Privacy Policy

Last updated: February 2026

1. Information We Collect

When you register for TaxoAI, we collect your email address and account name. When you use our API, we process the product data you send (name, description, images, language) solely to provide our classification and SEO generation services. We also collect standard usage data including IP addresses, request timestamps, and API usage metrics.

2. How We Use Your Data

We use your data to: provide and improve our API services, enforce rate limits and usage quotas, send transactional emails (usage alerts, billing), cache results to improve performance (30-day TTL), and generate anonymous usage statistics. We do NOT sell your data. We do NOT use your product data to train AI models.

3. Data Storage & Security

Your data is stored on encrypted servers (PostgreSQL + Redis) with TLS in transit and AES-256 at rest. API keys are hashed using bcrypt before storage. We use industry-standard security practices including regular security audits, automated vulnerability scanning, and strict access controls.

4. Data Retention

Cached product results are automatically deleted after 30 days. Account data is retained for the lifetime of your account. Upon account deletion, all associated data (API keys, usage history, cached results) is permanently deleted within 30 days.

5. Third-Party Services

We use OpenAI's API (GPT-4o) to process product data for classification and SEO generation. Product data sent to OpenAI is subject to their data processing terms. We do NOT allow OpenAI to use your data for model training. We also use standard cloud infrastructure providers (servers, databases, CDN).

6. Your Rights (GDPR)

You have the right to: access your personal data, request data correction or deletion, export your data, withdraw consent at any time, and lodge a complaint with a supervisory authority. To exercise these rights, reach out through our contact page.

7. Cookies & Analytics

Our website uses Umami Analytics, a privacy-focused analytics tool that does not use cookies for tracking. We request consent before loading analytics scripts. Our API does not use cookies. We do not use third-party tracking cookies or advertising cookies.

8. Changes to This Policy

We may update this policy occasionally. Significant changes will be communicated via email to registered users. The "Last updated" date at the top of this page indicates when the policy was last revised.

9. Contact

For privacy-related questions or requests, reach out through our contact page.