Privacy policy

Gateway APIs ("we", "our", or "us"), a brand under Gateway API Technologies Ltd ("Gateway APIs"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and disclose personal information. By using our Services, you consent to the terms of this policy.

"Services" refers to our APIs, platform dashboard, website, supporting infrastructure, and any related services provided by Gateway APIs.

Collection of personal information

We collect only the information necessary to operate and improve our Services. This may include:

  • Your full name and email address when you sign up for our Services
  • Your organisation name when you register an account
  • A password to secure your account
  • Technical data, such as API usage logs, device information, and IP addresses to maintain platform security and reliability

Use of personal information

We use your personal information solely to:

  • Provide, maintain, and improve our Services
  • Respond to your inquiries and support requests
  • Ensure platform security and prevent fraud
  • Comply with legal obligations

We do not use your personal data for marketing, analytics, or advertising purposes. We do not sell, rent, or share your personal data with third parties except as necessary to operate our Services or comply with legal obligations.

Subprocessors

We use the following subprocessors to operate our Services securely:

  • Amazon Web Services (AWS): Hosting infrastructure and data storage
  • Sentry: Performance monitoring and error tracking
  • Mailgun: Transactional email delivery

Lawful basis for processing

We process personal data based on:

  • Legitimate interests (e.g., providing Services, ensuring security)
  • Contractual necessity (e.g., fulfilling API usage agreements)
  • Legal obligations (e.g., compliance with regulatory requirements)

Data retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.

Data subject rights

Under GDPR, you have the following rights:

  • Right to access your data
  • Right to rectify inaccurate information
  • Right to request deletion of your data
  • Right to restrict or object to processing
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

To exercise your rights, you can contact us. You may also file a complaint with the UK Information Commissioner’s Office (ICO).

International data transfers

Personal data may be transferred outside the UK/EU to our subprocessors (e.g., AWS). We ensure appropriate safeguards, such as standard contractual clauses, to protect your data.

Security of personal information

We implement strong security measures to protect your personal data. However, no method of transmission or storage is entirely secure, and we cannot guarantee absolute security. You can read more about our security practices in our Security Policy.

Contact details

Gateway APIs, operated by Gateway API Technologies Ltd, acts as the Data Controller for information collected through our Services. You can contact us via our website contact form any time if you have any questions relating to our Services.

Changes to this privacy policy

We may update this privacy policy periodically. Any material changes will be communicated via a notice on our website.