Privacy Policy
Effective Date: April 4, 2026 Last Updated: April 4, 2026
Vitki Data, LLC (“Vitki Data,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website (vitkidata.com), APIs, Apify actors, and related services (collectively, the “Services”).
This policy covers information we collect about you as a user of our Services — not the data we provide through our data products. For information about how we handle data delivered through our APIs, see our Terms of Service.
1. Information We Collect
1.1. Information You Provide
- Account Information: When you register for an account, we collect your name, email address, company name (if applicable), and payment information.
- Payment Information: When you purchase Services, payment is processed by Stripe, Inc. We do not store your full credit card number, bank account number, or other sensitive payment details on our servers. Stripe’s privacy policy governs the handling of payment data.
- Communications: When you contact us via email at contact@vitkidata.com, we collect the content of your message, your email address, and any attachments.
- Support Requests: If you submit a support request or bug report, we collect the information you provide in that request.
1.2. Information Collected Automatically
- Usage Data: We collect information about how you use the Services, including API endpoints called, request timestamps, response sizes, error codes, and rate limit usage. This data is used for billing, debugging, abuse prevention, and service improvement.
- Log Data: Our servers automatically record information including your IP address, browser type, operating system, referring URL, and the date and time of your requests.
- API Key Usage: We track which API Key is used for each request for authentication, billing, rate limiting, and abuse detection purposes.
1.3. Cookies and Similar Technologies
Our website may use the following:
- Strictly Necessary Cookies: Required for website functionality (e.g., session management, authentication). These cannot be disabled.
- Analytics: We may use privacy-respecting analytics (e.g., Cloudflare Web Analytics) to understand website traffic. Cloudflare Web Analytics does not use cookies, does not track individual users, and does not collect personal data.
We do not use third-party advertising cookies, tracking pixels, or social media trackers.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Services.
- Process payments and manage your account.
- Send you transactional communications (account confirmations, billing receipts, API key issuance, usage alerts).
- Respond to your inquiries and support requests.
- Monitor for abuse, fraud, and violations of our Terms of Service and Acceptable Use Policy.
- Enforce our Terms of Service.
- Comply with legal obligations.
We do not use your information to:
- Sell your personal information to third parties.
- Send unsolicited marketing emails (unless you have opted in).
- Build advertising profiles.
3. How We Share Your Information
We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:
3.1. Service Providers
We share information with third-party service providers who perform services on our behalf, including:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe, Inc. | Payment processing | Name, email, payment details |
| Cloudflare, Inc. | DNS, CDN, DDoS protection, analytics | IP address, request headers |
| Apify Technologies s.r.o. | Actor hosting and billing (for Apify Store products) | Usage data, Apify account info |
| Sentry (Functional Software, Inc.) | Error tracking and performance monitoring | Error context, IP address (anonymized) |
These providers are contractually bound to use your information only for the purposes of providing their services to us.
3.2. Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to:
- Comply with a legal obligation.
- Protect the rights, property, or safety of Vitki Data, our users, or the public.
- Detect, prevent, or address fraud, security, or technical issues.
3.3. Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website before your information becomes subject to a different privacy policy.
4. Data Retention
- Account Information: Retained for the duration of your account plus 12 months after account closure, to support billing disputes and legal obligations.
- Usage/Log Data: Retained for 90 days for operational purposes (debugging, abuse detection), then aggregated or deleted.
- Payment Records: Retained as required by applicable tax and financial regulations (typically 7 years).
- Communications: Retained for 24 months or as needed to resolve ongoing issues.
You may request deletion of your account and associated personal data at any time (see Section 6).
5. Data Security
We implement reasonable administrative, technical, and physical safeguards to protect your information, including:
- Encryption in transit (TLS/HTTPS for all API and website traffic).
- API Key hashing (keys are stored as hashed values, not plaintext).
- Access controls limiting employee access to personal data.
- Regular dependency audits and security scanning.
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Your Rights
6.1. All Users
Regardless of your location, you may:
- Access the personal information we hold about you by contacting us.
- Correct inaccurate information by updating your account or contacting us.
- Delete your account and associated personal data by contacting us at contact@vitkidata.com. We will process deletion requests within 30 days, subject to legal retention requirements.
- Export your usage data and account information upon request.
6.2. California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: You may request the categories and specific pieces of personal information we have collected about you in the preceding 12 months.
- Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
- Right to Opt-Out of Sale: We do not sell personal information. There is nothing to opt out of.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise these rights, contact us at contact@vitkidata.com with the subject line “CCPA Request.” We will verify your identity before processing your request and respond within 45 days.
6.3. European Economic Area (EEA) Residents
If you are located in the EEA, we process your personal data under the following legal bases:
- Contract Performance: Processing necessary to provide the Services you requested.
- Legitimate Interest: Processing necessary for our legitimate business interests (e.g., fraud prevention, service improvement), where those interests are not overridden by your rights.
- Legal Obligation: Processing required to comply with applicable law.
You have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability and the right to lodge a complaint with a supervisory authority.
7. Children’s Privacy
The Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will delete that information promptly. If you believe a child has provided us with personal information, contact us at contact@vitkidata.com.
8. Third-Party Links
Our website or documentation may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with any information.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email (to the address associated with your account) or by posting a prominent notice on our website at least 30 days before the changes take effect.
Your continued use of the Services after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.
10. Contact Us
If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have a complaint about our data practices, contact us at:
Vitki Data, LLC Mount Morris, Michigan contact@vitkidata.com
We will respond to all privacy-related inquiries within 30 days.
This Privacy Policy is provided as a template and should be reviewed by a qualified attorney to ensure compliance with all applicable privacy laws and regulations.