Privacy Policy

Effective Date: October 1, 2025

Defapi is committed to protecting your privacy. Learn how we collect, use, and protect your personal information in compliance with GDPR, CCPA, and other privacy regulations.

Defapi ("we," "our," or "service provider") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI API gateway services. By using our services, you agree to the collection and use of information in accordance with this policy.

This policy applies to all users of our services, including users from the European Union, United States, and other jurisdictions. We comply with applicable privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations.

Information We Collect

We only collect basic information necessary to provide our services:

Account Information

Basic information needed to create and manage your account:

  • Email address (for account creation and login)
  • Basic account information
  • Support requests and important notifications

Technical Information

Technical data required for service operation:

  • API keys (stored in encrypted form)
  • Basic usage logs
  • Error reports (for service improvement)

Payment Information

Information needed for payment processing:

  • Payment information (processed securely by third parties)
  • Transaction records

How We Use Your Information

We use your information for specific, legitimate purposes as outlined below:

Service Provision

  • βœ“Providing access to AI model APIs
  • βœ“Managing your account and preferences
  • βœ“Providing technical support and assistance
  • βœ“Improving and maintaining our services

Communication

  • βœ“Sending transactional emails (billing, security alerts)
  • βœ“Responding to your inquiries and support requests
  • βœ“Providing service updates and maintenance notices
  • βœ“Sending marketing communications (with consent)

Billing and Financial Management

  • βœ“Processing payments and managing billing
  • βœ“Preventing and detecting fraudulent activities
  • βœ“Financial reporting and analysis

Legal Compliance and Security

  • βœ“Complying with legal obligations
  • βœ“Monitoring for security threats and abuses
  • βœ“Resolving disputes and enforcing our terms

Information Sharing

We do not sell your personal information. We only share information with trusted service providers to operate our services (such as payment processors and cloud infrastructure) or when required by law to protect our rights or comply with legal processes.

Service Providers

We work with trusted third-party service providers:

  • Payment processors (Stripe) for billing
  • Cloud infrastructure (AWS/Google Cloud)
  • Basic analytics for service improvement

Data Retention

We retain your personal information only as long as necessary:

  • β€’While your account is active to provide services.
  • β€’After account closure, we retain necessary data for legal compliance and tax requirements. For fraud prevention (e.g., preventing abuse of new user credits), we retain an anonymized, salted cryptographic hash of your email address.
  • β€’You can request deletion, but we may need to retain certain records for legal obligations.

Data Security Measures

We implement reasonable security measures to protect your information:

Security Measures

  • πŸ”Industry-standard encryption for data storage and transmission (SSL/TLS).
  • πŸ›‘οΈStrict access control: Only the administrator has access to the database and sensitive information.
  • ⚠️While we strive to protect your data, please note that no system can guarantee 100% security.

International Transfers

Your information may be processed in countries outside your residence where our servers are located. We ensure appropriate safeguards are in place to protect your data in accordance with this policy.

Your Rights and Choices

Depending on applicable laws, you may have the following rights:

πŸ”Access your personal information

✏️Correct inaccurate information

πŸ—‘οΈRequest deletion of your personal information (subject to legal requirements)

How to Exercise Your Rights

To exercise these rights, please contact us at [email protected]. We will process your request in accordance with applicable law. For complex requests or requests requiring data retrieval from multiple systems, we may need additional time. We will process requests within a reasonable time as permitted by law.

Please note that we may need to retain certain data even if you request deletion, to handle disputes, comply with legal obligations, or protect legitimate interests. During dispute processing, we will retain relevant data until the dispute is fully resolved.

Children's Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children.

Cookies and Tracking Technologies

We use cookies and similar technologies to provide, secure, and improve our services:

Essential Cookies

Required for the operation of our services, including authentication and security

Functional Cookies

Enable enhanced functionality and personalization features

Analytics Cookies

Help us understand how our services are used and improve them

Advertising Cookies

Used to deliver relevant advertisements (only with your consent)

Controlling Cookies

You can control cookies through your browser settings and our cookie preferences panel

Third-Party Services and Integrations

Our services may integrate with or link to third-party services:

πŸ’³Payment Processors

Stripe, PayPal, and other payment processors for billing services

πŸ“ŠService Experience Analytics (Enabled by Default)

We use anonymous analytics data to understand how users interact with our services so we can continuously improve our products. This data does not contain personally identifiable information. This feature is enabled by default to provide the best service experience. If you have privacy concerns, you can contact us to disable it at any time.

πŸ€–AI Model Providers

OpenAI, Anthropic, Google, and other AI model providers

These third-party services have their own privacy policies and data practices. We are not responsible for their privacy practices.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons.

We may notify you of any material changes by:

πŸ“§Emailing the address associated with your account
🌐Posting the updated policy on our website
πŸ””In-app notifications for significant changes

Changes will become effective when posted unless otherwise specified.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

πŸ“§Email: [email protected]
πŸ›‘οΈData Protection Inquiries: [email protected]

If you believe we have violated your privacy rights, you may file a complaint with your local data protection authority.