Privacy Policy

Effective Date: October 1, 2025

Defapi is committed to protecting your privacy. Learn how we collect, use, and protect your personal information in compliance with GDPR, CCPA, and other privacy regulations.

Defapi ("we," "our," or "service provider") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI API gateway services. By using our services, you agree to the collection and use of information in accordance with this policy.

This policy applies to all users of our services, including users from the European Union, United States, and other jurisdictions. We comply with applicable privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations.

Information We Collect

We only collect basic information necessary to provide our services:

Account Information

Basic information needed to create and manage your account:

  • Email address (for account creation and login)
  • Basic account information
  • Support requests and important notifications

Technical Information

Technical data required for service operation:

  • API keys (stored in encrypted form)
  • Basic usage logs
  • Error reports (for service improvement)

Payment Information

Information needed for payment processing:

  • Payment information (processed securely by third parties)
  • Transaction records

How We Use Your Information

We use your information for specific, legitimate purposes as outlined below:

Service Provision

  • βœ“Providing access to AI model APIs
  • βœ“Managing your account and preferences
  • βœ“Providing technical support and assistance
  • βœ“Improving and maintaining our services

Communication

  • βœ“Sending transactional emails (billing, security alerts)
  • βœ“Responding to your inquiries and support requests
  • βœ“Providing service updates and maintenance notices
  • βœ“Sending marketing communications (with consent)

Billing and Financial Management

  • βœ“Processing payments and managing billing
  • βœ“Preventing and detecting fraudulent activities
  • βœ“Financial reporting and analysis

Legal Compliance and Security

  • βœ“Complying with legal obligations
  • βœ“Monitoring for security threats and abuses
  • βœ“Resolving disputes and enforcing our terms

Information Sharing and Disclosure

We may share your information in limited circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our services:

  • Payment processors (Stripe, PayPal) for billing services
  • Cloud infrastructure providers (AWS, Google Cloud)
  • Analytics services for service improvement
  • Customer support and helpdesk software

Legal Requirements

We may disclose information when legally required to:

  • Respond to legal processes and government requests
  • Protect our rights, property, and safety
  • Enforce our terms of service and policies
  • Prevent fraud or protect against threats

Business Transfers

Information may be transferred in connection with mergers, acquisitions, or asset sales

Data Retention and Storage

We retain your personal information as needed:

  • β€’Retain necessary information while account is active
  • β€’After account closure, we may retain necessary data for legal compliance, dispute resolution, fraud prevention, and tax requirements. During dispute processing, we will retain relevant data until the dispute is fully resolved.
  • β€’Retain necessary records as required by law (including but not limited to taxation, dispute resolution, and legal proceedings)
  • β€’You can request account and data deletion, but we may need to retain certain data to handle disputes, comply with legal obligations, or protect legitimate interests until related legal obligations are fulfilled.

Data Security Measures

We implement reasonable security measures to protect your information:

Technical Safeguards

  • πŸ”Industry-standard encryption technology to protect data
  • πŸ›‘οΈAccess controls and security mechanisms
  • 🌐SSL encryption for data transmission
  • πŸ”’No system can guarantee 100% security

Organizational Safeguards

  • πŸ‘₯Regular security training for our team
  • πŸ“‹Strict data access policies
  • 🚨Security incident response procedures

International Data Transfers

Your personal information may be transferred and processed in countries other than your country of residence.

βœ“Transfers to countries with adequacy decisions from the European Commission
βœ“Standard Contractual Clauses (SCCs) approved by the European Commission
βœ“Binding Corporate Rules where applicable
βœ“Your explicit consent for specific international transfers

Your Rights and Choices

Depending on applicable laws, you may have the following rights:

πŸ”Access your personal information

✏️Correct inaccurate information

πŸ—‘οΈRequest deletion of your personal information (subject to legal requirements)

βš–οΈObject to certain data processing

How to Exercise Your Rights

To exercise these rights, please contact us at [email protected]. We will process your request in accordance with applicable law. For complex requests or requests requiring data retrieval from multiple systems, we may need additional time. We will process requests within a reasonable time as permitted by law.

Please note that we may need to retain certain data even if you request deletion, to handle disputes, comply with legal obligations, or protect legitimate interests. During dispute processing, we will retain relevant data until the dispute is fully resolved.

Children's Privacy

Our services are not directed at children under 13. We do not knowingly collect personal information from children.

Cookies and Tracking Technologies

We use cookies and similar technologies to provide, secure, and improve our services:

Essential Cookies

Required for the operation of our services, including authentication and security

Functional Cookies

Enable enhanced functionality and personalization features

Analytics Cookies

Help us understand how our services are used and improve them

Advertising Cookies

Used to deliver relevant advertisements (only with your consent)

Controlling Cookies

You can control cookies through your browser settings and our cookie preferences panel

Third-Party Services and Integrations

Our services may integrate with or link to third-party services:

πŸ’³Payment Processors

Stripe, PayPal, and other payment processors for billing services

πŸ“ŠService Experience Analytics (Enabled by Default)

We use anonymous analytics data to understand how users interact with our services so we can continuously improve our products. This data does not contain personally identifiable information. This feature is enabled by default to provide the best service experience. If you have privacy concerns, you can contact us to disable it at any time.

πŸ€–AI Model Providers

OpenAI, Anthropic, Google, and other AI model providers

These third-party services have their own privacy policies and data practices. We are not responsible for their privacy practices.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal and regulatory reasons.

We may notify you of any material changes by:

πŸ“§Emailing the address associated with your account
🌐Posting the updated policy on our website
πŸ””In-app notifications for significant changes

Changes will become effective when posted unless otherwise specified.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

πŸ“§Email: [email protected]
πŸ›‘οΈData Protection Inquiries: [email protected]

If you believe we have violated your privacy rights, you may file a complaint with your local data protection authority.