Compliance

Privacy Policy.

Last updated: April 2026

1. Introduction

LimitYourAPI ("we", "us", "our") is an API rate limiting and quota management platform. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

Account Information: Your email address and hashed password (for email registration), or your email and profile picture (for Google OAuth sign-in).
Usage Metrics: API request metadata (IP addresses, endpoints, timestamps, response codes) used to compute rate-limiting decisions and display analytics.
Billing Data: Payment information is processed by our third-party providers (Stripe and Razorpay). We do not store credit card details.

3. How We Use Your Data

We use your data solely to:

Authenticate you and provide access to the LimitYourAPI dashboard.
Enforce rate-limiting rules you configure.
Process billing and subscription management.
Send transactional emails (verification, security alerts).

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Google OAuth Data

Our application uses Google OAuth for seamless sign-in. Information received from Google APIs (email address, profile picture) is used strictly for account identification and authentication within LimitYourAPI.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Data Retention & Deletion

We retain your account data for as long as your account is active. Request logs are retained for 24 hours (Free tier) or up to 30 days (Pro tier) before automatic purging.

ACCOUNT_DELETION: You may delete your account and all associated data at any time from the Settings page. Upon deletion, personal data is permanently removed within 30 days.

To request manual deletion, email [email protected].

6. Data Security

ENCRYPTION: All data at rest is encrypted using AES-256. Data in transit is secured via TLS 1.3. API keys are hashed using argon2id before storage.

7. Cookies

LimitYourAPI uses essential cookies only for session management (authentication state). We do not use tracking or advertising cookies.

8. GDPR & CCPA Compliance

If you are a resident of the European Economic Area (EEA) or California, you have certain data protection rights, including the right to access, correct, or delete your personal data. You can exercise these rights from the Settings panel or by contacting us.

9. Contact

If you have questions about this Privacy Policy, contact us at [email protected].