{CitationAPI[1]

Privacy Policy

How we collect, use, and protect your information.

Last updated: February 2025

CitationAPI (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and API service at citationapi.com.

1.Information We Collect

Account Information

When you create an account, we collect your email address, password (stored as a secure hash), and optionally your organization name.

API Usage Data

When you use our API, we log request metadata including: the URLs you submit for citation, request timestamps, your API key identifier (not the key itself), and response status codes. We use this data to provide usage analytics in your dashboard and to improve our service.

Payment Information

Payment processing is handled by our third-party payment processor. We do not store your full credit card number. We retain only the card brand and last four digits for display in your dashboard.

Automatically Collected Information

We collect standard web server logs (IP address, browser type, referring page) when you visit our website. We may use cookies for session management and analytics.

2.How We Use Your Information

  • To provide and maintain our API service
  • To authenticate your API requests
  • To display usage analytics in your dashboard
  • To process payments and manage billing
  • To communicate about service updates and changes
  • To prevent abuse and enforce rate limits
  • To improve our service and develop new features

3.Data Retention

Citation data (CSL-JSON metadata and formatted citations) is cached indefinitely to provide fast responses. Your account data is retained as long as your account is active. API usage logs are retained for 90 days. You can request deletion of your account and associated data at any time.

4.Data Sharing

We do not sell your personal information. We may share data with:

  • Payment processors to handle billing
  • Infrastructure providers (hosting, databases) to operate our service
  • Law enforcement when required by law

5.Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access, correct, or delete your personal data
  • Object to or restrict processing of your data
  • Data portability — receive your data in a structured format
  • Withdraw consent at any time

To exercise these rights, contact us at privacy@citationapi.com.

6.Security

We implement industry-standard security measures including encrypted data transmission (TLS), hashed passwords and API keys, and regular security reviews. However, no method of transmission over the Internet is 100% secure.

7.Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email.

8.Contact

For privacy-related questions, contact us at privacy@citationapi.com.