Back to Home

Privacy Policy

Last updated: February 4, 2025

Privacy by Design

APIndex is self-hosted software. Your API catalog, user data, and all content stays on your servers. We never have access to your data. The only information we receive is for license validation (paid tiers only): your license key and license ID.

1. Overview

This Privacy Policy explains how APIndex ("we", "us", "our") collects, uses, and protects information when you:

  • Visit our website (apindex.dev, docs.apindex.dev)
  • Purchase a license
  • Use our self-hosted software
  • Contact us for support

2. Information We Collect

2.1 Website Visitors

When you visit our website, we may collect:

  • Browser type and version
  • Pages visited and time spent
  • Referring website
  • Country/region (not precise location)

We use privacy-respecting analytics that do not track individuals across sites or use cookies for tracking.

2.2 License Purchases

When you purchase a license, we collect:

  • Name and email address
  • Company name (if provided)
  • Billing address
  • Payment information (processed by Stripe; we do not store card numbers)

2.3 License Validation

For paid license tiers, your APIndex instance contacts our license server to validate your license. During this process, only the following is transmitted:

  • License Key — Your unique license identifier
  • Instance Name (License ID) — The ID provided with your license

We do NOT collect: User accounts, API catalog data, endpoint information, request/response data, usage statistics, IP addresses of your users, or any other data from your APIndex instance.

2.4 Support Communications

When you contact us for support, we collect the information you provide (email, description of issue, screenshots, etc.) to assist you.

3. How We Use Information

We use collected information to:

  • Process license purchases and payments
  • Validate active licenses
  • Provide customer support
  • Send important product updates and security notices
  • Improve our website and documentation
  • Comply with legal obligations

4. Information Sharing

We do not sell your personal information. We may share information with:

  • Payment Processor (Stripe) — To process payments securely
  • Email Service Provider — To send transactional emails (receipts, license delivery)
  • Legal Requirements — When required by law or to protect our rights

5. Data Retention

We retain information for as long as necessary to provide our services:

  • License records — Duration of subscription plus 2 years
  • Payment records — As required by tax/accounting laws (typically 7 years)
  • Support communications — 2 years after last contact
  • Website analytics — Aggregated, 26 months

6. Your Self-Hosted Data

APIndex is self-hosted software. All data you create within APIndex — including:

  • API catalog entries
  • User accounts and permissions
  • Environments and variables
  • Collections and tags
  • Audit logs
  • Test history

...is stored entirely on your own servers. We have no access to this data. You are the data controller for any personal data processed by your APIndex instance.

7. Security

We implement appropriate security measures to protect information we process:

  • HTTPS encryption for all communications
  • Secure payment processing via Stripe (PCI-DSS compliant)
  • Access controls and authentication for our systems
  • Regular security reviews

For your self-hosted APIndex instance, you are responsible for implementing appropriate security measures (network security, access controls, backups, etc.).

8. Your Rights

Depending on your location, you may have rights to:

  • Access — Request a copy of your personal data
  • Correction — Request correction of inaccurate data
  • Deletion — Request deletion of your data
  • Portability — Receive your data in a portable format
  • Objection — Object to certain processing

To exercise these rights, contact us at contact@apindex.dev.

9. International Transfers

We are based in Romania (EU). If you are located outside the EU, your information may be transferred to and processed in the EU. We ensure appropriate safeguards are in place for such transfers.

10. Cookies

Our website uses minimal cookies:

  • Essential cookies — Required for website functionality
  • Analytics — Privacy-respecting analytics (no cross-site tracking)

We do not use advertising cookies or third-party tracking cookies.

11. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, for customers, via email. We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Email: contact@apindex.dev

Address: Romania, EU