Privacy Policy

Last updated: March 24, 2026

1. Introduction

NexaAPI ("we," "us," or "our") operates the nexaapi.com website and the NexaAPI platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information: When you register, we collect your name, email address, and payment information.

Usage Data: We automatically collect information about your API usage, including endpoints called, request timestamps, response times, and credit consumption.

API Content: We process the prompts and parameters you send through our API to fulfill your requests. We do not store generated content beyond the delivery window (typically 24 hours).

Technical Data: IP addresses, browser type, device information, and cookies for analytics and security purposes.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process transactions and send billing notifications
  • To monitor usage and enforce rate limits
  • To detect and prevent fraud, abuse, and security incidents
  • To communicate product updates and service announcements
  • To provide customer support

4. Data Sharing

We do not sell your personal information. We may share data with:

  • AI Model Providers: We forward your API requests to upstream model providers to fulfill generation requests. These providers process data according to their own privacy policies.
  • Payment Processors: Stripe processes payment information on our behalf.
  • Infrastructure Providers: Cloud hosting and CDN providers that help deliver our Service.
  • Legal Requirements: When required by law or to protect our rights.

5. Data Retention

Account data is retained for the duration of your account plus 30 days after deletion. API request logs are retained for 90 days. Generated content (images, videos, audio) is available for download for 24 hours and then permanently deleted from our servers.

6. Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest (AES-256), and regular security audits. See our Security page for more details.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Restrict or object to certain processing activities

To exercise these rights, contact us at [email protected].

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

9. Contact Us

If you have questions about this Privacy Policy, please contact us at [email protected].