REGIME
Docs Pricing Track Record Assets Blog

Privacy Policy

Effective Date: March 1, 2026

This Privacy Policy describes how Regime Intelligence ("Company", "we", "us") collects, uses, and protects your personal information when you use our API and related services ("Service").

1. Information We Collect

Account Information

  • Email address — required for account creation and communication.
  • Name — provided during registration for account identification.

Usage Data

  • API usage logs — endpoint called, timestamp, response status, and tier. Used for rate limiting, billing, and service improvement.
  • IP addresses — collected for rate limiting, abuse prevention, and security monitoring. Not used for tracking or advertising.
  • User agent strings — collected with API requests for debugging and compatibility purposes.

Payment Information

  • Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other financial instrument data on our servers. We receive only a confirmation of payment status and subscription tier from Stripe.

What We Do NOT Collect

We want to be explicit about the data we never collect or store:

  • Trading data or transaction history
  • Portfolio holdings or account balances
  • Wallet addresses or private keys
  • Exchange API keys or credentials
  • Personal financial information beyond subscription billing
  • Location data (beyond IP-based country for compliance)
  • Cookies for advertising or cross-site tracking

2. How We Use Your Data

  • Service delivery — authenticating API requests, enforcing rate limits, delivering data to your applications.
  • Billing — processing subscription payments, managing tier upgrades/downgrades, sending invoices.
  • Usage analytics — understanding API usage patterns to improve performance and plan capacity.
  • Communication — sending service announcements, security alerts, billing notifications, and onboarding emails. We do not send marketing emails without your explicit consent.
  • Security — detecting abuse, preventing unauthorized access, and protecting the integrity of the Service.

3. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe (stripe.com) — Payment processing. Stripe's privacy policy governs payment data handling. Stripe Privacy Policy.
  • Resend (resend.com) — Transactional email delivery (account confirmations, API key notifications). Resend Privacy Policy.
  • Cloudflare (cloudflare.com) — CDN, DDoS protection, and TLS termination. Cloudflare processes request metadata (IP, headers) for security. Cloudflare Privacy Policy.
  • Plausible Analytics (plausible.io) — Privacy-focused, cookie-free website analytics. No personal data is collected. Plausible Data Policy.

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

4. Data Retention

  • API usage logs: Retained for 90 days, then automatically deleted.
  • Account data: Retained until you request account deletion.
  • Payment records: Retained as required by tax and accounting regulations (typically 7 years), managed by Stripe.
  • Security logs (IP addresses): Retained for 30 days for abuse detection.

5. Your Rights

Regardless of your location, we provide the following rights to all users:

Right to Access

You can request a copy of all personal data we hold about you. We will provide this in a structured, machine-readable format (JSON) within 30 days.

Right to Deletion

You can request deletion of your account and all associated personal data. Upon request, we will:

  • Delete your account and API keys immediately.
  • Delete usage logs within 30 days.
  • Retain only data required by law (e.g., payment records for tax compliance).

Right to Export

You can request an export of your data in JSON format, including your account information and usage statistics.

Right to Correction

You can request correction of any inaccurate personal data we hold about you.

Right to Object

You can opt out of non-essential communications at any time by contacting us or using the unsubscribe link in any email.

6. Data Security

We implement the following security measures to protect your data:

  • All API communication is encrypted via HTTPS/TLS.
  • API keys are hashed before storage — we cannot retrieve your original key after issuance.
  • Database access is restricted and not exposed to the public internet.
  • Infrastructure is protected by Cloudflare's DDoS mitigation and WAF.

For full details on our security practices, see our Security page.

7. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. By using the Service, you consent to this transfer.

8. Children's Privacy

The Service is not intended for use by anyone under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email at least 14 days before they take effect. The "Effective Date" at the top of this page indicates the latest revision.

10. Contact Us

For privacy-related requests, questions, or data access/deletion requests, contact:

Regime Intelligence
Gunnar Thorderson, Data Controller
Email: [email protected]

We will respond to all data requests within 30 days.

Regime — Crypto Market Intelligence · Terms · Privacy · Security · Contact