Privacy Policy
We are committed to protecting your privacy and being transparent about how we handle your data.
Last updated: December 12, 2025
Api.Airforce, a product of Deloxity, LLC, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your information when you access our website, dashboard, and APIs.
1. Information We Collect
We collect the following types of information:
- Account details (username, hashed password, subscription plan)
- API keys and authentication tokens
- IP addresses for security, fraud prevention, and analytics
- Model usage statistics and request logs
- Payment and subscription details (via Creem)
2. How We Use Your Information
Your data is used to:
- Provide access to our API services
- Authenticate and secure your account
- Enforce rate limits and prevent abuse
- Improve and maintain the platform
- Process payments and manage subscriptions
- Comply with legal obligations
3. Data Storage and Retention
All data is stored securely and retained only as long as necessary for the purposes outlined in this policy. Analytics such as request logs and IPs are retained for operational and security purposes.
We employ industry-standard security practices including encryption at rest and in transit, secure authentication protocols, and regular security audits.
4. Third-Party Services
We use trusted providers such as Creem for payment processing. Your payment details are never stored on our servers.
AI model outputs and requests may be processed by third-party model providers according to their own terms and policies. We use Google Analytics 4 with Consent Mode v2 — for EU/EEA/UK/CH visitors no analytics cookies are set until you opt in via the consent banner. We also display advertising provided by Google AdSense and partner ad networks. For full details on advertising cookies, personalisation, and your choices, see Section 4a — Advertising and Ad Cookies.
4a. Advertising and Ad Cookies
We display advertising on the Free-tier Dashboard via Google AdSense. Advertising support keeps the free tier sustainable. We do not display ads on public marketing pages.
Google and its certified partner ad networks may set or read cookies on your device to (a) deliver and measure ads, (b) detect fraud and invalid traffic, (c) personalise ads based on your prior visits to this site and partner sites. In the EU/EEA/UK/Switzerland we use Google's Consent Management Platform (FundingChoices, IAB TCF v2.2 compliant) — no advertising cookies are set until you click "Allow" on the consent banner.
You can opt out of personalised advertising at any time:
- Visit Google Ads Settings to manage Google's use of cookies for personalised ads.
- Visit YourAdChoices to opt out of partner-network ad personalisation (US).
- Visit Your Online Choices for EU-resident opt-out.
- Re-open our consent banner at any time via the "Privacy Settings" link in the footer to withdraw your consent.
5. Your Rights
You have the right to access, correct, or delete your personal data. For any privacy-related inquiries, contact us at [email protected]
6. International Data Protection Compliance
Api.Airforce operates in compliance with international data protection regulations:
General Data Protection Regulation (GDPR) (EU) 2016/679. Our data processing is based on lawful grounds such as consent (Art. 6(1)(a)), contract performance (Art. 6(1)(b)), and legitimate interests (Art. 6(1)(f)).
California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA). California residents have rights under Cal. Civ. Code §§ 1798.100–1798.199, including the right to opt-out of data sales.
Personal Information Protection Law (PIPL), Cybersecurity Law, and Data Security Law. Cross-border data transfers comply with Chapter 3 of the PIPL.
Federal Law No. 152-FZ on Personal Data. Personal data of Russian citizens is processed in compliance with local data storage and localization requirements.
6a. International Data Transfers
Some processors (Google LLC, Creem) are based outside the EEA. Transfers rely on the EU-US Data Privacy Framework adequacy decision (Google LLC) and Standard Contractual Clauses (Module 2 or 3) for any remaining gaps. A copy of the SCCs is available upon request at [email protected].
6b. Children's Privacy
Our services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us data, contact [email protected] and we will delete it without undue delay.
7. Your Rights Under Applicable Laws
Depending on your jurisdiction, you may have the following rights:
- Right to access and obtain a copy of your personal data (GDPR Art. 15, CCPA §1798.100)
- Right to rectification (GDPR Art. 16, PIPL Art. 46)
- Right to erasure ("right to be forgotten") (GDPR Art. 17, CCPA §1798.105, PIPL Art. 47)
- Right to restrict or object to processing (GDPR Arts. 18–21, PIPL Arts. 44–45)
- Right to data portability (GDPR Art. 20, CCPA §1798.130)
- Right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal (GDPR Art. 7(3))
- Right to object to direct marketing and to processing based on legitimate interests (GDPR Art. 21)
To exercise your rights, contact us at [email protected]. We will respond within the timelines required by law in your jurisdiction.
7a. Right to Lodge a Complaint
EU/EEA residents have the right under Art. 77 GDPR to lodge a complaint with a supervisory authority — in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement. Find your local Data Protection Authority via the EDPB members directory.
8. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in technology, law, or our operational practices. Significant changes will be communicated as required by applicable laws.
9. Contact Information
Dover, DE 19904
United States
For privacy inquiries: [email protected]