Privacy Policy
Last updated: January 2025
Key Principle: We collect only what's necessary to provide our service. We do not sell your data or use your API requests to train models without your explicit consent.
1. Information We Collect
1.1 Account Information
When you create an account or request API access, we collect:
- Email address
- Name or organization name
- Use case description (optional)
- Payment information (processed securely by third-party providers)
1.2 API Usage Data
When you use the Uplink API, we automatically collect:
- API requests and responses (for service delivery)
- Request metadata (timestamps, model used, token counts)
- IP addresses and user agents
- Error logs and debugging information
- Usage statistics and performance metrics
1.3 Technical Data
We collect technical information about your usage:
- Browser type and version
- Operating system
- Device information
- Cookies and similar tracking technologies
2. How We Use Your Information
We use the collected information to:
- Provide the service: Process API requests and deliver responses
- Improve our service: Monitor performance, identify bugs, and optimize infrastructure
- Billing and accounting: Calculate usage and process payments
- Security: Detect and prevent abuse, fraud, and security threats
- Communication: Send service updates, security alerts, and support messages
- Compliance: Meet legal and regulatory requirements
3. Data Retention
We retain different types of data for varying periods:
- API request/response data: Retained for 30 days for debugging and support
- Usage logs: Retained for 90 days for billing and analytics
- Account information: Retained while your account is active, plus 1 year after closure
- Financial records: Retained for 7 years for legal compliance
4. Data Sharing and Disclosure
4.1 We Do NOT:
- Sell your personal information
- Use your API requests to train AI models without consent
- Share your data with advertisers
- Publicly disclose your API usage or content
4.2 We May Share Data With:
- Service providers: Cloudflare (hosting), payment processors, analytics tools
- AI model providers: Only to fulfill your API requests
- Legal authorities: When required by law or to protect rights and safety
- Business transfers: In case of merger, acquisition, or asset sale
5. Data Security
We implement industry-standard security measures:
- Encryption in transit (TLS 1.3) and at rest
- API key authentication and access controls
- Regular security audits and monitoring
- Cloudflare's global DDoS protection
- Isolated infrastructure and rate limiting
6. Your Rights and Choices
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and data
- Portability: Export your usage data in machine-readable format
- Opt-out: Unsubscribe from marketing communications
- Restriction: Limit how we process your data
7. Cookies and Tracking
We use cookies and similar technologies for:
- Authentication and session management
- Remembering user preferences (theme, language)
- Analytics and performance monitoring
- Security and fraud prevention
You can control cookies through your browser settings.
8. International Data Transfers
Uplink API operates globally through Cloudflare's edge network. Your data may be processed in any country where we or our service providers operate. We ensure appropriate safeguards are in place for international transfers.
9. Children's Privacy
Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children. If we discover such data has been collected, we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or service announcements. The "Last updated" date at the top indicates when changes were made.
11. California Privacy Rights (CCPA)
California residents have additional rights under the CCPA:
- Right to know what personal information is collected
- Right to know if personal information is sold or disclosed
- Right to opt-out of sale (we don't sell data)
- Right to deletion
- Right to non-discrimination for exercising CCPA rights
12. European Privacy Rights (GDPR)
If you are in the EU/EEA, you have rights under the GDPR including:
- Right to access, rectification, and erasure
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with supervisory authorities
13. Contact Us
For privacy-related questions or to exercise your rights, contact us at:
- Support: uplink.fimbriata.dev/request-access
- Data Protection: Include "Privacy Request" in your subject line
We will respond to verified requests within 30 days.