Venice serves models through two infrastructure paths, each with different data handling characteristics. Every model on the pricing page and in the model catalog is labeled with its privacy tier. For an overview of how requests are processed and Venice’s own retention policy, see Privacy.Documentation Index
Fetch the complete documentation index at: https://veniceai-experiment-guides-top-level-tab.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Private models
Private models run on Venice’s GPU fleet using open-source models. Requests do not leave Venice’s infrastructure and no third party is involved in processing. Zero Data Retention applies end-to-end. The GPU receives only the raw prompt context. No user ID, IP address, or account information is forwarded. Examples: Venice Uncensored, GLM 4.7, Qwen 3, DeepSeek V3.2, Llama 3.3, Mistral, Kokoro TTSAnonymized models
Anonymized models are served by third-party providers. Venice acts as an anonymizing proxy, stripping all identifying information before forwarding requests. Venice removes your API key, IP address, headers, and all account data. The anonymized request is forwarded to the provider under Venice’s own credentials. The provider sees Venice as the customer, not you. Venice does not log or store any prompt or response content from these requests. However, the provider’s own retention and training policies apply to the anonymized request. Examples: Claude Opus/Sonnet, GPT-5.2, Gemini 3, Grok 4.1TEE models
TEE (“Trusted Exeecution Environment”) models are a subset of Private models that run inside hardware-secured enclaves. By using TEE-enabled models, you don’t have to trust us that your inference is secure - you can prove it, by verifying the attestation yourself. See TEE & E2EE Models for the full flow. In the/models API, TEE models appear as privacy: private, with supportsTeeAttestation: true.
Examples: tee-* models such as tee-qwen3-5-122b-a10b
E2EE models
E2EE (“End to End Encryption”) models add client-side encryption on top of TEE protection. Your prompt is encrypted before it leaves your application, remains encrypted through Venice, and is only decrypted inside the attested enclave. In the/models API, E2EE models appear as privacy: private with supportsE2EE: true. E2EE requests require client-side integration and stream: true; see TEE & E2EE Models for the full flow.
Examples: e2ee-qwen3-5-122b-a10b, e2ee-glm-4-7-p, e2ee-venice-uncensored-24b-p
Provider policies
Each third-party provider has its own data handling policies for training and retention. The table below reflects the current policies as they apply to API requests.| Provider | Models on Venice | Trains on data | Retains data | Retention period | Policy |
|---|---|---|---|---|---|
| Anthropic | Claude Opus 4.5/4.6, Sonnet 4.5/4.6 | No | Yes (default) | Up to 30 days. ZDR-eligible with arrangement. | Privacy center |
| OpenAI | GPT-5.2, GPT-5.2 Codex, GPT OSS 120B | No | Yes | Up to 30 days (abuse monitoring) | Data usage policy |
| Gemini 3 Pro/Flash, Gemini 3.1 Pro | No | Yes | 55 days (abuse monitoring) | Usage policies | |
| xAI | Grok 4.1 Fast, Grok Code Fast 1 | No | Yes | 30 days (auto-deleted) | Enterprise FAQ |
| Moonshot | Kimi K2, Kimi K2.5 | Not documented | Not documented | Not documented | Terms of service |
| MiniMax | MiniMax M2.1, M2.5 | Not documented | Yes | 90 days (API logs) | Privacy policy |
Provider policies can change. Where Venice is unable to establish a clear policy for a provider, the table reflects that. Venice works with providers to maintain privacy-respecting arrangements but cannot guarantee their policies long-term.
Related
- Privacy - Venice’s own retention policy and architecture
- TEE & E2EE Models - attestation and end-to-end encryption guide
- Data Collection - what metadata Venice retains