Privacy Policy

May 29, 2025

1. Introduction

Welcome to SteamApis ("we," "us," "our," or "the Service"), operated by [Company Name] ("Company"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website steamapis.com and use our API services.

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, please do not access or use our Service.

2. Information We Collect

2.1. Information You Provide Directly

We collect information you voluntarily provide when you:

  • Create an account or register for our services
  • Subscribe to our API plans
  • Contact our support team
  • Participate in surveys or feedback requests
  • Update your account settings or profile

Account Information:

  • Email address
  • Username
  • First name and last name
  • Phone number (optional)
  • Address, state, province, ZIP/postal code, city (optional)
  • Country information
  • Username and password (for email registration)

Payment Information:

  • Billing address and payment details (processed securely through our payment processors)
  • Subscription preferences and billing history

2.2. Information from Third-Party Authentication

When you use social login options, we may collect:

Steam Authentication:

  • Steam Profile Picture
  • Steam64Id and Steam32Id
  • Public Steam profile information
  • Steam username

Google Authentication:

  • Google account email address
  • Name associated with your Google account
  • Profile picture (if public)

Discord Authentication:

  • Discord username and discriminator
  • Discord email address
  • Avatar image

2.3. Information We Collect Automatically

Usage Information:

  • API requests made and endpoints accessed
  • Request frequency and usage patterns
  • Response times and error logs
  • Feature usage and interaction data
  • Account activity and login timestamps

Device and Technical Information:

  • IP address and geolocation data
  • Browser type, version, and settings
  • Operating system and device information
  • Screen resolution and device identifiers
  • Mobile device unique ID (when applicable)
  • Network connection information

Website Analytics:

  • Pages visited on our website
  • Time spent on pages and sections
  • Referral sources and search terms
  • Click patterns and navigation paths
  • Date and time of visits

2.4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Enable core functionality like user authentication and session management
  • Analytics Cookies: Understand how users interact with our service through Google Analytics
  • Performance Cookies: Monitor API performance and optimize our services
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

3. How We Use Your Information

3.1. Service Provision

We use your information to:

  • Provide access to our API services and features
  • Process your subscription and manage billing
  • Authenticate your identity and maintain account security
  • Monitor API usage and enforce rate limits
  • Deliver customer support and respond to inquiries
  • Process payments and manage refunds

3.2. Service Improvement

We analyze usage data to:

  • Improve API performance and reliability
  • Develop new features and enhance existing ones
  • Optimize our website and user experience
  • Identify and fix technical issues
  • Understand user needs and preferences

3.3. Communication

We may use your contact information to:

  • Send service-related notifications and updates
  • Communicate about your account or subscription
  • Provide technical support and assistance
  • Send important policy or terms updates
  • Notify you about planned maintenance or service disruptions

3.4. Legal and Security

We process information when necessary to:

  • Comply with legal obligations and court orders
  • Protect our rights and prevent fraud or abuse
  • Enforce our Terms of Service
  • Investigate security incidents
  • Maintain the integrity of our services

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services and fulfill our contractual obligations
  • Legitimate Interests: Improving our services, preventing fraud, and maintaining security
  • Consent: Where you have provided explicit consent (e.g., for marketing communications)
  • Legal Obligations: Compliance with applicable laws and regulations

5. Information Sharing and Disclosure

5.1. We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5.2. Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Payment Processing: Secure handling of billing and subscription management
  • Cloud Infrastructure: Hosting and data storage services
  • Analytics Services: Google Analytics for website performance insights
  • Customer Support: Help desk and communication tools
  • Security Services: Fraud detection and prevention

These providers are contractually bound to protect your information and use it only for specified purposes.

5.3. Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes, subpoenas, or court orders
  • Respond to lawful requests from government authorities
  • Protect our rights, property, or safety
  • Investigate potential violations of our Terms of Service
  • Prevent fraud or other illegal activities

5.4. Business Transfers

In the event of a merger, acquisition, or sale of our business, your information may be transferred to the new owner, subject to the same privacy protections.

6. Data Security

6.1. Security Measures

We implement comprehensive security measures to protect your information:

  • Encryption: Data transmitted between your device and our servers is encrypted using industry-standard protocols
  • Access Controls: Strict limitations on who can access personal data within our organization
  • Regular Audits: Periodic security assessments and vulnerability testing
  • Secure Infrastructure: Protected servers and databases with regular security updates
  • Authentication: Multi-factor authentication for administrative access

6.2. Data Breach Response

In the unlikely event of a data breach:

  • We will investigate and contain the incident immediately
  • Affected users will be notified within 72 hours where required by law
  • We will cooperate with relevant authorities as needed
  • Steps will be taken to prevent future incidents

6.3. Limitations

While we use industry-standard security measures, no system is completely secure. We cannot guarantee absolute security of your information transmitted over the internet.

7. Data Retention

7.1. Account Data

  • Active Accounts: Personal information is retained while your account remains active
  • Closed Accounts: Data is retained for up to 90 days after account closure for support purposes
  • Legal Requirements: Some data may be retained longer to comply with legal obligations

7.2. Usage and Analytics Data

  • API Logs: Usage logs are retained for up to 2 years for service optimization and support
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely
  • Financial Records: Billing and payment data retained as required by tax and accounting laws

7.3. Deletion Requests

You can request deletion of your personal data at any time, subject to legal retention requirements and ongoing contractual obligations.

8. Your Privacy Rights

8.1. GDPR Rights (EU Residents)

Under the GDPR, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing

8.2. Additional Rights

Regardless of location, you can:

  • Update your account information at any time
  • Opt out of non-essential communications
  • Request information about our data practices
  • File complaints with relevant supervisory authorities

8.3. Exercising Your Rights

To exercise any of these rights:

  • Email us at [privacy@steamapis.com]
  • Use the privacy controls in your account settings
  • Contact our support team with your request

We will respond to valid requests within 30 days (or as required by applicable law).

9. International Data Transfers

9.1. Global Operations

As a global service, we may transfer and process your data in countries other than your country of residence. This includes transfers to countries that may not have the same data protection standards as your home country.

9.2. Safeguards for Transfers

When transferring data internationally, we ensure appropriate safeguards through:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions where applicable
  • Other legally approved transfer mechanisms
  • Due diligence on the privacy practices of our service providers

10. Children's Privacy

10.1. Age Restrictions

Our Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 without parental consent.

10.2. Parental Rights

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to remove such information and terminate the child's account.

11. Third-Party Services

11.1. External Links

Our Service may contain links to third-party websites or services. This Privacy Policy does not apply to these external sites. We encourage you to review the privacy policies of any third-party services you access.

11.2. Integration Partners

When you use third-party authentication (Steam, Google, Discord), their privacy policies also apply to the information they collect and share with us.

11.3. Steam Data

Our Service accesses publicly available Steam data through web scraping and public APIs. We are not responsible for Steam's data practices or privacy policies.

12. Marketing and Communications

12.1. Service Communications

We may send you essential service-related communications that are necessary for account management and service delivery. These cannot be opted out of while maintaining an active account.

12.2. Optional Communications

With your consent, we may send:

  • Product updates and new feature announcements
  • Industry insights and market analysis
  • Educational content related to our services
  • Promotional offers and discounts

12.3. Opting Out

You can opt out of marketing communications by:

  • Clicking the unsubscribe link in emails
  • Updating your communication preferences in your account
  • Contacting our support team

13. Privacy Policy Updates

13.1. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. The date at the top of this policy indicates when it was last updated.

13.2. Notification of Changes

For material changes to this Privacy Policy, we will:

  • Send an email notification to registered users
  • Display a prominent notice on our website
  • Provide at least 30 days' notice before changes take effect

13.3. Continued Use

Your continued use of our Service after privacy policy changes indicates your acceptance of the updated terms.

14. Contact Information

14.1. Privacy Questions

For questions about this Privacy Policy or our data practices, contact us at:

  • Email: privacy@steamapis.com
  • DATAGRAB OÜ
    Registration Number: 16148696
    Räga tn 10-37, 13516, Tallinn, Estonia

14.2. Data Protection Officer

If required by applicable law, our Data Protection Officer can be reached at [dpo@steamapis.com].

14.3. Supervisory Authority

EU residents have the right to lodge complaints with their local supervisory authority if they believe their data protection rights have been violated.

15. Additional Information

15.1. California Privacy Rights

California residents may have additional rights under the California Consumer Privacy Act (CCPA). For more information about your California privacy rights, please contact us using the information provided above.

15.2. Other Jurisdictions

Users in other jurisdictions may have additional privacy rights under local law. We are committed to complying with applicable privacy laws wherever we operate.

15.3. Language

This Privacy Policy is written in English. Any translations are provided for convenience only, and the English version will prevail in case of discrepancies.

By using SteamApis, you acknowledge that you have read, understood, and agree to the collection and use of your information as described in this Privacy Policy.