Privacy Policy

1. Information We Collect

Account Information

When you register, we collect your email address, name, and payment information (processed by Stripe). We do not store credit card numbers directly.

Usage Data

We collect API request metadata including timestamps, endpoints accessed, response codes, and request volume. This data is used for rate limiting, billing, and service improvement.

Technical Data

We collect IP addresses, user agent strings, and connection metadata for security monitoring and abuse prevention.

2. How We Use Your Information

• Authenticate and authorize API access
• Process payments and manage subscriptions
• Enforce rate limits and usage quotas
• Monitor service health and detect abuse
• Communicate service updates and incidents
• Improve service performance and reliability

3. Data Storage and Security

Data is stored in Azure data centers (East US 2 and Japan East regions). API keys are hashed using HMAC-SHA256 before storage. Secrets are managed via Azure Key Vault. All data in transit is encrypted via TLS 1.2+.

4. Data Sharing

We do not sell your personal information. We share data only with:

• Stripe — for payment processing
• Azure — as our infrastructure provider
• Law enforcement — when required by valid legal process

5. Data Retention

Account data is retained for the duration of your subscription plus 90 days. Usage data is retained for 12 months. You may request deletion of your account and associated data at any time.

6. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Withdraw consent for non-essential processing

7. Cookies

We use essential cookies for authentication session management. We use analytics cookies (Google Analytics) only with your consent. You can manage cookie preferences at any time.

8. Contact

For privacy inquiries, contact privacy@aleatoric.systems.