Privacy Policy

APlicious (“we”, “us”, “the platform”) is operated by Mahesh Naidu. This Privacy Policy explains what data we collect when you use APlicious, how we use it, and the choices you have. By creating an account or using our API, you agree to the practices described here.

We collect the minimum data required to operate the platform reliably and securely:

• API keys — generated on your behalf when you sign up or create a new key in your dashboard.
• Usage logs — endpoint called, timestamp, IP address, and response time for every request made with your key.
• Account email — used for authentication and service notifications.
• Documents uploaded to /rag — if you use the /rag namespace (Growth plan and above), the text content you upload is stored, split into chunks, and converted into vector embeddings to power search and Q&A over your own documents. See Section 5 for how this data is processed by OpenAI.

Your data is used strictly to operate and improve the platform:

• Enforcing rate limits and monthly quotas tied to your plan tier.
• Billing — calculating usage-based charges and generating invoices.
• Abuse prevention — detecting credential sharing, scraping, and anomalous traffic patterns.
• Usage analytics — shown back to you in your own dashboard so you can monitor your own consumption. We do not sell or share this data with third parties for marketing purposes.

Usage logs (endpoint, timestamp, IP address, response time) and account data (email, billing history, API keys) are retained for as long as your account is active, and are deleted upon a verified deletion request as described in Section 6. Documents uploaded to /rag and their derived embeddings are retained until you delete them from your dashboard or delete your account, whichever happens first.

We rely on a small number of trusted infrastructure providers to operate APlicious. Each processes data strictly on our behalf:

• Supabase — primary database (accounts, API keys, usage records) and authentication, including signup confirmation and password-reset emails.
• Upstash — Redis-backed rate limiting and request counters.
• Razorpay — payment processing. Razorpay is PCI-DSS compliant; APlicious never stores your card details.
• Vercel — application hosting and edge delivery.
• Resend — transactional email for contact and support requests.
• OpenAI — if you use the /rag namespace, the text you upload and your queries are sent to OpenAI's API to generate vector embeddings and answers. By default, OpenAI does not use API inputs or outputs to train its models, and retains this data for up to 30 days for abuse monitoring before deletion.

You have the right to access, correct, or delete your personal data at any time. To exercise any of these rights, contact us at support@predintel.zohodesk.in and we will respond within a reasonable timeframe, consistent with applicable law.

APlicious uses session-only cookies strictly to keep you signed in to your dashboard. We do not use tracking pixels, third-party advertising cookies, or cross-site analytics cookies.

We process personal data in accordance with the EU General Data Protection Regulation (GDPR) for users in the European Economic Area, and India's Digital Personal Data Protection Act (DPDP), 2023, for users in India. This includes lawful basis for processing, data minimization, and honoring access/deletion requests as described above.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. Material changes will be communicated via email or a notice on the dashboard before they take effect.

Questions about this policy or your data can be directed to support@predintel.zohodesk.in.