Privacy Policy
This Privacy Policy describes how API Sonar (“we,” “our,” or “us”) collects, uses, and protects your personal information when you use our API monitoring service. We are committed to protecting your privacy and ensuring the security of your data.
Last updated: September 11, 2025
Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Full name
- Password (encrypted and hashed)
- Subscription tier and plan preferences
Service Usage Data
As part of our API monitoring service, we collect:
- API endpoint URLs you want to monitor
- HTTP methods (GET, POST, HEAD)
- Custom headers (encrypted before storage)
- Monitoring frequency preferences
- Alert preferences and notification settings
Monitoring Data
Our monitoring system collects:
- Response status codes
- Response latency times
- Rate limit information
- Error messages and validation results
- Uptime and availability metrics
Technical Information
We automatically collect:
- IP addresses and location data
- Browser and device information
- Usage patterns and analytics
- Error logs and performance data
How We Use Your Information
Service Provision
We use your information to:
- Provide and maintain our API monitoring service
- Send alerts and notifications about endpoint issues
- Generate performance reports and analytics
- Process payments and manage subscriptions
- Provide customer support and respond to inquiries
Service Improvement
We analyze usage data to:
- Improve our monitoring algorithms and accuracy
- Optimize service performance and reliability
- Develop new features and functionality
- Identify and resolve technical issues
Communication
We may contact you to:
- Send important service updates and notifications
- Provide billing and subscription information
- Respond to support requests and inquiries
- Send security alerts and account notifications
Data Security and Protection
Encryption
We implement industry-standard security measures:
- All sensitive data (including API headers) is encrypted at rest
- Data transmission is protected using TLS/SSL encryption
- Passwords are hashed using secure algorithms
- Database connections are secured and encrypted
Access Controls
We maintain strict access controls:
- Role-based access control for all system functions
- Multi-factor authentication for administrative access
- Regular security audits and vulnerability assessments
- Employee training on data protection and privacy
Data Retention
We retain your data for as long as necessary to:
- Provide our services and maintain your account
- Comply with legal obligations and regulations
- Resolve disputes and enforce agreements
- Improve our services and develop new features
You may request deletion of your data at any time, subject to legal requirements.
Data Sharing and Third Parties
Service Providers
We work with trusted third-party service providers:
- Stripe: Payment processing and subscription management
- Nodemailer: Email delivery and transactional messaging
Legal Requirements
We may disclose your information when required by law:
- To comply with legal obligations and court orders
- To protect our rights, property, and safety
- To investigate fraud, security, or technical issues
- To prevent harm to users or the public
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such changes and ensure your data remains protected.
Your Rights and Choices
Access and Control
You have the right to:
- Access and review your personal information
- Update or correct inaccurate data
- Delete your account and associated data
- Export your data in a portable format
- Opt out of non-essential communications
Account Settings
You can manage your privacy preferences through:
- Your account dashboard and settings
- Email preference management
- Notification and alert controls
Cookies and Tracking
We use cookies and similar technologies to:
- Maintain your login session and preferences
- Analyze service usage and performance
- Provide personalized features and content
- Improve security and prevent fraud
You can control cookie settings through your browser preferences.
International Data Transfers
Your data may be processed and stored in countries other than your own. We ensure that all data transfers comply with applicable data protection laws and regulations. When data is transferred outside your jurisdiction, we implement appropriate safeguards to protect your information.
Age Restrictions
Our service is intended for adults 18 years of age or older. We do not knowingly collect personal information from individuals under 18. If you believe we have collected information from someone under 18, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, sending you an email notification.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: support@gradiente.dev
Address: 1 Transom Close, SE167FH, London, UK
We will respond to your inquiry within 30 days and work to resolve any concerns you may have.
Compliance and Legal Basis
This Privacy Policy is designed to comply with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy frameworks. Our data processing activities are based on legitimate business interests, contractual obligations, and your consent where required.