APIDrift

Privacy Policy

Last updated: March 6, 2026

1. Information We Collect

When you sign in with GitHub or Google, we receive your name, email address, and profile picture from the OAuth provider. We do not request access to your repositories, code, or any private data.

We also collect usage data such as which APIs you choose to monitor and your notification preferences.

2. How We Use Your Information

  • To authenticate you and provide access to the service
  • To send digest emails about API changes you are monitoring
  • To process payments and manage your subscription
  • To improve the service and fix issues

3. Data Storage

Your data is stored in a Supabase-hosted PostgreSQL database. We use industry-standard encryption for data in transit (TLS) and at rest. Payment information is processed by Stripe and never stored on our servers.

4. Third-Party Services

We use the following third-party services:

  • Stripe — payment processing
  • Resend — transactional email delivery
  • Google Gemini — AI classification of changelog entries (only public changelog content is sent)
  • Vercel — hosting and analytics
  • Supabase — database hosting

5. Cookies

We use essential cookies for authentication (session tokens). We do not use advertising or tracking cookies.

6. Data Retention and Deletion

You can delete your account at any time from the Settings page. When you delete your account, all associated data (monitored APIs, change history, preferences) is permanently removed.

7. Your Rights

You have the right to access, correct, or delete your personal data. Contact us at support@apidrift.dev for any data requests.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or an in-app notice.

9. Contact

Questions? Email us at support@apidrift.dev.