Privacy Policy

Last updated:

1. Information We Collect

We collect the minimum information necessary to operate the Service:

• Email address — provided when you register for an API key.
• API usage data — request counts per day, per API key. We do not log individual queries or search terms.
• API key hash — a one-way hash of your key for authentication. We do not store your plaintext API key.

2. How We Use Your Information

• To authenticate API requests.
• To enforce rate limits per your tier.
• To contact you regarding your account if necessary.

3. What We Do Not Collect

• We do not use cookies or tracking pixels on our website.
• We do not log your search queries or API request parameters.
• We do not use third-party analytics services.
• We do not sell, share, or rent your information to third parties.

4. Data Storage

Your email and API key hash are stored in a secured database. Usage counts are stored as aggregate daily totals per key — no individual request details are retained.

5. Data Retention

We retain your account data for as long as your API key is active. If you request deletion, we will remove your email, API key hash, and usage records within 30 days.

6. Security

API keys are hashed using SHA-256 before storage. We never store or log your plaintext API key after initial generation. All API traffic is served over HTTPS.

7. Your Rights

You may request:

• A copy of the data we hold about you.
• Deletion of your account and associated data.
• Deactivation of your API key.

8. Changes to This Policy

We may update this policy from time to time. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

For privacy-related requests, contact us via the email associated with your API key registration.