Geoapify

Privacy policy

We are committed to protecting your privacy. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information we collect through our website (the "Site") and our services (the "Services").

Information Collection and Use

Important! It's crucial to note that we treat data from registered users and data obtained through API calls differently.

  • When you register for our services, we collect specific personal information to create and manage your account, ensuring a personalized and seamless user experience.
  • On the other hand, data collected from API calls is focused on technical details necessary for the functionality of the requested services, aiming to optimize system performance and troubleshoot issues.

Services and API Requests

Geoapify, as a EU business, adheres to the European Union General Data Protection Regulation (EU GDPR) and operates with a commitment to privacy and data security. Our services are hosted in EU data centers, ensuring compliance with EU GDPR regulations.

In the context of API requests, we utilize external services to enhance performance and security:

  • Data Stored for Each API Request: For every API request, we retain essential information, including the request body, headers, IP address, and timestamp.
  • Purpose of Data Storage: This information is securely stored for access control and usage counting, allowing us to monitor and regulate access to our services effectively.
  • Utilization for Problem Detection and Performance Enhancement: The stored data serves a dual purpose by aiding in the detection of issues and contributing to the optimization of our APIs for enhanced performance.
  • Data Retention Period: The information is retained only for as long as necessary to generate aggregated usage statistics. Generally, data for successful requests is held for no longer than 24 hours, aligning with our commitment to minimal and purposeful data retention.
External Services to Manage API Calls

In our ongoing effort to optimize content delivery and ensure the security of API calls, we leverage the following external services:

  • Cloudflare: Cloudflare is employed to enhance the performance and security of our services. This globally distributed network ensures quick and secure access to our APIs.
  • Bunny CDN (for .eu API calls): For API calls originating from the .eu domain, we utilize Bunny CDN to further optimize content delivery, ensuring efficient and speedy responses.
  • Hosting Services: Our servers are hosted by Hetzner, a reliable hosting service, contributing to the robustness and security of our infrastructure.

Data Collection from Registered Users

We understand the importance of your privacy and are committed to transparency in how we collect and process data from registered users to enhance your experience and provide seamless services. Here are the key points regarding data collection:

  • Registration Information: When registering for our services, your email address or account data from Gmail/Facebook (if used for sign-in) may be collected. Rest assured, we do not sell or rent this information to any third party.
  • Billing and Service Provision: We collect and process data from registered users to facilitate proper billing processes and deliver our services to you.
  • Voluntary User Data: We do not collect, store, or share any personally identifiable user data unless you voluntarily provide it to us. This may include information shared via email, during registration, or through other direct forms of contact.
  • IP Address Logging: For troubleshooting purposes, our servers may log IP addresses in the event of problems or errors. This logging helps us gain insights into the nature of issues and enables us to address them accurately and efficiently.
External Services to Manage Registered Users' Data and Payment Details

We leverage external services to enhance the security and efficiency of managing registered users' data and payment details:

  • Google Firebase: We utilize Google Firebase as a robust database and back-end functions provider. This choice is made to uphold the required security levels in handling your data.
  • 2Checkout: For the secure management of payment details, we partner with 2Checkout. Please note that all payment details are processed exclusively by 2Checkout for added security.
  • Brevo Marketing Platform: To keep you informed and gather your feedback, we employ Brevo as our marketing platform. This platform is used to send you usage data notifications and newsletters. It's important to note that you always have the option to unsubscribe from marketing emails, putting you in control of the communication you receive from us.
  • Hetzner: We engage Hetzner as our hosting service to ensure the reliable and secure hosting of our platform. Your data's integrity and security are paramount, and Hetzner plays a crucial role in maintaining the high standards we uphold.

Our comprehensive approach to data handling and the integration of external services align with the principles of EU GDPR, emphasizing transparency, security, and the responsible use of information. If you have any inquiries or require further clarification on our data practices, please do not hesitate to reach out to us. Your trust is integral to our commitment to privacy and data protection.

Cookies (Website & Online Tools Only)

Explore our detailed Cookie Policy to gain a comprehensive understanding of how we use and manage cookies on our platform. This policy outlines the types of cookies we employ, their purposes, and your options for managing and controlling cookie settings. Your privacy is important to us, and we are committed to providing you with clear and transparent information about our cookie practices. If you have any questions or concerns, feel free to reach out to us.

We use Google Analytics and Microsoft Clarity to analyze usage patterns on our public website and browser-based tools. These services help us improve user experience by collecting anonymized information about user interactions such as page views, clicks, and scroll behavior. This data is strictly limited to website and browser-based tool usage and is never linked to API requests, user accounts, or developer activity. Both Google and Microsoft operate under GDPR-compliant Data Processing Agreements, ensuring that any data collected is handled securely and with respect to user privacy.

Data Processing Agreements

To ensure that personal data is processed securely and in compliance with the General Data Protection Regulation (GDPR), we maintain Data Processing Agreements with all key service providers involved in handling user or system data. These include:

  • Google – under the Google Analytics Data Processing Amendment
  • Microsoft – under the Microsoft Products and Services Data Protection Addendum (covering Microsoft Clarity)
  • Hetzner Online GmbH – under their GDPR-compliant hosting agreement
  • Cloudflare – under the Cloudflare Data Processing Addendum
  • Firebase, 2Checkout, and Brevo – under the respective GDPR-aligned terms of service

These agreements help us ensure that all personal data is handled with the required levels of confidentiality, security, and legal compliance.

If your organization requires a signed or customized Data Processing Agreement (DPA), please contact us at [email protected]. Please note that the preparation and review of custom DPAs may be subject to additional costs depending on the complexity and scope of the request.

Changes to this Privacy Policy

We understand the importance of transparency regarding our privacy practices. Therefore, we retain the right, at our sole discretion, to modify or replace this Privacy Policy at any time. In the event of a substantial revision, we will make reasonable efforts to give you at least 15 days' notice before the updated terms come into effect. The determination of what constitutes a material change will be made at our sole discretion.

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. Your continued use of our services after any modifications to this Privacy Policy signifies your acceptance of the updated terms. If you have any questions or concerns about these changes, please don't hesitate to contact us. Your privacy is paramount, and we are committed to keeping you informed about any adjustments to our privacy practices.

Contact information

Should you have any inquiries or concerns about this Privacy Policy, please do not hesitate to reach out to us. You can contact us via email at [email protected].

We value your privacy and are committed to providing the necessary assistance and information to address any questions you may have. Your feedback and communication are important to us, and we strive to ensure a clear and responsive dialogue regarding our privacy practices.

Your Rights under GDPR

As a user of our services and a data subject under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of Access: You have the right to request access to the personal data we hold about you and receive information on how it is processed.
  • Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to request correction.
  • Right to Erasure ("Right to be Forgotten"): You may request that we delete your personal data when it is no longer necessary for the purposes for which it was collected or if you withdraw consent.
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances.
  • Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit it to another data controller.
  • Right to Object: You have the right to object to the processing of your personal data when it is based on our legitimate interests, including profiling and direct marketing.
  • Right to Withdraw Consent: If you have given consent to the processing of your data, you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request in accordance with applicable legal requirements and within the timeframes set by GDPR.

If you believe that your rights under data protection laws have been violated, you also have the right to lodge a complaint with your local data protection authority.