Privacy Policy

Your privacy is important to us. Learn how we handle your data.

Quick navigation

1. Scope and Controller

This Policy applies to all interactions with the apiario.dev website, the Apiário Dev API (api.apiario.dev), the management dashboard, and related services. The data controller is N. D. DA SILVA - ASSESSORIA E TREINAMENTO, CNPJ 48.732.178/0001-53 (Brazilian tax ID).

2. Data Collection Channels

We only collect information necessary for the service, sourced from:

  • Registration: email and name provided when creating an account;
  • User content: prompts, texts, and files sent via API or dashboard;
  • Technical logs: IP address, timestamp, token count, approximate geolocation;
  • Cookies: strictly necessary cookies for authentication and load balancing;
  • Support records: interactions with our support channel;
  • Payment processors: transaction data via PIX and credit card (processed by Mercado Pago).

We do not use public databases or process sensitive data or data from individuals under 18.

3. Retention

  • Account data: while the account is active, plus 5 years after closure;
  • User content: we do not retain prompt content. Inputs are solely forwarded to the chosen AI model provider and are not stored on our servers;
  • Technical logs: 18 months;
  • Financial records: 10 years, as required by Brazilian tax law.
  • Contract performance: to provide the contracted service (Brazilian LGPD, art. 7, V);
  • Legitimate interest: for fraud prevention, platform security, and experience improvement (LGPD, art. 7, IX);
  • Legal obligation: to comply with tax, accounting, and regulatory requirements (LGPD, art. 7, II);
  • Consent: when required, such as for analytical cookies or marketing communications (LGPD, art. 7, I).

5. Purposes of Use

We use the collected data exclusively to:

  • Operate, maintain, and improve the LLM aggregation services;
  • Measure token consumption and bill accurately in Brazilian Real (BRL);
  • Provide technical support and send administrative communications;
  • Develop new features without using user content to retrain models (unless with express user opt-in agreement);
  • Comply with legal, tax, or judicial obligations.

6. Sharing

Data is shared only with:

  • Service providers under confidentiality (e.g., Mercado Pago for payments, Mailgun for transactional emails);
  • AI model providers (OpenAI, Anthropic, Google, DeepSeek, Maritaca, and others) — only the content strictly necessary for the API call, in accordance with each AI Model’s Terms;
  • Legal authorities, when required by law or court order;
  • Corporate successors, with equivalent protection levels.

External links have their own policies, and we are not responsible for them.

7. Cookies

We use only first-party cookies:

  • Strictly necessary cookies: for platform authentication and load balancing — essential for operation;
  • Optional analytical cookies: for anonymized usage metrics (up to 12 months);
  • Functional cookies: for language preference (up to 6 months).

We do not use third-party cookies. Users can manage preferences via the cookie banner or browser settings, noting that refusing essential cookies may affect service functionality.

8. Security

We apply technical and organizational measures aligned with industry standards:

  • TLS 1.2+ encryption in transit and AES-256 at rest;
  • Role-based access control (RBAC);
  • Logical separation of environments (development, staging, production);
  • Continuous monitoring and periodic security testing;
  • Individual API keys with limited scope and revocable at any time.

9. Disposal

Once retention periods expire, data is anonymized or securely destroyed, unless otherwise required by law.

10. Data Subject Rights

Under the Brazilian LGPD, you have the right to:

  • Confirm the existence of data processing;
  • Access your data;
  • Correct incomplete, inaccurate, or outdated data;
  • Request anonymization, blocking, or deletion of unnecessary or excessive data;
  • Port your data to another service provider;
  • Delete data processed with consent;
  • Obtain information about data sharing;
  • Revoke consent at any time;
  • Object to processing based on legitimate interest;
  • Request review of automated decisions.

To exercise your rights, contact us via the email below. We may request identity validation and inform you of any inability to fulfill requests protected by legal obligation or trade secrets, always with justification.

11. International Transfers

When we use cloud infrastructure or AI providers outside Brazil, we ensure protection equivalent to Brazilian law through standard contractual clauses or adequacy verification.

12. Children and Adolescents

Our services are intended for individuals aged 18 and over. Data from individuals under 18 identified on our platform will be immediately removed.

13. Changes

Material changes to this policy will be communicated with 30 days’ advance notice by email or in-product notification. Previous versions will remain available for consultation upon request. Continued use of the service after this period constitutes acceptance of the changes.

14. Contact

To exercise your rights or clarify questions about this policy:

Email: contato@apiario.dev

Controller: N. D. DA SILVA - ASSESSORIA E TREINAMENTO
CNPJ: 48.732.178/0001-53

15. Version History

  • May 24, 2026 (this version)