Last updated: May 8, 2026
At Surf, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API services. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.
We collect information that you provide directly to us, including:
We use the information we collect to:
We retain your personal information for as long as your account is active or as needed to provide you services. API request logs are retained for 30 days for debugging and analytics purposes, after which they are automatically deleted. You may request deletion of your account and associated data at any time.
We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
We use third-party services to help us operate our business. These services have access to your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. This includes payment processors, cloud infrastructure providers, and analytics services.
You have the right to:
If you have any questions about this Privacy Policy, please contact us at privacy@surf.dev