We only collect your email address on sign up. If you use the sign-in with Google feature, we also collect your Google account's name. For billing purposes we collect your company's billing address and VAT tax identifier. For additional security, and to allow you to see which devices are connected using your account, we collect the User-Agent and IP address on login.
We do not store any information that you send to the API. Logs are kept for a duration of 30 days and only include the timestamp, IP and URL addresses of requests. A simple numeric counter is incremented to keep track of your API consumption for billing purposes.
The information we collect is used for the following purposes:
- To send you emails regarding your API usage or any important account or security update (we do not send marketing or sales emails)
- To process payment transactions and generate billing invoices
- To display a log of all devices connected to your account
Our server infrastructure is protected by multi-factor authentication and high grade encryption standards. We have implemented both technical and organisational security measures designed to protect any personal information we process.
Although we do our best to protect your information, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. You should only access our services within a secure environment.
ExoAPI complies with the provisions of the Regulation (EU) 2016/679 of the European Parliament, known as the General Data Protection Regulation (GDPR).
Our DPA can be found here: Data Processing Agreement
All data sent to the API is only kept in volatile server memory for the duration of the execution of the request and is immediately discarded after.
When subscribing to a paid plan all payment information is securely transmitted to Stripe, our third-party PCI certified payment gateway for payment processing. You may find their privacy here: https://stripe.com/privacy.
We do not sell, trade, or transfer to outside parties your personally identifiable information.
We only keep your personal information for as long you have an account with us, unless otherwise required by law.
ExoAPI does not use any cookies for any tracking purpose. We only store your login token locally to enable you to securely login to your dashboard. We also use Stripe for payment processing, which requires a few essential cookies to work properly with fraud detection and prevention.
You can learn more about Stripe cookies in their Cookies Policy
We may update this privacy notice from time to time. The updated version will be indicated by an updated date and will be effective as soon as it is accessible. We may notify you of such changes by sending you an email. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
If you have any questions regarding this privacy policy or if you would like to review or change the information in your account or terminate your account, you may contact us.
