Privacy at UApiPro

When you sign up: an email address (used to send the verification code, password resets, and security notices) and an optional display name. Passwords are stored as Argon2 hashes; we never see the plaintext.

When you call the API: the request method, path, status code, response size, and a coarse-grained timestamp are written to a per-key access log. Request bodies, request headers other than X-API-Key, and response bodies are not logged.

When you load the website: minimal first-party analytics (page URL, referrer, viewport size). No third-party cross-site tracking and no advertising cookies.

Per-key access logs: 30 days, then aggregated and the row-level entries are deleted. Account records (email, display name, billing history) are kept while the account is active and for 12 months after deletion to satisfy financial-record obligations, after which they are erased.

We do not sell user data. We share the minimum necessary billing information with our payment processor when you buy a credit pack, and the minimum necessary email metadata with our email provider when we send you a verification code or receipt. We do not share request payloads or call patterns with anyone outside the platform.

You can delete your account from the console at uapis.cn/console. You can request a data export by emailing support@uapis.cnwith the subject line “Data export”. We aim to respond to access, correction, and deletion requests within 30 days.

AI agents calling the API on a user's behalf are bound by the same terms as human users: do not store API keys client side, do not log credentials in transcripts, surface our error messages verbatim. See /AGENTS.md.