Privacy policy
Privacy for API customers and site visitors.
Last updated: July 2, 2026
Information We Collect
For API customers, we may store contact details, customer name, plan, API key prefix, key status, usage events, request paths, response status codes, IP address, and user agent. API keys are stored as hashes, not plaintext.
Payment Information
Stripe is not wired into this MVP. If you pay manually through another provider or bank method, we store only the payment status and administrative details needed to manage access. Do not send card numbers through email or chat.
How We Use Information
We use customer and usage information to provide access, enforce rate limits, troubleshoot the API, prevent abuse, issue invoices, provide support, and improve the product.
Sharing
We do not sell customer contact information. We may share limited information with hosting, email, payment, analytics, or support providers when needed to operate the service.
Retention
We keep account, key, and usage records for as long as needed to operate the service, handle billing, meet legal obligations, resolve disputes, and maintain security logs.
Your Choices
You can request correction or deletion of customer information, subject to records we need to keep for billing, legal, or security reasons.
Security
We use hashed API keys, private runtime secrets, and restricted production storage. No system is perfectly secure, so customers should keep API keys confidential and rotate keys if exposure is suspected.
Contact
Privacy and account questions can be sent to lumi@octizo.com.