Back to Home
UnforgeAPI
UnforgeAPI
Privacy Policy

Your Privacy Matters

Last updated: January 27, 2026

Introduction

UnforgeAPI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API services. Please read this policy carefully. By using UnforgeAPI, you consent to the practices described in this Privacy Policy.

Information We Collect

Account Information: When you create an account, we collect your email address and, optionally, your name and profile picture.

API Usage Data: We automatically collect information about your API usage, including request counts, endpoints accessed, response times, and error rates.

Query Data: When you submit queries to our API, we process this content in real-time to provide research results. Query content is not permanently stored beyond rate limiting and usage tracking purposes.

Payment Information: If you subscribe to a paid plan, payment information is processed by our payment provider (Polar). We do not store your full credit card details.

Device Information: We may collect information about the device or server making API requests, including IP address, user agent, and request headers.

How We Use Your Information

  • To provide, maintain, and improve our API services
  • To process API requests and deliver research results
  • To enforce rate limits and usage quotas
  • To process subscription payments and billing
  • To send you technical notices, updates, and support messages
  • To respond to your comments, questions, and requests
  • To monitor and analyze API performance and usage patterns
  • To detect, prevent, and address abuse, technical issues, and fraud

AI Processing

Our service uses artificial intelligence to perform deep research and generate structured outputs from your queries. Your queries are processed by AI providers including Groq, Gemini, and Tavily. These providers have strict data handling policies. Your query data is not used to train AI models.

BYOK (Bring Your Own Keys)

If you use the BYOK feature, your API keys for third-party services (Groq, Gemini, Tavily) are stored securely and encrypted. These keys are only used to process your API requests and are never shared with other users or third parties. You can delete your stored keys at any time through your account settings.

Data Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except as described below:

AI Service Providers: We share query data with AI providers (Groq, Gemini, Tavily) strictly for processing your API requests.

Payment Processors: Subscription and payment data is shared with Polar for billing purposes.

Legal Requirements: We may disclose information if required by law or in response to valid requests by public authorities.

Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Data Security

We implement industry-standard security measures to protect your information. This includes encryption of data in transit (TLS 1.3) and at rest (AES-256), secure API key storage, and regular security audits. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

Data Retention

We retain your account information for as long as your account is active or as needed to provide you services. API usage logs are retained for 90 days for analytics and debugging purposes. You can request deletion of your data at any time by contacting us or through your account settings. We may retain certain information as required by law or for legitimate business purposes.

Your Rights

  • Access: You can request a copy of your personal data
  • Correction: You can update or correct your account information
  • Deletion: You can request deletion of your account and data
  • API Key Management: You can regenerate or delete your API keys at any time
  • Opt-out: You can unsubscribe from marketing communications

Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

International Users

UnforgeAPI is operated from Sri Lanka. If you are accessing our services from outside Sri Lanka, please be aware that your information may be transferred to, stored, and processed in Sri Lanka or other jurisdictions where our service providers operate, which may have different data protection laws than your own.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy, please contact us at support@unforgeapi.com