SameApi

    Privacy Policy

    Last updated: January 23, 2026

    1. Introduction

    SameApi ("we", "our", or "us") provides a data aggregation service. This Privacy Policy explains how we collect, use, and protect your information.

    2. Our Role: Controller vs. Processor

    To clarify our responsibilities under global data protection laws (including GDPR):

    • Data Controller: We act as the Data Controller for your Account Information (email, billing details, login credentials). We determine how and why this data is processed to provide the service.
    • Data Processor: We act as the Data Processor for the Job Data (domains you submit, results we generate). We process this data solely on your behalf and instructions as part of the Service.

    3. Information We Collect

    3.1 Account Information (Controller)

    • Email address and basic identity information.
    • Billing information (processed securely via Stripe, we do not store full card details).
    • Service usage logs for security and billing.

    3.2 Job Data (Processor)

    • Input domains and parameters you provide via API.
    • Aggregated analytics results generated for your account.

    4. Data Retention

    Account Data: Retained for the lifetime of your account plus a standard retention period for tax and legal compliance.

    Job Data: Retained permanently while your subscription is active to allow historical access.

    Cancellation Policy:

    Upon cancellation, you have a 30-day grace period to export your data. After 30 days, all Job Data associated with the cancelled account is permanently deleted. This process is automated and irreversible.

    5. Third-Party Services

    We engage trusted third-party service providers to assist in operating our Service:

    • Stripe: Payment processing and billing.
    • Google Analytics / PostHog: Anonymous usage analytics to improve platform performance.
    • Cloud Infrastructure Providers: Hosting and database services (e.g., AWS, Hetzner, DigitalOcean) located in secure data centers.

    6. GDPR Rights

    For users in the EEA/UK, you have specific rights regarding your personal data:

    • Access & Portability: Request a copy of your personal data.
    • Correction: Update inaccurate information via your dashboard.
    • Deletion: Request deletion of your account (Right to be Forgotten).
    • Restriction: Object to processing of your data.

    To exercise these rights, email privacy@sameapi.io.

    7. Contact Us

    For privacy-related inquiries or DPO contact: privacy@sameapi.io