1. INFORMATION WE COLLECT

Information You Provide to Us

We collect personal information that you voluntarily provide when you:

• Create an account or register for our Services
• Build and deploy APIs using our platform
• Subscribe to our newsletter or marketing communications
• Contact us for customer support
• Participate in surveys, contests, or promotions

This information may include:

• Account Information: Name, email address, username, password, and profile picture
• Payment Information: Billing address, payment method details (processed securely through our payment processors)
• Project Data: API configurations, logic blocks, code exports, and related metadata
• Communications: Information you provide when contacting support or communicating with us
• Professional Information: Company name, job title, and work-related details (if applicable)

Information Collected Automatically

When you access our Services, we automatically collect certain information, including:

• Usage Data: Pages visited, features used, time spent, clicks, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Access times, error logs, and performance metrics
• Location Data: General geographic location based on IP address

Information from Third-Party Sources

We may receive information about you from:

• Authentication providers (Google, GitHub, etc.) when you sign in through third-party services
• Analytics and advertising partners
• Public databases and social media platforms

2. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

To Provide and Maintain Our Services

• Create and manage your account
• Enable you to build, deploy, and export APIs
• Process transactions and send transaction notifications
• Provide customer support and respond to inquiries
• Monitor and improve platform performance

To Communicate With You

• Send service-related announcements and updates
• Provide technical notices and security alerts
• Send marketing communications (with your consent)
• Respond to your questions and requests

To Improve Our Services

• Analyze usage patterns and trends
• Conduct research and development
• Test new features and functionality
• Optimize user experience

For Legal and Security Purposes

• Comply with legal obligations and enforce our terms
• Protect against fraud, security threats, and abuse
• Resolve disputes and enforce agreements

3. HOW WE SHARE YOUR INFORMATION

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Cloud hosting and infrastructure providers (AWS, Google Cloud, etc.)
• Payment processors (Stripe, PayPal, etc.)
• Email service providers
• Analytics providers (Google Analytics, Mixpanel, etc.)
• Customer support tools

Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction.

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to:

• Comply with legal processes
• Protect our rights, property, or safety
• Prevent fraud or security threats
• Investigate violations of our terms

With Your Consent

We may share your information for other purposes with your explicit consent.

4. DATA STORAGE AND SECURITY

We implement industry-standard security measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection practices
• Incident response and breach notification procedures

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. YOUR PRIVACY RIGHTS

Depending on your location, you may have the following rights regarding your personal information:

Access and Portability

You have the right to request access to your personal information and receive a copy in a portable format.

Correction

You can update or correct your account information at any time through your account settings.

Deletion

You may request deletion of your personal information, subject to certain legal exceptions.

Opt-Out of Marketing

You can unsubscribe from marketing emails by clicking the "unsubscribe" link or contacting us directly.

Do Not Track

We currently do not respond to Do Not Track signals, but you can manage cookies through your browser settings.

GDPR Rights (European Users)

If you are in the European Economic Area, you have additional rights including:

• Right to restrict processing
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

CCPA Rights (California Users)

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt-out of the sale of personal information (we do not sell personal information).

To exercise your rights, contact us at privacy@exdrova.com

6. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to enhance your experience. These include:

Essential Cookies

Required for the platform to function properly (authentication, security, preferences).

Analytics Cookies

Help us understand how users interact with our Services (Google Analytics, etc.).

Marketing Cookies

Used to deliver relevant advertisements and track campaign effectiveness.

You can control cookies through your browser settings. Note that disabling certain cookies may affect functionality.

7. THIRD-PARTY SERVICES

Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

Third-party services we integrate with may include:

• OAuth providers (Google, GitHub, etc.)
• Payment processors
• Cloud service providers
• Analytics platforms

8. CHILDREN'S PRIVACY

Our Services are not intended for children under 13 years of age (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@exdrova.com.

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Privacy Shield certifications (where applicable)
• Adequacy decisions by regulatory authorities

10. DATA RETENTION

We retain your personal information for as long as necessary to:

• Provide our Services and maintain your account
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Achieve legitimate business purposes

When you delete your account, we will delete or anonymize your personal information within 90 days, except where retention is required by law.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through a prominent notice on our Services
• Obtain your consent if required by applicable law

Your continued use of our Services after changes become effective constitutes acceptance of the updated policy.

12. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, you can also contact our Data Protection Officer at dpo@exdrova.com.