Privacy Policy

Last updated: 2025-08-25

This Privacy Policy explains how Nobotspls (“we”) processes information when you use the Nobotspls API and website at nobotspls.com (the “Service”). For EU/UK residents, we act as a controller for account/billing data and typically a processor for data you send to the API.

What we collect

• Account & Billing: name, email, workspace/org details, billing info (processed by Stripe), plan, invoices.
• API Inputs: request metadata you choose to send (e.g., user agent, IP, selected headers). By default, we process this transiently to produce a score and do not persist raw payloads; we retain aggregated counters for rate limiting, billing, and abuse prevention.
• Technical Logs: minimal logs for reliability and security (e.g., timestamps, status codes, error traces).
• Website: standard HTTP logs; we don’t use third-party advertising trackers.

Purposes & Legal Bases

• Provide the Service, billing, and support (GDPR Art. 6(1)(b)).
• Security, rate limiting, abuse prevention, analytics (legitimate interests, Art. 6(1)(f)).
• Legal compliance (Art. 6(1)(c)).

Processors & Transfers

We use vetted subprocessors such as hosting providers and Stripe for payments. Data may be processed outside your jurisdiction with appropriate safeguards (e.g., SCCs). A current list of subprocessors is available on request.

Retention

Account and billing records: while your account is active and as required by law. Aggregated metrics: as needed for billing/abuse prevention. Transient API payloads: typically not stored beyond processing unless needed for debugging with your consent.

Your Rights

Subject to law, you may request access, correction, deletion, restriction, portability, or objection. Contact contact@nobotspls.com. You may also lodge a complaint with your supervisory authority.

Security

We apply administrative, technical, and organizational measures appropriate to risk, including TLS in transit, access controls, and monitoring.

Cookies

We primarily use essential cookies (e.g., for session/auth in the billing portal). We do not use third-party advertising cookies.

Children

The Service is not directed to children under 16; do not submit children’s data.

Contact

Data controller: Nobotspls. Email: contact@nobotspls.com.

Changes

We may update this Policy; material changes will be posted with a new “Last updated” date.

Non-legal advice: please have your counsel review and tailor for your processing activities.