Legal
Privacy Policy
Last updated: July 2026
Overview
APIWhere ("we", "us") provides a FinOps platform for API and cloud billing. This policy describes how we handle personal information when you visit our website, join the waitlist, or use the product during early access.
Information we collect
- Waitlist: email address and signup timestamp when you join early access.
- Account (when access opens): name, email, and profile image from OAuth providers (Google or GitHub).
- Usage data: standard web logs (IP, browser, pages visited) for security and analytics.
- Connector credentials: encrypted API keys and billing credentials you choose to connect — see our Security page.
How we use information
- Operate the waitlist and notify you when onboarding opens.
- Authenticate users and sync billing data from connected providers.
- Send product updates you opt into; you can unsubscribe from marketing emails.
- Improve reliability, security, and support.
Service providers
We use trusted subprocessors to run APIWhere, including hosting (e.g. Vercel), database (Supabase), transactional email (Resend), and OAuth identity providers. They process data only on our instructions and under appropriate agreements.
Cookies & sessions
We use essential cookies and session tokens to keep you signed in and protect against abuse. We do not sell your personal information.
Retention & rights
Waitlist emails are kept until you unsubscribe or request deletion. Account and billing data are retained while your workspace is active and as required by law. Contact us to access, correct, or delete your data.
Contact
Questions about this policy: hello@apiwhere.com