Privacy Policy

1. Introduction

Welcome to ApiUji ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you have a positive experience on our website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our developer tools.

By using ApiUji, you consent to the data practices described in this policy. If you do not agree with the practices described in this policy, please do not use our services.

2. Information We Collect

2.1 Automatically Collected Information

When you visit ApiUji, we automatically collect certain information about your device and usage patterns, including:

• IP Address: Used for analytics, security purposes, and approximate location detection
• Geographic Location: Country, city, and timezone (derived from IP address using geolocation services)
• Browser Information: Browser type, version, and user agent string
• Operating System: Your devices operating system (Windows, macOS, Linux, Android, iOS)
• Device Type: Whether you are using a desktop, mobile, or tablet device
• Session Information: Session identifiers to track user sessions and engagement
• Usage Data: Pages visited, time spent on pages, tools used, and interaction patterns
• Referral Information: Website that referred you to ApiUji (referrer domain and type)
• Access Times: Date and time of your visits with timezone information
• Performance Metrics: API response times, success rates, and error rates (for API Tester tool)

Note: Location data is derived from your IP address using third party geolocation services. This provides approximate location only (country/city level) and is not precise enough to identify your exact location.

2.2 Information You Provide

When using our tools, you may provide the following information:

• API Requests: URLs, HTTP methods, headers, request bodies, and response data (stored temporarily for analytics and performance monitoring)
• Tool Input: JSON data, SQL queries, code snippets, regex patterns, and other code/text you input (processed in real time but not permanently stored)
• Usage Patterns: Which tools you use, how frequently, session duration, and interaction patterns
• Performance Data: API response times, status codes, and error information (for API Tester tool)

Important: We do NOT store sensitive information like API keys, passwords, authentication tokens, or personal data permanently. All tool inputs are processed in real time and not stored long term. API request/response data is stored temporarily (up to 30 days) for analytics purposes only.

3. How We Use Your Information

We use the collected information for the following legitimate purposes:

• Service Provision: To provide, maintain, and improve our developer tools
• Analytics: To understand how our tools are used and identify areas for improvement
• Security: To detect and prevent fraud, abuse, and security threats
• Performance: To optimize website performance and user experience
• Legal Compliance: To comply with applicable laws and regulations
• Communication: To respond to your inquiries and provide support (if you contact us)

4. Data Storage and Retention

Analytics Data: We retain analytics data (IP addresses, location data, browser/device information, usage statistics, session data) for up to 12 months for analytical purposes. This helps us understand user behavior, improve our services, and optimize performance.

API Request Data: API request logs (URLs, methods, headers, response times, status codes) are stored temporarily (up to 30 days) for analytics, performance monitoring, and error tracking. After 30 days, this data is automatically deleted.

Tool Inputs: Your tool inputs (JSON, SQL, code, regex patterns, etc.) are processed in real time and NOT stored permanently. They are only kept in memory during processing and are never saved to our database.

Location Data: IP geolocation data (country, city, timezone) is cached for 7 days to improve performance and reduce API calls. After 7 days, location data is refreshed if you visit again.

Session Data: Session identifiers and session duration data are retained for up to 12 months to analyze user engagement and behavior patterns.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

• Session Cookies: Essential for website functionality and security
• Analytics Cookies: Help us understand how visitors use our website
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling cookies may affect website functionality.

6. Third-Party Services

6.1 Google AdSense

We use Google AdSense to display advertisements. Google AdSense uses cookies to serve ads based on your prior visits. You can opt out of personalized advertising by visiting Google's Ads Settings.

6.2 IP Geolocation Services

We use IP geolocation services (such as ipapi.co) to determine your approximate location (country, city, timezone) based on your IP address. This data is used for analytics and to improve our services. Location data is cached for 7 days to improve performance. The geolocation service provider may process your IP address according to their privacy policy.

6.3 Analytics Services

We use internal analytics tools to understand visitor behavior, track tool usage, monitor performance, and improve our services. This includes tracking page views, tool usage patterns, session duration, bounce rates, and user engagement metrics. All analytics data is anonymized and aggregated for statistical purposes.

6.4 External API Calls

When you use our API Tester tool, your requests are sent to external APIs that you specify. We do not control how these third-party services handle your data. Please review their privacy policies before sending requests. We store request/response data temporarily (up to 30 days) for analytics and performance monitoring only.

7. Data Security

We implement industry-standard security measures to protect your information:

• SSL/TLS encryption for data transmission
• Secure server infrastructure with regular security updates
• Content Security Policy (CSP) headers to prevent XSS attacks
• Rate limiting to prevent abuse and DDoS attacks
• Input validation and sanitization to prevent injection attacks
• Access controls and authentication for admin areas
• Session security with regeneration and secure cookies
• Database encryption and secure data storage
• Regular security audits and vulnerability assessments

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing of your data

To exercise these rights, please contact us through our contact page.

9. Children's Privacy

ApiUji is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using ApiUji, you consent to the transfer of your information to these countries.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date at the top of this policy
• For significant changes, we may provide additional notice

You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted on this page.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: