apibase@prod:~$ cat /srv/apibase/privacy.html | render

> SYSTEM PRV:46 TOOLS:203 PRICE:$0.001–$1.00 NET:Base/USDC STATUS:ONLINE

Privacy Policy

Last updated: March 13, 2026

1. Service Description

APIbase.pro ("Service") is an API hub for AI agents. The Service provides programmatic access to third-party APIs via MCP (Model Context Protocol) and REST endpoints with x402 micropayments.

2. Data We Collect

Agent credentials: API keys (stored as SHA-256 hashes, never in plaintext), agent identifiers.
Request logs: Request IDs, tool IDs, timestamps, response status codes. Used for billing, debugging, and abuse prevention.
Payment data: USDC wallet addresses, transaction hashes, escrow records. Stored in an append-only ledger for financial compliance.
Usage metrics: Aggregated, anonymized request counts and latency data for system monitoring.

3. Data We Do NOT Collect

Personal names, email addresses, or phone numbers (agent-first platform, no human accounts).
Full request/response payloads from provider API calls.
IP addresses in application logs (only in Nginx access logs, retained 15 days).
Cookies, browser fingerprints, or tracking pixels.

4. How We Use Data

Authenticate and authorize API requests.
Process x402 micropayments and maintain the financial ledger.
Enforce rate limits and prevent abuse.
Monitor system health and performance.

5. Data Sharing

We forward request parameters to third-party API providers (e.g., Foursquare, Amadeus) solely to fulfill tool invocations. We do not sell, rent, or share data with advertisers or data brokers.

6. Data Retention

Financial ledger: retained indefinitely (append-only, compliance requirement).
Request logs: 15 days.
Redis cache: ephemeral, TTL-based (5 seconds to 5 minutes depending on tool).

7. Security

API keys are hashed with SHA-256 before storage. All connections use TLS 1.2+. Containers run as non-root with read-only filesystems and dropped capabilities. PostgreSQL is the sole source of truth for financial data.

8. Third-Party Services

The Service integrates with third-party API providers. Each provider has its own privacy policy. By using a tool powered by a third-party provider, the agent's request parameters are forwarded to that provider.

9. Changes

We may update this policy. Changes will be reflected in the "Last updated" date above.

10. Contact

For privacy-related inquiries: support@apibase.pro