UsageFlow Logo

Privacy Policy

Last updated: January 2024

Introduction

At UsageFlow, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and handle your information when you use our API usage metering and monetization platform.

Early Stage Notice: UsageFlow is currently in its early stages. We're building this platform with your privacy and security as top priorities. As we continue to develop and improve, we may update this policy to reflect enhancements in our privacy practices.

1. Information We Collect

We collect information necessary to provide and improve our services:

  • Account Information: Email address and basic profile information when you create an account
  • API Usage Data: Endpoint information, request counts, response times, and usage patterns
  • Billing Information: Payment processor data (handled by Stripe/Paddle), transaction records
  • Configuration Data: Your pricing rules, rate limits, and API configurations
  • Technical Data: IP addresses, browser type, device information for service optimization

2. Sensitive Data Anonymization

Your Security is Our Priority: We automatically anonymize and encrypt all sensitive information in our systems. This includes:

  • Usernames and Passwords: Never stored in plain text; all authentication is handled by secure third-party providers
  • API Keys and Tokens: Encrypted and stored securely; never exposed in logs or analytics
  • Email Addresses: Used for account communication only; anonymized in analytics
  • Authentication Tokens: Encrypted at rest and in transit
  • Payment Information: Processed exclusively through PCI-compliant payment processors (Stripe/Paddle); we never store credit card details

We use industry-standard encryption and security practices to protect your data. All sensitive data is processed with the highest security standards.

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our API metering and monetization services
  • Process payments and manage billing through integrated payment processors
  • Generate usage analytics and insights for your APIs
  • Improve our platform and develop new features
  • Send important service updates and notifications
  • Respond to your inquiries and provide customer support
  • Ensure security and prevent fraud

We do not sell your personal information or use it for advertising purposes unrelated to our services.

4. Data Sharing and Disclosure

We may share your information only in the following circumstances:

  • Payment Processors: Stripe and Paddle for payment processing (they handle payment data according to their own privacy policies)
  • Authentication Providers: Google and Auth0 for account authentication
  • Service Providers: Trusted third parties who help us operate our platform (hosting, analytics) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice to users)

We never share your sensitive data (API keys, tokens, passwords) with third parties except as necessary for payment processing or authentication services.

5. Data Security

We implement comprehensive security measures to protect your information:

  • End-to-end encryption for data in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Regular security audits and vulnerability assessments
  • Access controls and authentication requirements
  • Automatic anonymization of sensitive fields
  • Secure backup and disaster recovery procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain business records as required by law

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we're required to retain it for legal purposes.

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Data Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from non-essential communications

To exercise these rights, please contact us through our website. We'll respond to your request within 30 days.

8. Children's Privacy

UsageFlow is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes by posting the new policy on our website and updating the "Last updated" date. We may also notify you via email for material changes.

10. Our Commitment to You

Building Trust: We're committed to protecting your privacy and building a platform you can trust. As we're still in early stages, we're continuously improving our privacy practices and security measures.

Your privacy is fundamental to what we do. We're here to help you monetize your APIs securely and effectively, and we take that responsibility seriously. We appreciate your trust as we continue to build and improve UsageFlow.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: