Information We Collect

Account Information

When you sign up for StreamOnApi, we ask for basic details to create your account. This includes your email address, company name (if applicable), and a password. We also store your billing information if you're on a paid plan, though payment processing happens through secure third-party providers.

Technical Data

Our systems automatically log certain technical information when you use our API:

• API request patterns and timestamps
• IP addresses and geographic location data
• Device information and browser types
• Error logs and performance metrics
• Authentication tokens and session data

Usage Analytics

We track how you interact with our platform — which endpoints you call most frequently, response times, bandwidth consumption, and feature usage patterns. This helps us understand where to focus our development efforts and spot potential issues before they become problems.

How We Use Your Information

We're not in the business of selling your data. Here's what we actually do with it:

Service Delivery

The primary reason we collect data is to provide you with reliable API services. Your account information lets us authenticate your requests, track your usage against plan limits, and send you important service notifications.

Improvements and Development

Aggregated usage patterns help us identify which features matter most to developers. If we notice certain endpoints are heavily used or causing performance issues, we can prioritize improvements there. This data never includes personally identifiable information in our internal analytics.

Security and Fraud Prevention

We monitor for unusual patterns that might indicate security threats or abuse. For example, if we detect an abnormal spike in API calls from your account, we might temporarily restrict access while we investigate — usually followed by an email to make sure everything's okay.

Data Storage and Security

Your data lives on secure servers in facilities that maintain strict physical and digital security standards. We use industry-standard encryption both in transit (TLS 1.3) and at rest (AES-256). Database access is restricted to essential personnel only, with all actions logged and regularly audited.

Infrastructure Partners

We rely on reputable cloud infrastructure providers with data centers that meet international security certifications. While we can't control their operations entirely, we carefully vet partners and ensure they maintain security standards comparable to our own.

Backup Procedures

Regular backups occur automatically, stored in geographically separate locations. These backups are encrypted and retained for 30 days before secure deletion. In case of system failure, we can restore your data without significant loss.

Sharing and Disclosure

We don't share your personal information with third parties except in these specific situations:

Service Providers

Some operational functions require working with external vendors — payment processors, email delivery services, hosting providers, and analytics tools. These partners only receive the minimum data necessary to perform their specific function and are contractually bound to protect your information.

Legal Requirements

If we receive a valid legal request from authorities (subpoena, court order, or similar), we may be obligated to disclose certain information. We review all such requests carefully and push back on overly broad or inappropriate demands. Where legally permitted, we'll notify you before disclosing your data.

Business Transfers

In the unlikely event of a merger, acquisition, or sale of assets, your information might transfer to the new entity. You'd be notified beforehand, and the new owner would still be bound by this privacy policy unless you're given notice and an opportunity to delete your account.

Your Rights Under Vietnamese Law

StreamOnApi operates in Vietnam and complies with the country's data protection regulations. Vietnamese law grants you several important rights regarding your personal information:

Access and Portability

You can request a copy of all personal data we hold about you. We'll provide this in a structured, machine-readable format (typically JSON) within 30 days. There's no charge for your first request in any 12-month period.

Correction and Updates

Found something inaccurate? You can update most account information directly through your dashboard. For data you can't modify yourself, contact our support team and we'll make the corrections promptly.

Deletion Rights

You can request deletion of your account and associated personal data at any time. We'll process this within 15 days, though some information may be retained in backups for up to 30 days before permanent deletion. Certain records (like payment history) must be kept longer for legal compliance.

Objection and Restriction

If you disagree with how we're processing your data, you have the right to object. Depending on the situation, we might need to stop that processing method or provide justification for why we must continue.

International Data Transfers

While our primary operations are in Vietnam, some of our service providers operate globally. This means your data might occasionally be processed in other countries. When this happens, we ensure appropriate safeguards are in place through standard contractual clauses or other approved mechanisms.

For customers outside Vietnam, please be aware that data protection laws vary by jurisdiction. We apply the same high standards globally, but your local regulations may grant additional rights beyond what Vietnamese law requires.

Cookies and Tracking

Our website uses cookies — small text files stored on your device. Essential cookies keep you logged in and remember your preferences. Analytics cookies help us understand how people use our site so we can make improvements.

What We Track

• Session cookies: Maintain your login state and temporary preferences
• Analytics cookies: Track page visits, time on site, and navigation patterns
• Performance cookies: Monitor site speed and identify technical issues

You can disable cookies through your browser settings, though this might affect how our platform functions. We don't use third-party advertising cookies or sell tracking data to marketers.

Children's Privacy

StreamOnApi is designed for professional developers and businesses. We don't knowingly collect information from anyone under 16. If we discover we've inadvertently gathered data from a minor, we'll delete it immediately. Parents or guardians who believe their child has provided us with personal information should contact us right away.

Data Breach Procedures

Despite our best efforts, no system is completely immune to security incidents. If a breach occurs that might affect your personal information, we'll notify you within 72 hours of discovering it. The notification will explain what happened, what data was involved, and what steps we're taking to address the situation.

We also report significant breaches to relevant Vietnamese authorities as required by law. Our incident response plan includes immediate containment measures, forensic investigation, and system hardening to prevent recurrence.

Changes to This Policy

We update this privacy policy occasionally to reflect new practices or legal requirements. When we make significant changes, we'll email active users and post a notice on our website at least 30 days before the new version takes effect.

The "Last Updated" date at the top shows when the current version was published. Continued use of StreamOnApi after changes take effect means you accept the updated terms. If you disagree with substantial changes, you can close your account before they become binding.

Third-Party Services

Our platform may contain links to external websites or integrate with third-party services. This privacy policy only covers StreamOnApi — we're not responsible for how other companies handle your information. Before providing personal data to any third party, review their privacy practices independently.