LEGAL

Privacy Policy

Last updated July 13, 2026

This Privacy Policy explains what information ReqKey collects, how we use it, and the choices you have. The short version: we collect what we need to run the service, we don’t sell your data, and your API traffic belongs to you.

1. Information we collect

We collect three kinds of information:

  • Account information — your name, email address, and authentication details when you sign up.
  • Service data — the APIs, consumers, keys, plans, and request logs you create or ingest into ReqKey so we can operate the product.
  • Usage and billing data — how you use the dashboard, plan and payment records, and technical logs (IP address, browser type) used for security and debugging.

2. How we use information

We use the information above to:

  • Provide and operate the service — validating keys, metering credits, and rendering analytics.
  • Secure the platform — detecting abuse, fraud, and unauthorized access.
  • Communicate with you — service notices, support replies, and (if you opt in) product updates.
  • Improve the product — aggregate, de-identified usage patterns guide what we build.

3. Request logs and your API consumers

When you send request/response data to our ingest endpoint, ReqKey processes it on your behalf to power your analytics. You control what you send; avoid including end-user personal data you don’t need. That data is used only to provide the service to you — never for advertising, and never sold.

4. Cookies

We use cookies and similar storage strictly to keep you signed in and remember preferences such as your theme. We do not use third-party advertising cookies.

5. Sharing

We share data only with service providers that help us run ReqKey — cloud infrastructure (such as AWS and Cloudflare), payment processing, and email delivery — under contracts that limit how they may use it. We may also disclose information if the law requires it or to protect the rights and safety of ReqKey and its users.

6. Retention

We keep account data while your account is active. Request logs are retained according to your plan’s retention window. When you delete your account, we delete or de-identify your data within a reasonable period, except where the law requires us to keep it longer.

7. Security

We protect data with encryption in transit, scoped credentials, and least-privilege access internally. No system is perfectly secure — if we learn of a breach affecting your data, we will notify you promptly.

8. Your rights

You can access, correct, export, or delete your account data at any time — most of it directly in the dashboard, and the rest by emailing support@reqkey.com. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA, and we will honor them.

9. Changes to this policy

If we make material changes to this policy, we will notify you by email or in the dashboard before they take effect.

10. Contact

Privacy questions or requests: support@reqkey.com.

Still have questions?

Our team is happy to walk through anything on this page. support@reqkey.com