Legal
Privacy Policy
Last updated: March 14, 2026
This Privacy Policy explains how toAPI collects, uses, and protects information when you use our website, APIs, Console, and related services.
Information We Collect
We collect different types of information depending on how you interact with toAPI.
Information you provide
When you submit a form, request a demo, join a waitlist, or contact us, we may collect information such as:
- Name
- Email address
- Phone number
- Company name
- Job title
- Messages or inquiries
Account information
When you create a toAPI account, we may store information associated with your account, including:
- Name
- Email address
- Account identifiers
- Workspace or tenant information
- Account creation timestamps
Technical and usage information
We may collect technical and operational data to operate the platform, including:
- IP address (which may be hashed)
- Browser and device information
- API usage metadata
- Workflow execution logs
- Error logs and request metrics
Google Sign-In
toAPI allows users to sign in using their Google account through the standard OpenID Connect authentication flow.
When you use Google Sign-In, we may receive basic profile information from Google such as:
- Google account identifier (sub)
- Email address
- Email verification status
- Display name
- Profile image URL
- Locale
This information is used only to authenticate users and create or link their toAPI account.
toAPI does not request access to Gmail, Google Drive, Google Calendar, or other Google data.
How We Use Information
We use collected information to operate and improve the toAPI platform, including to:
- Create and manage user accounts
- Provide authentication and access control
- Operate APIs and workflow infrastructure
- Improve platform reliability and performance
- Respond to support requests and inquiries
- Communicate product updates and service notices
- Detect abuse, fraud, or security incidents
We do not sell personal data.
Data Sharing
toAPI does not sell or rent personal information.
We may share limited information with service providers that help us operate the platform, such as infrastructure hosting, authentication services, or operational monitoring tools.
These providers process information only to support the operation of the service.
Data Security
We implement technical and organizational safeguards designed to protect the information processed by our platform.
These measures may include secure communication (HTTPS), infrastructure access controls, monitoring, and audit logging.
However, no system can guarantee absolute security.
Data Retention
We retain information only for as long as necessary to operate the service, comply with legal obligations, resolve disputes, and enforce agreements.
Lead and account information may be retained to maintain service functionality and track product usage.
Your Rights
Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict the processing of your personal data.
Requests related to personal data may be sent to:
Changes to this Policy
We may update this Privacy Policy periodically to reflect changes in the service, legal requirements, or operational practices.
When updates occur, the "Last updated" date at the top of this page will be revised.
Contact
If you have questions about this Privacy Policy, you can contact us at: