Privacy Policy

The API Guys LLC
Last Updated: October 24, 2025

1. Introduction

The API Guys LLC (“we,” “our,” or “us“) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, use our services, or interact with us.

Our Services: We provide custom software development, API integrations, data migration services, and custom portal development to businesses across various industries.

Your Rights: Depending on your location, you may have specific rights regarding your personal information under laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Information You Provide to Us

Business Contact Information:

  • Name, email address, phone number
  • Company name, job title, business address
  • Project requirements and specifications
  • Communication preferences

During Service Delivery:

  • Technical requirements and system specifications
  • Project feedback and communications
  • Payment and billing information

Registered User Profile Data:

  • Personal information as provided
  • Login credentials
  • Profile details

2.2 Information We Collect Automatically

Website Analytics:

  • IP address and general location information
  • Browser type, device information, operating system
  • Pages visited, time spent on pages, referring websites
  • Date and time of website visits

Service Usage Information:

  • System access logs for custom applications we develop
  • Performance metrics and error logs
  • API usage statistics (when providing ongoing integrations)

2.3 Information from Third Parties

  • Business contact information from professional networking platforms
  • Referral information from existing clients or business partners
  • Publicly available business information for outreach purposes

3. How We Use Your Information

3.1 Service Delivery and Business Operations

  • Project Management: Managing custom development projects and client relationships
  • Technical Support: Providing ongoing maintenance and support for custom systems
  • Communication: Responding to inquiries, providing project updates, and business communications
  • Quality Improvement: Analyzing service performance and improving our offerings

3.2 Legal and Compliance

  • Contract Performance: Fulfilling our obligations under service agreements
  • Legal Compliance: Meeting regulatory requirements and legal obligations
  • Security: Protecting our systems and client data from security threats
  • Record Keeping: Maintaining business records as required by law

3.3 Marketing and Business Development

  • Service Promotion: Sharing information about our capabilities and services
  • Industry Insights: Providing relevant technical content and industry updates
  • Relationship Building: Maintaining professional relationships and networking

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal information based on the following legal grounds:

  • Contract Performance: Processing necessary to perform our services under client agreements
  • Legitimate Interests: Business operations, service improvement, and direct marketing (with opt-out options)
  • Consent: When you voluntarily provide information or consent to marketing communications
  • Legal Compliance: Meeting regulatory and legal obligations

5. How We Share Information

5.1 Service Providers and Sub-processors

We work with trusted third-party service providers who assist in delivering our services:

Cloud Infrastructure:

  • Amazon Web Services (AWS): Hosting and cloud infrastructure services
  • Data is stored in appropriate geographic regions (US data in US regions, EU data in EU regions)

Development and Monitoring Tools:

  • GitHub: Code repository and version control (source code only, no personal data)
  • Sentry: Error monitoring and performance tracking (system logs, may contain limited technical data)

Business Operations:

  • Stripe: Payment processing and billing services
  • QuickBooks: Accounting, invoicing, and financial record management
  • Keap: Customer relationship management and communication tracking
  • HighLevel: Customer relationship management and marketing automation
  • Legal and professional service providers
  • Accounting and tax preparation services
  • Select business partners.

5.2 Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal information may be transferred as part of the business transaction, subject to confidentiality obligations.

5.3 Legal Requirements

We may disclose personal information when required by law, legal process, or to protect the rights, property, or safety of The API Guys, our clients, or others. If a password reset is requested for an account on the website, your IP address will be included in the reset email to ensure account security and integrity.

5.4 With Your Consent

We may share information for other purposes with your explicit consent.

6. Data Security

We implement appropriate technical and organizational security measures to protect personal information:

Technical Safeguards:

  • Encryption of data in transit (TLS 1.3+) and at rest (AES-256+)
  • Secure cloud infrastructure with enterprise-grade controls
  • Multi-factor authentication for system access
  • Regular security assessments and vulnerability testing

Organizational Safeguards:

  • Employee confidentiality agreements and security training
  • Role-based access controls and principle of least privilege
  • Regular security policy reviews and updates
  • Incident response procedures and breach notification protocols

7. Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy:

Client Relationship Data:

  • Active clients: Duration of business relationship
  • Former clients: 7 years after contract termination (for legal and tax purposes)

Project Data:

  • Active projects: Duration of project plus 90 days for transition
  • Completed projects with ongoing access: Per client agreement
  • System logs: 12 months maximum

Marketing Data:

  • Until you unsubscribe or request deletion
  • Inactive prospects: Reviewed annually for continued relevance

8. Your Privacy Rights

8.1 General Rights

  • Access: Request information about how we process your personal data
  • Correction: Update or correct inaccurate personal information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Opt-Out: Unsubscribe from marketing communications at any time

8.2 California Residents (CCPA/CPRA)

California residents have additional rights:

  • Right to Know: Categories of personal information collected and how it’s used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of sale or sharing of personal information (Note: We do not sell personal information)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Non-Discrimination: Equal service regardless of privacy rights exercise
  • Shine the Light: A list of the types of personal information disclosed to third parties in the past year, along with the names of those third parties

8.3 European Residents (GDPR)

EU residents have additional rights:

  • Data Portability: Receive personal data in a portable format
  • Restriction: Request restriction of processing under certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdrawal of Consent: Withdraw consent where processing is based on consent

9. International Data Transfers

Geographic Processing:

  • US Clients: Data processed in AWS US regions
  • EU Clients: Data processed in AWS EU regions
  • Cross-Border Support: Limited access by authorized personnel for technical support

Transfer Safeguards: For any international transfers of personal data, we implement appropriate safeguards including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequate data protection measures and encryption
  • Regular assessment of transfer arrangements

10. Children’s Privacy

Our services are designed for businesses and professional use. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child, we will promptly delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post the updated policy on our website with a new “Last Updated” date
  • Notify clients of material changes via email
  • Provide notice as required by applicable law

12. Contact Information

Data Protection Officer

The API Guys LLC
Attention: Privacy Officer
Address: 1789 Beacon St Unit 1, Brookline, MA 02445
Email: privacy@theapiguys.com
Phone: +1 888-457-9944

Privacy Rights Requests

To exercise your privacy rights or ask questions about this policy:

  • Email: privacy@theapiguys.com
  • Subject Line: “Privacy Rights Request” or “Privacy Inquiry”
  • Response Time: We will respond within 30 days (or as required by applicable law)

Regulatory Contacts

For EU Residents: If you believe we have not adequately addressed your privacy concerns, you may contact your local data protection authority.

For California Residents: You may contact the California Attorney General’s office regarding CCPA compliance.

13. Business Contact Information

The API Guys LLC

Principal Office: 1789 Beacon St Unit 1, Brookline, MA 02445
Website: theapiguys.com
Business Email: hello@theapiguys.com
Services: Custom software development, API integrations, data migration, and custom portal development

This Privacy Policy demonstrates our commitment to transparency and data protection. We encourage you to read it carefully and contact us with any questions.