Privacy Policy

Overview

CatalogRecall API ("we," "us," "our," or "Company") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our API services.

Information We Collect

Direct Collection

• Account information: Email address, billing address, payment details (processed through Stripe, not stored by us)
• API key ownership: Customer ID, API key hash, creation and revocation dates
• Usage data: API endpoint called, timestamp, request/response metadata (for billing and support purposes)
• Support communication: Emails, bug reports, and support requests

Automatic Collection

• Error tracking: Stack traces, browser errors, API errors (via Sentry)
• Web analytics: IP address, browser type, pages visited (via Sentry tracing)
• Server logs: Request IP, timestamp, endpoint accessed

How We Use Your Information

We use your information for:

• Providing and billing API services
• Authenticating API requests and rate limiting
• Tracking usage for metered billing
• Detecting abuse and security threats
• Improving our service and fixing bugs
• Customer support and communication
• Legal compliance and dispute resolution

Data Sharing

We do not sell your personal data. We may share information with:

• Stripe: Payment processing (governed by Stripe's privacy policy)
• Sentry: Error tracking (governed by Sentry's privacy policy)
• Resend: Email delivery (if configured, governed by Resend's privacy policy)
• GitHub: Bug report storage (if configured, governed by GitHub's privacy policy)
• Law enforcement: Only with valid legal process

Data Retention

• API keys: Kept until revoked by customer or account deleted
• Usage logs: Retained for 90 days for billing purposes
• Error logs: Retained according to Sentry's retention policy
• Account data: Retained while account is active; deleted upon request

Security

We implement industry-standard security measures including HTTPS encryption, API key hashing, rate limiting, and error monitoring. API keys are hashed before storage and never shown after initial creation (except on the checkout success page).

However, no security system is impenetrable. If you believe your API key has been compromised, contact us immediately at [email protected] to revoke it.

Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Port your data to another service
• Opt out of certain processing

To exercise these rights, contact [email protected].

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 13, we will delete it immediately.

Changes to This Policy

We may update this policy occasionally. We will notify you of material changes by posting the new policy on this page and updating the "last updated" date. Continued use of our service after changes constitutes your acceptance.

Contact Us

For privacy questions or to exercise your rights, contact us at:

Email: [email protected]
Website: https://catalogrecallapi.com