Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information when you use ForecastAPI.

Last Updated: August 06, 2024

1. Introduction

ForecastAPI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our time series forecasting API service (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

Account Information

When you register for an account, we collect:

  • Name and email address
  • Company name (optional)
  • Password (stored in encrypted form)
  • Billing information (processed by Paddle, our payment processor)

API Usage Data

When you use our API, we automatically collect:

  • API key and request timestamps
  • Endpoint accessed and HTTP method
  • Response time and status codes
  • Request volume and frequency
  • IP address for security and rate limiting

Forecasting Data

To provide forecasting services, you send us:

  • Historical time series data points
  • Data identifiers (product IDs, SKUs, etc.)
  • Forecasting parameters (frequency, periods, methods)

Important: We process your forecasting data in real-time and do not permanently store it unless temporarily cached (up to 24 hours) for performance optimization. We do not use your data to train our models or share it with other customers.

Website Analytics

We collect standard web analytics data including:

  • Pages visited and time spent
  • Browser type and operating system
  • Referring website
  • General location (country/region level)

3. How We Use Your Information

We use the information we collect to:

  • Provide Services: Process your forecasting requests and deliver results
  • Maintain Accounts: Manage your account, authentication, and access
  • Process Payments: Handle billing and subscription management
  • Improve Service: Analyze usage patterns to enhance performance and features
  • Customer Support: Respond to inquiries and provide technical assistance
  • Security: Detect and prevent fraud, abuse, and unauthorized access
  • Legal Compliance: Meet legal obligations and enforce our terms
  • Communications: Send service updates, security alerts, and optional newsletters

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in these circumstances:

Service Providers

  • Paddle: Payment processing and subscription management
  • Hetzner: Cloud infrastructure for API hosting
  • Email Service: Transactional email delivery

Legal Requirements

We may disclose information if required by law, court order, or government request, or if necessary to protect our rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

5. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/SSL) for all API communications
  • Encryption at rest for stored data
  • Secure API key management
  • Regular security audits and updates
  • Access controls and authentication
  • Rate limiting and DDoS protection

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain different types of data for different periods:

  • Account Data: Retained while your account is active and for 90 days after closure
  • Forecasting Data: Processed in real-time, cached for up to 24 hours
  • API Logs: Retained for 30 days for debugging and security
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Analytics Data: Aggregated and anonymized after 90 days

7. Your Rights and Choices

Access and Correction

You can access and update your account information through your dashboard or by contacting support.

Data Portability

You can export your account data and API usage history in standard formats.

Deletion

You can request deletion of your account and associated data. Some information may be retained for legal compliance.

Marketing Communications

You can opt-out of marketing emails using the unsubscribe link in any email or through your account settings. Service-related emails cannot be opted out of while you maintain an account.

Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: To understand usage patterns and improve the Service
  • Preference Cookies: To remember your settings and preferences

We do not use advertising or third-party tracking cookies.

9. International Data Transfers

Our servers are located in the European Union (Germany). If you access the Service from outside the EU, your information will be transferred to and processed in the EU. By using the Service, you consent to this transfer.

10. GDPR Compliance (European Users)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process data based on contract performance, legitimate interests, or consent
  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict: Request limited processing of your data
  • Right to Object: Object to certain types of processing
  • Right to Portability: Receive your data in a portable format

To exercise these rights, contact us at support@forecastapi.com. You may also lodge a complaint with your local data protection authority.

11. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about data collection and sharing
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: We do not sell personal information
  • Non-Discrimination: We will not discriminate for exercising your rights

To exercise these rights, contact us at support@forecastapi.com or call us at [phone number if applicable].

12. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect information from children under 16. If we become aware that we have collected data from a child under 16, we will delete it promptly.

13. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

14. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will notify affected users within 72 hours via email and post a notice on our website. We will also notify relevant authorities as required by law.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we will provide additional notice via email or through the Service.

16. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

17. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at: dpo@forecastapi.com