# Privacy Policy > Effective 2026-04-01 Apinizer is a self-managed platform — the data your platform processes never leaves your Kubernetes cluster. This policy covers only what we collect when you visit apinizer.com or talk to our team. --- ## Scope This Privacy Policy applies to the apinizer.com website and to direct communications with the Apinizer team (sales, support, partnerships). It does **not** cover the data that Apinizer the platform processes when our customers run it on their own Kubernetes — that data lives in the customer's environment, not ours. --- ## What we collect on apinizer.com - **Contact form submissions** — Name, work email, company, role, phone (optional), and the message you send. Used to respond to your request and route it to the right team. - **Newsletter subscriptions** — Email address only. Stored until you unsubscribe. - **Aggregate usage analytics** — Page views, country-level location, referrer. We use privacy-respecting analytics (Plausible or equivalent) — no cross-site tracking, no third-party advertising cookies. --- ## What the platform does NOT do Apinizer the platform — the gateway, the manager, the portal, the AI Gateway — runs on your Kubernetes cluster. The Worker carries no calls home. The Manager carries no hidden cloud dependency. The traffic logs, audit trail, configuration, and credentials all stay in the customer's cluster. --- ## Lawful basis (GDPR / KVKK) We rely on the following lawful bases: - **Consent** — Newsletter subscriptions and optional analytics. - **Legitimate interest** — Responding to your contact form, customer relationship management. - **Contractual necessity** — Fulfilling a signed Enterprise contract. --- ## Your rights Under KVKK and GDPR you have the right to: access the personal data we hold about you, correct it, delete it, restrict its processing, object to processing, and request portability. To exercise any of these rights, email privacy@apinizer.com. We respond within 30 days. --- ## Data retention - Contact form submissions — 24 months from last interaction - Newsletter — until you unsubscribe - Aggregate analytics — 12 months, then aggregated further --- ## Data transfers Apinizer is headquartered in Türkiye. Our internal systems run in EU and Türkiye data centers. We do not transfer your personal data to third countries that lack an adequacy decision without appropriate safeguards. --- ## Subprocessors For website operations we use a small set of subprocessors — hosting (EU), email delivery (EU), analytics (privacy-respecting). A current list is available on request. --- ## Changes We will post any material changes to this policy here and notify existing customers by email at least 30 days before they take effect. --- ## Contact - Questions or rights requests — privacy@apinizer.com - Data Protection Officer correspondence — dpo@apinizer.com --- ## Links - Products: https://apinizer.com/products - AI Gateway: https://apinizer.com/products/ai-gateway - Solutions: https://apinizer.com/solutions - Pricing: https://apinizer.com/pricing - Developers: https://apinizer.com/developers - Documentation: https://docs.apinizer.com/index-en - Blog: https://apinizer.com/blog - Contact: https://apinizer.com/company/contact © 2026 Apinizer. All rights reserved.