Privacy Policy
Effective Date: September 6, 2025
APICrusher ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.
1. Information We Collect
Information You Provide:
- Account Information: Email address and company name when you sign up
- Payment Information: Processed securely through Stripe (we never see your card details)
- API Usage Metrics: Aggregate statistics about your API optimization (models used, cost savings)
Information We Do NOT Collect:
- Your API keys (OpenAI, Anthropic, etc.) - these remain local to your environment
- API request content or responses
- Personally identifiable information from your API calls
- Sensitive business data or prompts
2. How We Use Your Information
We use the information we collect to:
- Provide and maintain our optimization service
- Process payments and manage subscriptions
- Send service-related emails (magic links, trial reminders, usage reports)
- Generate anonymous aggregate statistics
- Improve our optimization algorithms
- Comply with legal obligations
3. Data Security
We implement industry-standard security measures:
- All data transmitted over HTTPS/TLS encryption
- Database encryption at rest
- Regular security audits
- Limited access controls
- Secure session management with JWT tokens
4. Third-Party Services
We use the following third-party services:
- Stripe: Payment processing (PCI compliant)
- Render: Infrastructure hosting
- Resend: Transactional email delivery
Each service has its own privacy policy and security standards.
5. Data Retention
- Account data: Retained while your account is active
- Usage metrics: Aggregated data retained for 12 months
- Payment records: As required by law (typically 7 years)
You may request deletion of your account at any time by emailing us.
6. Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your data in a portable format
- Opt out of marketing communications
7. GDPR Compliance
For users in the European Economic Area (EEA):
- Legal basis for processing: Legitimate interests and contractual necessity
- Data Protection Officer contact: hello@apicrusher.com
- Right to lodge complaints with supervisory authorities
8. California Privacy Rights
California residents have additional rights under CCPA:
- Right to know what personal information is collected
- Right to delete personal information
- Right to opt-out of sale (we do not sell personal data)
- Right to non-discrimination
9. Children's Privacy
Our service is not directed to individuals under 18. We do not knowingly collect personal information from children.
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or service notification.
11. Contact Us