Privacy Policy

• We do not write your input files or output files to disk. They are processed in memory and discarded immediately after the response is returned.
• We do not use your content to train models or for any purpose other than fulfilling your API call.
• We do not sell personal data. Ever.
• Payments are processed by Lemon Squeezy as merchant of record — we never see or store your card details.
• Auth tokens for the developer portal are stored in your browser's localStorage. We use Google Analytics (with IP anonymization) to measure page usage; we do not use advertising or cross-site tracking cookies.

ConvertKr ("ConvertKr", "we", "us") operates the developer portal you are reading this on and the HTTP API at api.convertkr.com (the "Service"). You can reach us at support@convertkr.com for any privacy question.

We process the categories of data above for the following purposes:

• To authenticate you and your API keys.
• To execute the operation you requested and return the result.
• To meter and bill credits accurately, and to display your usage history.
• To enforce rate limits and detect abuse (e.g. credential stuffing, scraping, attacks).
• To send transactional emails (signup, password reset, receipts, security alerts, material policy changes).
• To improve reliability and performance — aggregate, anonymized metrics about endpoint volumes, error rates, and latency.
• To comply with legal obligations, including tax and accounting requirements.

We do not use customer content (files, results) for model training, analytics, or any purpose other than fulfilling the request.

If you are in the EEA or UK, we rely on the following legal bases:

• Contract: to provide the Service you signed up for.
• Legitimate interests: to secure the Service, detect abuse, and improve reliability.
• Legal obligation: to keep accounting records and respond to lawful requests.
• Consent: only where required for specific optional features (e.g. marketing email — we currently do not send these).

We share data only with the providers we need to run the Service:

• Lemon Squeezy — merchant of record for purchases (card data, billing address, tax compliance, invoices). See their privacy notice.
• Amazon Web Services (AWS) — hosting and compute. Files pass through memory on these servers but are not persisted.
• Google Analytics 4 — pseudonymous page-view and event measurement, with IP anonymization enabled. We do not link GA4 with any advertising product. See Google's privacy notice.
• Transactional email provider — delivery of signup, password-reset, receipt, and security-alert emails.
• Error monitoring provider — aggregated error and performance reporting. Request and response bodies are scrubbed before they reach this provider.

We may add or replace processors as the service evolves; this section is updated when we do. Material changes — e.g. adding a new processor with access to personal data — are communicated by email to active customers.

We disclose information to law enforcement only when compelled by a valid legal process and only the minimum necessary. We do not sell or rent personal data to advertisers or data brokers.

• Account data: kept for the life of your account; deleted within 30 days of account closure (except where retention is required by law).
• API request logs (metadata only): retained for 90 days, then deleted.
• Credit ledger: retained for the life of your account plus 7 years for accounting/tax compliance.
• Files: never persisted — released from memory at the end of the request.
• Support emails: retained for 24 months for quality and compliance, then deleted.

We take security seriously and apply industry-standard measures, including:

• All data in transit is encrypted with modern TLS — every page load and every API call.
• Passwords are stored using a modern, salted one-way hashing algorithm; we never see or store the plaintext.
• API keys are stored as cryptographic hashes — the secret is shown only once at creation and cannot be retrieved afterwards.
• Credit accounting is transactional and serialised per account, so concurrent requests cannot double-spend or produce negative balances.
• Each request is processed in an isolated runtime context; file bytes are released from memory the moment the response is sent.
• Internal access follows least-privilege principles, with audit logs for administrative actions.

No service can guarantee perfect security. If you discover a vulnerability, please email support@convertkr.com so we can address it responsibly.

To keep you signed in, we store an authentication token in your browser's localStorage. Clearing your browser storage logs you out. We may use a single first-party cookie to remember preferences (such as a theme choice) and a CSRF token where needed.

We use Google Analytics 4 to understand which pages visitors find useful so we can improve the documentation and onboarding. GA4 sets its own first-party cookies and records pseudonymous events; we've enabled IP anonymization and have not linked it to any advertising product. See Google's privacy notice for details on what GA collects.

When you reach the Lemon Squeezy hosted checkout, Lemon Squeezy sets its own cookies necessary for processing the payment — see their privacy notice.

Depending on where you live, you have some or all of the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to fix inaccurate or incomplete data.
• Deletion — ask us to delete your account and associated data (subject to legal retention obligations).
• Portability — receive your data in a machine-readable format.
• Restriction — ask us to limit how we process your data.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — where we rely on consent, you can withdraw it at any time.
• Lodge a complaint — with your local supervisory authority (EEA/UK) or attorney general (US states with a privacy law).

To exercise any of these rights, email support@convertkr.com from the email address on your account. We respond within 30 days.

If you are a California resident, you have the right to know what personal information we collect, delete it, correct it, and opt out of any "sale" or "sharing" of personal information. We do not sell or share personal information as defined under the CCPA/CPRA.

Our infrastructure is located in the United States and other regions. If you access the Service from outside those regions, your information will be transferred to and processed in countries that may have different data-protection laws. Where required, we rely on Standard Contractual Clauses or equivalent transfer mechanisms to protect your data.

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.

If we make material changes to this Privacy Policy, we will notify active customers by email and update the "Effective date" above. Older versions are available on request.

Privacy questions, requests, or complaints — please email support@convertkr.com or visit our contact page.