Your Data
We never store your actual request data. Instead, we convert it into a secure hash (akin to an encrypted code) using SHA256. Thus, we don't store your request (which might have user data in it like "SomeUser loves this program") but only the response (ex. "user sentiment in this sentence is happy"). To make it more secure we only share that response with people who know the request. So unless your response required authorization (see section on "What should not be cached?) they are getting the exact same answer they would have got anyhow.
API Keys
We only store the last 3 characters of your API keys and only so you can see how much it is used in your admin dashboard and pull your settings for that call. Since we don't store it you need to leave your API key (BEARER token, etc) alone as if you where calling the API directly. This is because if it is not cached we are just passing on the request as is.
Cache Control
We prioritize data freshness and accuracy. Hence, we adhere to cache instructions (known as "CacheControl headers") from both the request and the API source. If any party indicates data shouldn't be cached, we respect that directive.