2. For what purpose is my personal data collected and processed?
We collect, store and process personal information about you only for pre-defined purposes. Uses include:
- Fulfillment of legal obligations and requirements
- Ensuring the security of the service
- Customer communication and answering contact requests
- Improving the usability of the service, e.g. showing personalized content
- Prevention of abuse and harassment
3. What personal information about me is collected and from what sources?
We collect personal information about you directly from you or your device when you use our service or contact us.
When you sign up we collect your email address. When you use the service, we collect the data for your origins and all metrics that the origins send to Apilytics through one of our open-source integration packages that you have installed. The origin data includes the name that you have provided for your origin. The metrics data includes HTTP methods, paths, query parameters, status codes, request/response sizes, user agents, execution times, system's platform name information, system's cpu and memory usage information, and package version information. The integration must be installed manually by you, and you are responsible that you possess the necessary rights for the data that is sent through the integration code to the Apilytics service. We also collect your email address when you join our mailing list. You can unsubscribe and delete that email info from us, by opening the unsubscribe link from any email that you have received.
The above information must be provided in order for us to provide the service to you. You are not legally obligated to provide the information, but in that case you will not be able to use our services.
In addition, some basic request information (e.g. IP-addresses, access times, and user agents) might be collected by us or our hosting provider.
We also use third party analytics tools to collect visitor data from the Apilytics website so that we can improve it. The data collected by them contains aggregate information from for example the number of visitors and the number of page views, and none of it can be connected to any individual users.
4. On what basis is personal data processed?
We make sure that we always have a legal basis for processing your personal information. We process your personal information to provide our service to you, improve our service and to manage the customer relationship between us and you as the user of our service. The legal basis for such processing is the performance of our mutual agreement (art. 6 1. b of the GDPR).
5. Who processes my data and is it passed on to third parties?
Your personal data is processed by persons belonging to our staff in the performance of their duties. In this case, we take care, among other things, by agreements that the confidentiality of your information is maintained, and that the information is processed in a lawful manner.
We may disclose your information to our contractual partners and/or subcontractors when it is necessary in order to provide our service. These partners include our hosting providers (Vercel, AWS) and email service (Namecheap). In these situations, we will take the necessary steps to protect your information, e.g. by signing appropriate data processing agreements with the processors.
We may also disclose your information to third parties or relevant authorities when required by law or by a competent authority, and to relevant third parties in connection of a planned share or business acquisition or sale.
6. Will my data be disclosed outside the EU?
Your data won't generally be transferred or processed outside the EU/EEA. However, there are situations where our partner or subcontractor used for providing the service, either resides or needs to transfer information outside the EU/EEA. These partners or subcontractors may process personal data when providing, for example, IT- or hosting services. In these cases, sufficient data protection is ensured by using approved transfer mechanisms, such as signing EU Commission’s standard contractual clauses in connection with the transfer.
7. How long will my personal information be kept?
We will automatically delete your data after two years of inactivity.
8. How is my information stored and protected?
9. What are cookies used for in the application?
10. What are my data protection rights?
The right to access – You have the right to request what information of yours we are processing and copies of your data.
The right to rectification – You have the right to request that we correct or update any information you believe is inaccurate. You also have the right to request us to complete any information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data. Please note, that you are not able to use the service once your personal data is deleted from our systems.
The right to restrict processing – You have the right to request that we restrict the processing of your data, in practice this might mean that we delete it. Using this right may mean that you are no longer able to use the service.
The right to object to processing – You have the right to object to processing of your personal data, in practice this might mean that we delete it. Using this right may mean that you are no longer able to use the service.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
The right to make a complaint to relevant authorities – You have the right to make a complaint to the data protection authorities of the member state where you permanently reside or where the alleged non-compliance with the GDPR has happened. In Finland the relevant data protection authority is the Office of the Data Protection Ombudsman (www.tietosuoja.fi).
11. How can I exercise my rights?
You can exercise your rights described above by emailing us at email@example.com.
To generally access your basic data in the application, log in and open your account profile. Directly from there, you can view, edit, and most of your data.
13. Who can I contact about data protection firstname.lastname@example.org
Last updated on 2022-02-25.
Easy to use
API monitoring doesn't have to be hard. Unfortunately with the most tools out there, that is the case though. Apilytics is here to fix that. Our 5-minute installation is one of the corner stones why you should pick Apilytics.
Apilytics middlewares are super lightweight, fast and they will cause no performance impact on your APIs whatsoever.
Our privacy-friendly approach lets you be in control of your data, making Apilytics a great fit for anyone aware of their privacy. Our open source middlewares allow you to see exactly what data leaves your servers.
We want to be transparent on how we process the data of our users. This is why we have open sourced 100% of our client middleware code, keeping our users updated on what data from their API is processed.