Privacy Policy

Last updated: March 2026

BizComplianceAPI ("we", "us", "our") operates the bizcomplianceapi.com website and the BizCompliance API service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our API.

By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our service.

Information We Collect

Account Information

When you sign up for an API key or join our waitlist, we may collect:

• Email address
• Name and company name (if provided)
• Billing information (processed securely by our payment provider - we do not store full card numbers)
• API key credentials

API Usage Data

When you make API requests, we automatically collect:

• API endpoint called and request parameters (business type, location queries)
• Timestamps, response codes, and latency metrics
• API key used (for rate limiting and billing)
• IP address of the requesting server
• Request volume and usage patterns

Analytics and Website Data

When you visit our website, we collect standard analytics data:

• Pages viewed, time on page, and navigation paths
• Browser type, operating system, and device type
• Referring URL and search terms
• Approximate geographic location (country and region level)
• Anonymous usage statistics via Google Analytics

How We Use Information

We use the information we collect to:

• Provide, maintain, and improve the BizCompliance API service
• Process API requests and return compliance data
• Manage your account, billing, and API key access
• Monitor API performance, uptime, and error rates
• Enforce rate limits and prevent abuse
• Send service-related communications (outage alerts, billing notices, security updates)
• Send product updates and feature announcements (you can opt out at any time)
• Analyze usage trends to prioritize new jurisdictions and features
• Respond to support requests
• Comply with legal obligations

Data Sharing

We do not sell, rent, or trade your personal information to third parties.

We may share limited information only in these circumstances:

• Service providers - We use trusted third-party services for payment processing, email delivery, and infrastructure hosting. These providers only access data necessary to perform their functions and are contractually obligated to protect it.
• Legal requirements - We may disclose information if required by law, court order, or government request.
• Business transfers - In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
• Protection of rights - We may share information to enforce our terms of service, protect our rights and property, or ensure the safety of our users.

Data Retention

We retain your data for as long as your account is active or as needed to provide the service:

• Account data - Retained while your account is active and for 90 days after deletion to allow for recovery.
• API usage logs - Retained for 12 months for analytics and debugging, then aggregated and anonymized.
• Billing records - Retained for 7 years as required by tax and accounting regulations.
• Website analytics - Retained for 26 months (Google Analytics default), then automatically deleted.

You can request deletion of your data at any time (see "Your Rights" below).

Security

We take the security of your data seriously and implement industry-standard measures to protect it:

• All data transmitted between your systems and our API is encrypted via TLS 1.2+
• API keys are hashed at rest and never stored in plaintext
• Database access is restricted to authorized personnel with role-based permissions
• Infrastructure is hosted on reputable cloud providers with SOC 2 compliance
• We conduct regular security reviews and dependency audits

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but will notify affected users promptly in the event of a breach.

Cookies and Analytics

Our website uses a limited number of cookies:

• Essential cookies - Required for basic website functionality such as session management and security. These cannot be disabled.
• Google Analytics - We use Google Analytics to understand how visitors interact with our website. Google Analytics uses cookies to collect anonymous usage data. You can opt out by installing the Google Analytics Opt-out Browser Add-on.

We do not use advertising cookies, tracking pixels, or third-party marketing trackers. We do not participate in cross-site tracking or retargeting.

Your Rights

You have the following rights regarding your personal data:

• Access - Request a copy of all personal data we hold about you, including API usage history and account information.
• Correction - Request that we update or correct inaccurate data.
• Deletion - Request that we delete your account and associated data. We will process deletion requests within 30 days, subject to legal retention requirements.
• Export - Request a machine-readable export of your data (JSON format) for portability.
• Restriction - Request that we limit processing of your data in certain circumstances.
• Objection - Object to processing of your data for specific purposes, including marketing communications.

To exercise any of these rights, please contact us through our website.

Children's Privacy

BizComplianceAPI is a business-to-business service and is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13 without parental consent, we will delete that information promptly. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes:

• We will update the "Last updated" date at the top of this page.
• For significant changes, we will notify registered users via email.
• Continued use of the service after changes constitutes acceptance of the updated policy.

We encourage you to review this page periodically to stay informed about how we protect your data.

Contact

If you have any questions about this Privacy Policy, your data, or your rights, please reach out to us through our contact form. We aim to respond to all inquiries within 5 business days.