Privacy Policy

Last updated: March 18, 2026

1. Introduction

Road511, owned and operated by Roman Kotenko ("we", "us", "our"), respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Road511 API, website, developer portal, and related services (the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Name
• Company name (optional)
• Password (stored as a bcrypt hash; we never store plaintext passwords)

2.2 API Usage Data

When you use the API, we automatically collect:

• API key identifier (hashed; we do not store your full API key)
• Request endpoints and timestamps
• Daily request counts per endpoint
• IP address (for rate limiting; not stored long-term)

2.3 Payment Information

Payment processing is handled entirely by Paddle.com, our merchant of record. We do not collect, store, or have access to your credit card number, bank account details, or other payment instruments. Paddle may share with us:

• Paddle customer ID and subscription ID
• Subscription status and plan information
• Transaction history (amounts and dates)

2.4 Website Analytics

We may use basic server-side analytics (access logs) to understand traffic patterns. We do not use third-party tracking cookies or advertising pixels.

3. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Authenticate your API requests
• Enforce rate limits and quotas per your subscription plan
• Process billing and manage subscriptions (via Paddle)
• Send transactional emails (account verification, password reset, billing notices)
• Monitor and improve Service reliability and performance
• Respond to support requests
• Detect and prevent abuse or unauthorized access

4. What We Do NOT Do

• We do not sell your personal information to third parties
• We do not share your data with advertisers
• We do not use tracking cookies or third-party analytics scripts
• We do not profile you for marketing purposes
• We do not store your full API keys (only SHA-256 hashes)

5. Data Sharing

We share your information only with:

• Paddle.com — our payment processor and merchant of record, for billing and subscription management
• Email service provider — for sending transactional emails (account verification, billing notices)
• Law enforcement — if required by law, court order, or legal process

We do not share your data with any other third parties.

6. Data Retention

• Account data: Retained while your account is active. You can request deletion at any time.
• API usage logs: Aggregated daily usage statistics are retained for up to 12 months. Individual request logs are not stored.
• Application logs: Error and warning logs are automatically pruned after 7 days.
• Deleted accounts: Account data is permanently deleted within 30 days of a deletion request.

7. Data Security

We implement appropriate technical measures to protect your data:

• All API and website traffic is encrypted via HTTPS/TLS
• Passwords are hashed with bcrypt
• API keys are stored as SHA-256 hashes (the full key is shown only once at creation)
• Database access is restricted and authenticated
• Webhook payloads are signed with HMAC-SHA256

8. Your Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct inaccurate information via the developer portal
• Deletion: Request deletion of your account and associated data
• Export: Request an export of your usage data
• Objection: Object to processing of your data for specific purposes

To exercise these rights, contact us at [email protected].

9. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children.

10. International Data

The Service is operated from servers located in North America. By using the Service, you consent to the transfer and processing of your data in this jurisdiction.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the website. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy-related questions or requests, contact us at [email protected].