Skip to main content

Privacy Policy

Last Updated: December 2024

Carapis ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automotive data platform and API services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, company name, billing information
  • API Usage Data: API keys, request logs, usage statistics
  • Communication Data: Support tickets, feedback, and correspondence

1.2 Automatically Collected Information

  • Usage Data: API endpoints accessed, request/response data, error logs
  • Device Information: IP address, browser type, operating system
  • Analytics Data: Page views, session duration, referral sources

1.3 Data We Process for You

  • Vehicle Data: Automotive listings, pricing, specifications extracted via our parsers
  • This data belongs to you and is processed on your behalf

2. How We Use Your Information

We use collected information to:

  • Provide and maintain our API services
  • Process transactions and send billing information
  • Improve service quality and develop new features
  • Respond to support requests and communicate updates
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. Data Sharing and Disclosure

We DO NOT sell your personal data. We may share information with:

3.1 Service Providers

  • Payment processors (Stripe)
  • Cloud infrastructure providers (AWS, Google Cloud)
  • Analytics services (Google Analytics)
  • Customer support tools
  • To comply with legal obligations
  • To respond to valid legal requests
  • To protect our rights and safety

3.3 Business Transfers

  • In connection with mergers, acquisitions, or asset sales

4. Data Security

We implement industry-standard security measures:

  • Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication
  • Monitoring: 24/7 security monitoring and incident response
  • Compliance: SOC 2 Type II, GDPR, CCPA compliance

5. Data Retention

  • Account Data: Retained while your account is active + 90 days after closure
  • API Logs: Retained for 90 days for operational purposes
  • Billing Data: Retained for 7 years for tax and legal compliance
  • Processed Vehicle Data: Retained per your instructions or 30 days by default

6. Your Rights

Depending on your location, you may have the right to:

  • Access: Request copies of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications

To exercise these rights, contact: info@carapis.com

7. International Data Transfers

We process data in multiple regions:

  • Primary servers: EU (GDPR compliant)
  • Backup servers: US, Asia (with appropriate safeguards)
  • We use Standard Contractual Clauses for EU data transfers

8. Cookies and Tracking

We use cookies for:

  • Essential: Authentication, security
  • Analytics: Usage statistics (Google Analytics)
  • Preferences: Language, theme settings

You can control cookies through your browser settings.

9. Children's Privacy

Our services are not intended for users under 16. We do not knowingly collect data from children.

Our platform may contain links to third-party websites. We are not responsible for their privacy practices.

11. GDPR Compliance (EU Users)

For EU users:

  • Legal Basis: Contract performance, legitimate interests, consent
  • Data Protection Officer: info@carapis.com
  • Supervisory Authority: Contact your local data protection authority

12. CCPA Compliance (California Users)

California residents have additional rights:

  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sales (we don't sell data)
  • Right to non-discrimination

13. Changes to This Policy

We may update this policy periodically. We'll notify you of material changes via:

  • Email notification
  • Notice on our website
  • Dashboard notification

Continued use after changes constitutes acceptance.

14. Contact Us

Questions about this Privacy Policy?

Email: info@carapis.com Support: info@carapis.com Address: [Your Company Address] DPO: info@carapis.com

Data Processing Agreement

Enterprise clients can request a Data Processing Agreement (DPA) for GDPR compliance.

Transparency Report

We publish annual transparency reports on government data requests.

This privacy policy is effective as of the date listed above and applies to all users of Carapis services.

TelegramWhatsAppContact