API Privacy Notice

This notice describes how Searchee processes data when you use programmatic API access (HTTP requests authenticated with API keys or equivalent credentials). It supplements the general Privacy Policy. If anything here conflicts with the main Privacy Policy for product search, the more specific description below applies to API traffic.

1) Scope

This notice covers:

• REST and JSON API endpoints exposed for integrations, agents, and applications.
• Metadata and operational logs generated when your application calls those endpoints.

It does not replace the main policy’s sections on accounts, billing providers, or the interactive web search UI, except where the same systems overlap (for example, your account record).

2) Definitions

• API key — A secret identifier you create in your account that authorizes requests on your behalf.
• Client application — Any software you operate that includes or uses your API key (servers, workers, scripts, partner apps).
• Request metadata — Technical data accompanying an HTTP call: timestamps, route paths, response status, approximate size, client IP or forwarding chain where available, and similar fields needed to operate and protect the service.

3) What We Process for APIs

Depending on configuration and abuse risk, we may process:

• Authentication context — API key identifiers (including hashed or internal references), scopes, and linkage to your account and plan.
• Request metadata — Data needed to route requests, enforce quotas, detect abuse, and troubleshoot reliability issues.
• Query and payload content — Search queries, filters, and related parameters you submit to API endpoints, to the extent required to return results and enforce policy.
• Usage metering — Counters, rate-limit state, and billing events tied to your key or account (for example prepaid debits or subscription entitlements).
• Security signals — Automated signals used to mitigate bots, credential stuffing, and exploitation attempts affecting API infrastructure.

We do not use API request content for third-party advertising profiles. We do not sell personal data.

4) Why We Process API Data

We process the categories above to:

• Authenticate and authorize API calls.
• Deliver search, retrieval, or tool responses you request.
• Enforce rate limits, quotas, scopes, and fair-use rules.
• Operate billing, prepaid balances, and subscription state where applicable.
• Investigate abuse, fraud, and security incidents.
• Meet legal obligations and defend against unlawful activity.

5) Logging and Retention

Log contents and retention periods depend on operational need, incident investigation, and legal requirements. We apply minimization where practicable (for example aggregating metrics for billing rather than storing full payloads when not required).

API keys can be revoked; revocation stops new authorized usage but may not erase historical metering rows required for invoices, fraud analysis, or legal holds.

6) Subprocessors and Infrastructure

API traffic may transit hosting providers, content delivery networks, and observability tools used to run the service. Those providers process data under their own terms and our instructions. Payment and billing processors handle payment instrument data under their policies when you purchase paid API capacity.

7) Security

We apply technical and organizational measures appropriate to API access: transport encryption where supported, access controls around key storage, monitoring for anomalous usage patterns, and rate-based protections at the edge.

You are responsible for protecting API keys in your environments (never embed secrets in public client code, rotate on exposure, and scope keys per application).

8) International Transfers

Infrastructure may be located in regions selected for operational reasons. Where personal data crosses borders, we rely on appropriate safeguards required by applicable law.

9) Your Choices and Rights

Depending on jurisdiction, you may have rights to access, correct, delete, or restrict certain personal data, subject to exceptions (for example security logs or financial records we must retain). Account-level requests are handled through the same channels described in the main Privacy Policy.

10) Changes

We may update this API Privacy Notice to reflect product, legal, or infrastructure changes. Material updates will be reflected on this page with a revised effective date when we publish one.

11) Related Documents

• Privacy Policy
• API Terms of Use
• Programmatic API overview