Legal Document

Privacy Policy

Effective date: June 1, 2025  ·  Last updated: June 1, 2025

This Privacy Policy explains how colunrn collects, uses, and protects information about you when you access our API key management platform and related services.

1

Data We Collect

  • Account data: name, email address, and password hash when you register.

  • Usage data: API key activity logs, request timestamps, IP addresses, and browser/device metadata.

  • Billing data: payment method details processed and stored by our PCI-compliant payment processor; we do not store raw card numbers.

2

How We Use Your Data

  • To provide, operate, and improve the colunrn platform and its API key management features.

  • To send transactional emails (account confirmation, security alerts, invoices) and, where you have opted in, product updates.

  • To detect fraud, abuse, and security incidents, and to comply with applicable law.

3

Cookies & Tracking

  • We use strictly necessary cookies to maintain your authenticated session.

  • With your consent, we set analytics cookies (first-party) to understand feature usage and improve the product.

  • You may manage or withdraw cookie consent at any time via our cookie preference centre or your browser settings.

4

Third-Party Sharing

  • We share data only with sub-processors required to operate the service (cloud hosting, payment processing, transactional email delivery).

  • We do not sell, rent, or trade your personal data to advertisers or data brokers.

  • All sub-processors are contractually bound to process data solely on our instructions and under adequate safeguards.

5

Your Rights (GDPR & CCPA)

  • You have the right to access, correct, export, or delete your personal data at any time.

  • EU/EEA residents may object to or restrict processing and lodge a complaint with their supervisory authority.

  • California residents may request disclosure of categories of data collected and opt out of any sale of personal information (we do not sell data).

6

Data Retention

  • Account data is retained for the duration of your subscription and deleted within 90 days of account closure.

  • API activity logs are retained for up to 12 months for security and auditing purposes, then purged.

7

Security

  • All data in transit is encrypted via TLS 1.2+; data at rest is encrypted using AES-256.

  • Access to production systems is restricted by role-based controls and multi-factor authentication.

  • We conduct regular security reviews and respond to vulnerability disclosures via [email protected].

8

Children's Privacy

  • colunrn is not directed at individuals under 16 years of age.

  • We do not knowingly collect personal data from children. If we become aware of such collection, we will delete it promptly.

9

Changes to This Policy

  • We may update this Privacy Policy periodically. Material changes will be communicated via email or an in-app notice at least 14 days before they take effect.

  • Continued use of the service after the effective date constitutes acceptance of the revised policy.

10

Contact & Data Controller

  • Data Controller: colunrn, Inc., 340 Pine Street, Suite 800, San Francisco, CA 94104, USA.

  • Privacy enquiries: [email protected] — we aim to respond within 30 days.

Questions about this policy?

Reach our privacy team at [email protected]. We are committed to responding within 30 calendar days.

colunrn

API keys, fully under control. Manage, rotate, audit, and secure every key across your infrastructure from one unified platform.

[email protected]+1 415 000 0000548 Market St, San Francisco, CA 94104

Stay in the loop

Get product updates, security advisories, and developer tips delivered to your inbox. No spam, unsubscribe anytime.

By subscribing you agree to our Privacy Policy.

© 2026 colunrn Inc. All rights reserved.

SOC 2 Type IIGDPR Ready99.9{2ebf1f57190024323518be5b2d4bf8fde7bbf270a678249482126c4b900327f3} Uptime