Privacy Policy
Effective March 11, 2026
1. Legal Basis for Processing
We process personal data only where a lawful basis exists under applicable privacy laws. For users in the European Economic Area (EEA), this includes:
• Contractual Necessity (Art. 6(1)(b) GDPR): Processing required to provide and operate the ApiPosture service.
• Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for service security, abuse prevention, diagnostics, and platform reliability.
For residents of California, this policy also serves as a Notice at Collection under the California Consumer Privacy Act (CCPA) as amended by the CPRA.
2. Global Privacy Rights
We apply a privacy-by-default approach and extend core privacy rights to all users regardless of location. These rights may include:
• Right to Access: Request confirmation of whether we process your personal data and obtain a copy of the data we hold.
• Right to Deletion: Request deletion of account-related personal data, subject to legal and operational retention requirements.
• Right to Correct: Request correction of inaccurate or incomplete personal information.
• Right to Opt-Out: Where applicable, you may opt out of certain types of data processing.
You may exercise these rights by contacting us at [email protected]. We will respond in accordance with applicable privacy laws.
3. Global Privacy Control (GPC)
Where legally required, our systems honor browser-based privacy signals such as Global Privacy Control (GPC). When detected, these signals are treated as a valid request to opt out of certain forms of data processing where applicable.
4. International Data Transfers
ApiPosture operates globally and may store or process data in the United States or other jurisdictions where our infrastructure or service providers are located.
For transfers of personal data from the EEA, UK, or Switzerland to countries without an adequacy decision, we rely on approved transfer mechanisms such as Standard Contractual Clauses (SCCs) to help ensure an appropriate level of data protection.