Privacy policy.

1.What we collect

• Email, to send you your key and billing notifications.
• API key hash (SHA-256 of the plaintext key). We never store the plaintext.
• IP address at signup, for abuse prevention (capped at 3 signups per IP per day).
• Request metadata per call: timestamp, route, HTTP status, cost in cents, request ID. No request bodies, no response bodies.
• Stripe customer ID & payment-method metadata (when you top up). Card details go to Stripe; we never touch them.

2.What we don't collect

• Cookies or tracking pixels on the marketing site.
• Analytics beyond Cloudflare's built-in request logs (aggregate, no per-user identity).
• Advertising IDs or fingerprinting.

3.How we use it

Email & IP: keep your account usable and prevent abuse. Request metadata: bill you and show usage in your dashboard. Stripe data: process payments. That's it.

4.Who we share with

Cloudflare (hosting, rate-limiting, captcha) and Stripe (payments). Both are contractually bound to protect your data. We do not sell, rent, or share your data with advertisers.

5.How long we keep it

• Account email + key hash: while your account is active.
• Usage logs: 365 days, then aggregated and source records purged.
• Stripe records: per Stripe's retention (typically 7 years for financial records).

6.Your rights

Under the DPDP Act, 2023, you have the right to access, correct, and delete your personal data. Email hello@genka.dev with your API key prefix (first 8 chars) and we'll respond within 30 days.

Account deletion purges your email, key hash, and IP within 30 days of request, and aggregates your usage logs.

Data Principal contact: hello@genka.dev.  ·  Last updated 2026-04-23.