Api-Tech
Try for $3.50

Legal

Privacy Policy

Last updated: May 15, 2026

This Privacy Policy explains how Api-Tech sp. z o.o. ("Api-Tech", "we", "our") collects, uses, stores, and protects information about visitors and customers of our website and services.

1. Who we are

Api-Tech sp. z o.o., Święty Marcin 29/8, 61-806 Poznań, Poland, is the data controller for personal data processed through our website, dashboard, and customer support channels. For privacy enquiries contact [email protected].

2. Data we collect

  • Account data: first and last name, email, encrypted password, organisation.
  • Billing data: billing address, VAT number, transaction identifiers from our payment processors. We never store full card numbers.
  • Usage data: credits consumed, model usage, requests, error rates, IP address, browser, OS, locale, timestamps.
  • Support data: messages, attachments, and metadata you share with our team.
  • Cookies & similar: see our Cookie Policy.

3. Why we process it

  • To provide and operate the service (Art. 6(1)(b) GDPR — contract).
  • To bill, handle taxes and accounting obligations (Art. 6(1)(c) — legal obligation).
  • To secure our platform, prevent fraud, and debug (Art. 6(1)(f) — legitimate interests).
  • To send service announcements and, with consent, marketing (Art. 6(1)(a) — consent).

4. AI inputs and outputs

Prompts, files, and outputs that you submit to Api-Tech are processed solely to provide the service. We do not use customer content to train shared foundation models. Where private deployments are configured, all inference runs in dedicated EU regions.

5. Sharing

We share data only with vetted processors strictly to operate Api-Tech:

  • Cloud infrastructure (EU regions) for hosting, storage, and compute.
  • Payment processors (Stripe, bank transfer providers) for billing.
  • Email and customer-support tooling.
  • Authorities when required by law, with strict review.

6. International transfers

Data is hosted in the European Union by default. When transfers outside the EEA occur, they are protected by Standard Contractual Clauses and additional safeguards as required.

7. Retention

  • Account data: while your account is active and up to 24 months after closure.
  • Billing records: 5 years (Polish accounting law).
  • Logs: up to 90 days unless required for security investigations.

8. Your rights

You have the right to access, rectify, erase, restrict, or port your personal data, and to object to processing based on legitimate interests. You may withdraw consent at any time. To exercise these rights email [email protected]. You may also lodge a complaint with the Polish UODO or your local supervisory authority.

9. Security

Api-Tech applies encryption in transit (TLS 1.2+) and at rest (AES-256), least-privilege access, audit logging, SSO for staff, and continuous monitoring. We undertake annual third-party penetration tests.

10. Changes

We may update this Policy. Material changes will be communicated by email or in-product at least 30 days before they take effect.