Privacy Policy

Last updated: February 24, 2026

Who We Are

PincerAPI ("we," "us," "our") is an API proxy, cookbook, and agent tooling platform at pincerapi.com. This policy describes how we collect, use, and protect your personal information.

What We Collect

  • Account info: Email address and hashed password
  • API keys: Stored in encrypted form — we cannot read your raw keys after creation
  • Usage data: API calls, endpoints used, timestamps, status codes, and costs
  • Payment info: Processed via Stripe — we never store your card number
  • Technical data: IP address and user agent for security and rate limiting

How We Use Your Data

  • Service delivery: Route and proxy your API requests
  • Billing: Track usage and process payments
  • Quality monitoring: Improve API reliability and performance
  • Security: Prevent fraud and abuse
  • Communications: Send service-related notifications

What We Don't Do

We do not sell your personal data. We do not store request or response bodies beyond 30 days. We do not use your data for advertising.

Third-Party Services

We share the minimum data necessary for each service to function:

  • Stripe: Payment processing (billing info, transaction data)
  • Turso: Database hosting (account and usage data, encrypted at rest)
  • Vercel: Application hosting (request logs, IP addresses)
  • Upstream API providers: Your query parameters and request data are forwarded as needed to fulfill proxy requests

Cookies

We use a single session cookie (JWT) for authentication. No tracking cookies, no analytics cookies, no third-party cookies.

Data Retention

  • API usage logs: Retained for 30 days, then deleted
  • Account data: Kept until you request deletion
  • Payment records: Retained as required by law (typically 7 years)

Your Rights (GDPR & CCPA)

Regardless of where you are located, you have the right to:

  • Access: Request a copy of your personal data
  • Export: Receive your data in a portable format
  • Correction: Update inaccurate information
  • Deletion: Request erasure of your account and data
  • Opt-out: We do not sell personal data, but you may opt out of non-essential communications

To exercise any of these rights, email privacy@pincerapi.com. We will respond within 30 days.

Security

We use encryption in transit (TLS) and at rest. API keys are stored using one-way encryption. Access to production systems is restricted and audited.

Changes

We may update this policy from time to time. Material changes will be communicated via email or a notice on our site.

Contact

Privacy questions or data requests? Email privacy@pincerapi.com.

General support? Email support@pincerapi.com.