Privacy Policy
IPWHO PRIVACY POLICY (v2.2)
Last Updated: 2025-11-02
1. DATA WE COLLECT
We collect the following information:
- Account details (name, email, company)
- API usage metadata
- End-user IPs submitted by customers
- Billing information processed by third-party providers
2. PURPOSES
We use this data to:
- Deliver and operate the API
- Prevent fraud and abuse
- Support and diagnostics
- Improve performance
- Legal compliance
3. WE DO NOT SELL PERSONAL DATA
We do not sell, rent, or trade personal data.
4. DATA MINIMISATION
We store only the minimum IP metadata necessary to deliver the Service.
5. GDPR LAWFUL BASES
Our lawful bases for processing are:
- Contract
- Legitimate interests
- Consent where required
- Legal obligations
6. RIGHTS
Depending on your location, you have the following rights:
- EU/UK: access, deletion, correction, portability, objection.
- US (CCPA/CPRA): access, deletion, correction.
- AU: access & correction.
7. TRANSFERS
We use Standard Contractual Clauses where required.
8. RETENTION
- Logs: Retained 30–90 days.
- Account/billing data: Retained as required by law.
9. SECURITY
We employ the following security measures:
- TLS encryption
- Access controls
- Monitoring
- Structured retention