Privacy Policy
Effective Date: 21 September 2025 Last Updated: 21 September 2025 Reactive Group Oy (“Reactive Data,” “we,” “us,” or “our”) values your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our APIs, website, and services (“Services”). By using our Services, you consent to the practices described in this Privacy Policy.
Information We Collect
We collect only the data necessary to provide and improve our Services, including:
Account Information: Name, email address, company name, and billing details when you sign up.
Authentication Data: API keys, OAuth tokens, and session cookies.
Usage Data: API requests, timestamps, IP addresses, error logs, and performance metrics.
Communications: Emails, support requests, and feedback you send us.
We do not collect or store unnecessary personal data beyond what is required for security, billing, and service delivery.
How We Use Your Data
We use your data to:
Provide and operate the Services.
Authenticate users and enforce security controls.
Monitor usage to prevent abuse and enforce rate limits.
Send essential communications (service updates, security notices, billing reminders).
Improve and optimize our APIs, documentation, and user experience.
We do not sell or rent your personal data to third parties.
Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), our processing of your data is based on:
Contractual necessity – to provide you with the Services
Legitimate interests – security monitoring, product improvement
Legal obligations – accounting, compliance
Data Retention
We retain personal data only for as long as necessary:
Account data is retained while your subscription is active and for a reasonable period thereafter for legal and accounting purposes
API logs are typically retained for 90 days for security and debugging, unless a longer period is required by law or enterprise contract
Sharing and Disclosure
We may share data with:
Service providers – hosting, payment processors, analytics, and support vendors under confidentiality agreements
Legal authorities – if required by law, regulation, or valid legal process
Enterprise clients – if necessary for investigating a security or abuse incident
We do not disclose customer data to competitors or third parties for marketing purposes.
International Data Transfers
Your data may be processed outside your country of residence, including in the EU and the United States, where we and our vendors operate.
We ensure appropriate safeguards – such as Standard Contractual Clauses – are in place for cross-border data transfers.
Security
We use industry-standard security measures to protect your data:
Encrypted data in transit (TLS)
Encrypted storage for sensitive credentials
Access control and audit logging
Regular security reviews and monitoring
However, no method of transmission or storage is 100% secure. You are responsible for keeping your API keys and certificates confidential.
Your Rights
Depending on your jurisdiction, you may have the right to:
Access, correct, or delete your personal data
Restrict or object to certain processing activities
Receive a copy of your data in a portable format
Withdraw consent for processing where applicable
To exercise these rights, contact [email protected]
Cookies and Tracking
We use cookies and similar technologies to:
Maintain sessions and authentication
Measure website performance and traffic
Improve documentation navigation
See our Cookie Policy for details.
Changes to This Policy
We may update this Privacy Policy from time to time.
Significant changes will be communicated via email or dashboard notifications before they take effect.
Contact
For questions or data requests, please contact [email protected]