Privacy Policy

APIBOYS (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud printing API platform, website, client applications, and related services (collectively, the “Service”).

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described herein, please do not use the Service.

We use the information we collect for the following purposes:

• Service delivery and print job routing — to process your print jobs and route them to the correct printers
• Account management and authentication — to verify your identity, manage your account settings, and secure your sessions
• Billing and subscription management — to process payments, manage your subscription plan, and provide billing history
• Security — to support two-factor authentication, detect fraudulent activity, prevent abuse, and protect the integrity of the Service
• Service improvements and analytics — to understand usage patterns, diagnose technical issues, and improve the reliability and performance of the Service
• Communication — to send transactional emails related to your account, including billing receipts, security alerts, and service notifications. We do not send marketing emails unless you explicitly opt in.

We use a minimal number of cookies that are strictly necessary for the operation of the Service:

• Session cookie — an HttpOnly, Secure cookie used to maintain your authenticated session. This cookie is essential for the Service to function and cannot be disabled.

We do not use third-party tracking cookies. We do not use advertising cookies. We do not participate in any ad networks or cross-site tracking programs. Your browsing activity on the APIBOYS platform is not shared with advertisers or data brokers.

We share limited information with the following third-party service providers, solely to operate the Service:

• Tringify (SSO authentication provider) — if you choose to sign in via SSO, your email address is shared with Tringify to facilitate authentication. Tringify's use of your data is governed by their own privacy policy.
• Payment processor — your billing information (payment method details, billing address) is shared with our payment processor to facilitate subscription charges. The payment processor is PCI-DSS compliant and handles your payment data according to industry security standards.

We do NOT sell, rent, or trade your personal data to any third parties. We do not share your data with advertisers, data brokers, or marketing companies.

Your data is stored in CockroachDB, a distributed SQL database designed for high availability and resilience. CockroachDB replicates data across multiple regions to ensure durability and fault tolerance.

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS (Transport Layer Security)
• All data is encrypted at rest using AES-256 encryption
• Passwords are hashed using strong, one-way cryptographic algorithms
• API keys are generated using cryptographically secure random number generators
• Access to production systems is restricted and audited

Document contents are NOT stored on our servers. When you submit a print job, the document data is transmitted directly to your connected printer and is deleted from our processing pipeline once delivery is confirmed. We retain only the job metadata (name, status, timestamp, page count), not the document itself.

We retain your data for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:

• Account data — retained for as long as your account remains active. This includes your email, name, company name, and authentication settings.
• Print job metadata — retained according to your subscription plan's log retention period. Depending on your plan, this may range from 30 days to 2 years. After the retention period expires, print job metadata is automatically purged.
• Billing records — retained for as long as required by applicable tax and financial regulations, typically up to 7 years after the transaction date.

When you delete your account, all personal data associated with your account (including account information, authentication data, print job metadata, and API keys) is permanently and irreversibly removed from our systems within 30 days. Billing records may be retained longer as required by law, in anonymized form where possible.

You have the following rights regarding your personal data:

• Access your data — you can view your account information, print job history, and usage data at any time through your dashboard. For a complete copy of all data we hold about you, email us at privacy@apiboys.com.
• Correct your data — you can update your name, company name, and other account details at any time through your account settings in the dashboard.
• Delete your account and all data — you can permanently delete your account and all associated data through the settings page in your dashboard. This action is irreversible.
• Export your data — to request a machine-readable export of your data, please contact us at privacy@apiboys.com. We will provide your data export within 30 days of your request.

If you are located in the European Economic Area (EEA), you may also have additional rights under the General Data Protection Regulation (GDPR), including the right to restrict processing and the right to object to processing. To exercise any of these rights, please contact us at privacy@apiboys.com.

APIBOYS uses CockroachDB, a multi-region distributed database, to ensure high availability and low latency for users worldwide. As a result, your data may be stored and processed in multiple geographic regions, including the United States, Europe, and Asia-Pacific.

By using the Service, you acknowledge and consent to the transfer of your data across international borders for the purposes of data replication, fault tolerance, and performance optimization. We ensure that all data transfers are protected by appropriate security measures, including encryption in transit and at rest, regardless of the region in which the data is stored.

The Service is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take immediate steps to delete that information from our systems.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us at privacy@apiboys.com so that we can take appropriate action.

We may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or the features of our Service. When we make material changes, we will notify you by sending an email to the address associated with your account at least 14 days before the changes take effect.

The updated Privacy Policy will be posted on this page with a revised “Last updated” date. Your continued use of the Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: