Privacy Policy

Effective date: June 1, 2026

1. Who We Are

Futurotek LLC ("we", "us") operates the Star Signal API at api.starsignal.io. Contact: dianahelene@gmail.com

2. Information We Collect

• Account information: name and email address you provide when requesting an API key.
• Usage data: API key usage counts, request timestamps, and endpoint paths — used for rate limiting and billing.
• Payment information: processed by Stripe. We do not store card numbers or payment details on our servers.
• Contact form submissions: name, email, and message content you send us.
• Server logs: IP addresses and request metadata, retained for up to 30 days for security and debugging.

3. How We Use Your Information

• To provision and manage your API key and subscription.
• To send transactional emails (API key delivery, billing receipts, security notices).
• To enforce rate limits and detect abuse.
• To respond to support and contact form inquiries.
• To improve the Service — we may analyze aggregate, anonymized usage patterns.

4. Data Sharing

We do not sell your personal data. We share it only with:

• Stripe — payment processing.
• Resend — transactional email delivery.
• Railway — database hosting (PostgreSQL). Data is stored in the US.
• Vercel — API hosting and serverless compute.
• Law enforcement, if required by valid legal process.

5. Data Retention

• Account data is retained for as long as your account is active, plus 90 days after termination.
• Server logs are retained for 30 days.
• You may request deletion of your account data at any time by emailing us.

6. Cookies

The Star Signal API landing page does not use tracking cookies or third-party analytics. The partner portal uses a session cookie (partner_token) strictly for authentication, which expires when you close your browser or log out.

7. Your Rights

Depending on your location, you may have the right to access, correct, delete, or export your personal data, or to object to certain processing. To exercise these rights, email dianahelene@gmail.com. We will respond within 30 days.

8. Security

API keys are stored as SHA-256 hashes — we cannot recover the raw key if you lose it. All data in transit is encrypted via TLS. We follow industry-standard security practices for our database and hosting infrastructure.

9. Children

The Service is not directed to children under 13. We do not knowingly collect data from children.

10. Changes

We may update this Privacy Policy. We will notify registered users of material changes by email. Continued use after changes constitutes acceptance.

11. Contact

Privacy questions: dianahelene@gmail.com