Privacy Policy - ApiaryLabs

ApiaryLabs ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API services ("Services") through the RapidAPI marketplace or visit our website at apiarylabs.io.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

1. Information We Collect

1.1 Information You Provide Directly

When you subscribe to or use our Services, we may collect:

Account Information: Email address, username, and account credentials managed through RapidAPI
API Request Data: Data you submit through API endpoints (e.g., addresses for GeoInsight, product information for Heirloom API)
Communication Data: Information you provide when contacting our support team
Feedback and Survey Data: Responses to surveys, feature requests, or feedback forms

1.2 Information Collected Automatically

When you access our Services, we automatically collect certain technical information:

Usage Data: API endpoint calls, request timestamps, response times, and error logs
Device and Connection Information: IP address, user agent, browser type, operating system
Authentication Data: API keys, authentication tokens (hashed and encrypted)
Performance Metrics: Request volume, latency, rate limit status
Website Analytics: Pages visited, time spent on pages, referring websites (if you visit apiarylabs.io)

1.3 Information from Third Parties

We receive limited information from RapidAPI, including:

Subscription tier and billing status
Basic account identifiers necessary for API access
Usage statistics aggregated by RapidAPI

2. How We Use Your Information

We use the information we collect for the following purposes:

Purpose	Description
Service Delivery	Process API requests and return responses; maintain and improve API functionality
Authentication & Security	Verify your identity, prevent fraud, detect and prevent security threats
Rate Limiting & Fair Use	Monitor usage against subscription quotas; enforce rate limits and fair use policies
Performance Optimization	Monitor and improve API performance, reliability, and response times
Customer Support	Respond to inquiries, troubleshoot issues, provide technical assistance
Analytics & Insights	Analyze usage patterns to improve Services and develop new features
Legal Compliance	Comply with legal obligations, resolve disputes, enforce our agreements

3. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

3.1 Service Providers

We may share data with trusted third-party service providers who assist us in operating our Services:

RapidAPI: For payment processing, subscription management, and API marketplace services
Cloud Infrastructure Providers: For hosting, data storage, and computing resources (e.g., AWS, Google Cloud)
Analytics Services: For website analytics and performance monitoring
Email Services: For transactional emails and support communications

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

3.2 Legal Requirements

We may disclose your information if required by law or in response to:

Valid legal processes (subpoenas, court orders, search warrants)
Requests from government or regulatory authorities
Protection of our legal rights, safety, or property
Investigation of potential fraud, security threats, or Terms violations

3.3 Business Transfers

If ApiaryLabs is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

3.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

Important Note on API Request Data

Data you submit through our APIs (such as addresses, product names, or other request parameters) is processed solely to generate and return the requested response. We do not:

Store your API request data permanently (except for temporary caching and logs)
Sell or license your API request data to third parties
Use your API request data to build competing products or datasets
Share your specific API request data with other users

API logs containing request data are retained for a limited period (see Section 8) for debugging, security, and service improvement purposes only.

4. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy:

Account Information: Retained while your account is active and for up to 12 months after account closure
API Request Logs: Retained for up to 90 days for debugging and security purposes
Aggregated Analytics: Retained indefinitely in anonymized, non-identifiable form
Financial Records: Retained as required by applicable accounting and tax laws
Legal Compliance Data: Retained as required by law or until legal obligations are fulfilled

5. Data Security

We implement industry-standard security measures to protect your information:

Encryption: All data transmitted to and from our APIs uses HTTPS/TLS encryption
Access Controls: Strict authentication and authorization mechanisms; API key-based access
Infrastructure Security: Hosting on secure, enterprise-grade cloud infrastructure with regular security updates
Monitoring: Continuous monitoring for suspicious activity and security threats
Limited Access: Employee access to user data is restricted and logged
Regular Audits: Periodic security assessments and vulnerability testing

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You have the right to request access to the personal information we hold about you and receive a copy in a structured, commonly used format.

6.2 Correction

You may request that we correct inaccurate or incomplete personal information.

6.3 Deletion

You may request deletion of your personal information, subject to certain legal exceptions (e.g., records required for legal compliance).

6.4 Restriction and Objection

You may request that we restrict processing of your information or object to certain processing activities.

6.5 Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time.

6.6 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@apiarylabs.io. We will respond to your request within 30 days.

7. Cookies and Tracking Technologies

Our website (apiarylabs.io) may use cookies and similar tracking technologies:

Essential Cookies: Necessary for website functionality and security
Analytics Cookies: Help us understand how visitors interact with our website
Performance Cookies: Monitor and improve website performance

Our APIs do not use cookies. Authentication is handled via API keys in request headers.

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

8. International Data Transfers

ApiaryLabs is based in Brisbane, Australia. If you access our Services from outside Australia, your information may be transferred to, stored, and processed in Australia or other countries where our service providers operate.

We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards (such as standard contractual clauses) when transferring data internationally.

9. Children's Privacy

Our Services are not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@apiarylabs.io.

10. Third-Party Links and Services

Our website and Services may contain links to third-party websites, products, or services (including RapidAPI). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Payment Information

We do not collect, store, or process payment card information. All payment processing is handled securely by RapidAPI. Please refer to RapidAPI's privacy policy for information about how they handle payment data.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected, used, shared, or sold
Right to delete personal information
Right to opt-out of the sale of personal information (Note: We do not sell personal information)
Right to non-discrimination for exercising your CCPA rights

To exercise these rights, contact us at privacy@apiarylabs.io.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

Right to access, rectification, erasure, and portability of your personal data
Right to restrict or object to processing
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority

Our legal basis for processing your data includes: performance of a contract, legitimate interests, legal compliance, and consent where applicable.

14. Australian Privacy Principles (APP)

As an Australian entity, we comply with the Australian Privacy Principles under the Privacy Act 1988 (Cth). This includes transparency about how we collect and handle personal information, and your right to access and correct your information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or legal requirements. Updates will be posted on this page with a revised "Last Updated" date.

For material changes that significantly affect your privacy rights, we will provide prominent notice (such as email notification or a notice on our website) at least 30 days before the changes take effect.

Your continued use of our Services after changes become effective constitutes acceptance of the updated Privacy Policy.

16. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Privacy Contact:
Email: privacy@apiarylabs.io
General Support: support@apiarylabs.io
Website: apiarylabs.io

ApiaryLabs
Brisbane, Queensland, Australia

Thank you for trusting ApiaryLabs with your information. We are committed to protecting your privacy and providing secure, reliable API services.