizes personal data within the retention periods above, except where longer retention is required by law.

8. Your Rights

8.1 GDPR Rights (EEA/UK/Swiss Users)

You have the right to:

Access — obtain a copy of your personal data
Rectification — correct inaccurate data
Erasure ("right to be forgotten") — request deletion of your data
Restriction — limit how we process your data
Data Portability — receive your data in JSON/CSV format, available through the dashboard during the active contract period (not only at termination)
Objection — object to processing based on legitimate interest
Withdraw Consent — at any time, without affecting prior processing

To exercise these rights, contact dpo@megallm.io. We respond without undue delay, and within thirty (30) days per GDPR Art. 12(3). Extensions of up to sixty (60) additional days may be necessary for complex requests, in which case we will inform you within the initial thirty (30) day period.

You have the right to lodge a complaint with your local data protection supervisory authority.

8.2 CCPA/CPRA Rights (California Residents)

You have the right to:

Know what personal information is collected and how it is used
Delete personal information
Correct inaccurate personal information
Opt Out of sale/sharing — we do not sell PI, but the mechanism is at https://megallm.io/privacy/do-not-sell
Non-Discrimination for exercising your rights

Categories of PI Collected

Identifiers (name, email, IP); commercial information (billing, usage); internet activity (pages visited, API usage); professional information (company, role); payment information (via Stripe).

Purposes

Service delivery, billing, security, analytics, legal compliance.

Categories of Third Parties Receiving PI

AI model providers, payment processors, analytics providers, cloud infrastructure providers, customer support providers.

We do not use or disclose sensitive personal information for purposes other than those permitted by CCPA Section 1798.121.

8.3 Other Jurisdictions

We respect privacy rights under applicable law in all jurisdictions. Contact dpo@megallm.io with any request.

9. Security

MegaLLM implements commercially reasonable security measures including: TLS 1.2+ encryption in transit, AES-256 encryption at rest, API key hashing and per-key scoping, role-based access controls, and security monitoring. MegaLLM maintains technology errors and omissions (E&O) and cyber liability insurance. No method of transmission or storage is 100% secure, and MegaLLM cannot guarantee absolute security.

10. Data Breach Notification

In the event of a personal data breach affecting your data, MegaLLM will notify you without undue delay, and in any event within forty-eight (48) hours of becoming aware of the breach. The notification will include: the nature of the breach, categories and approximate number of records affected, likely consequences, and measures taken or proposed. This timeline enables you to meet your own seventy-two (72) hour notification obligation to supervisory authorities under GDPR Art. 33.

11. Children's Privacy

The Service is not directed at individuals under 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, contact dpo@megallm.io.

12. Data Processing Agreement

Where MegaLLM processes personal data on your behalf (as processor), the Data Processing Agreement (DPA) governs. The DPA is set forth in Appendix A of the Terms of Service and is automatically binding upon acceptance.

13. Changes to This Policy

MegaLLM may update this Policy at any time. Material changes will be communicated via email or dashboard notification. Changes will be posted at https://megallm.io/privacy with an updated "Last Updated" date. Continued use after changes take effect constitutes acceptance.

14. Contact Information

Privacy Policy

TABLE OF CONTENTS