Privacy Policy

Last updated: February 6, 2026

1. Overview

RateAPI ("we," "us," or "our") provides a financial rate data API. This privacy policy explains how we collect, use, and protect information when you use our website at rateapi.dev, our API at api.rateapi.dev, and our MCP server at mcp.rateapi.dev.

2. Information We Collect

We collect the following information:

  • Account information: Email address provided when you create an API key
  • API usage data: Request logs including endpoints called, query parameters (state, loan amount, product type), timestamps, and response codes
  • Technical data: IP address, user agent, and request headers sent with API calls
  • Website analytics: Page views and usage patterns collected via Google Analytics on rateapi.dev
  • Credit score range: If you provide a credit score for personalized rate matching, we store only a bucketed range (e.g. 720–759), not your exact score

3. Information We Do Not Collect

RateAPI is a data API for publicly available financial rates. We do not collect:

  • Social Security numbers or government IDs
  • Bank account or credit card numbers
  • Exact credit scores (only bucketed ranges are stored)
  • Income, employment, or financial history
  • Passwords to any financial institutions
  • Any personally identifiable financial information

4. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our API services
  • Authenticate API requests and enforce rate limits
  • Monitor for abuse, errors, and service issues
  • Send service-related communications (outage notices, breaking changes)
  • Improve our API and data quality

We do not sell your personal information. We do not use your data for advertising.

5. Data Sharing

We share data only in the following circumstances:

  • Infrastructure providers: We use Cloudflare for hosting and API delivery. Cloudflare processes requests on our behalf and is subject to their own privacy policy.
  • Analytics: We use Google Analytics on our website. Google processes website usage data under their privacy policy.
  • Monitoring: We use Axiom for API logging and observability. Logs are retained for operational purposes.
  • Legal requirements: We may disclose information if required by law or to protect our rights.

6. Data Retention

API usage logs are retained for 30 days for operational monitoring. Account information (email and API key) is retained for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us.

7. Data Security

We use industry-standard security measures to protect your data, including HTTPS encryption for all API traffic, secure API key authentication, and access controls on our infrastructure. No method of transmission over the internet is 100% secure, but we take reasonable steps to protect your information.

8. Third-Party Integrations

RateAPI is available through third-party platforms including ChatGPT (via MCP Apps), Claude (via MCP), and Zapier. When you use RateAPI through these platforms, the platform's own privacy policy also applies. We receive only the query parameters needed to fulfill rate requests (state, amount, product type) and do not receive your chat history or platform account details.

9. Cookies

Our website uses cookies for analytics (Google Analytics) and customer support (Crisp chat). Our API endpoints do not use cookies. You can disable cookies in your browser settings without affecting API functionality.

10. Children's Privacy

RateAPI is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, please contact us so we can delete it.

11. Your Rights

You have the right to:

  • Request access to the personal data we hold about you
  • Request correction or deletion of your data
  • Request deletion of your API key and account
  • Opt out of non-essential communications

To exercise these rights, contact us at [email protected].

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date.

13. Contact

For questions about this privacy policy or our data practices, contact us at [email protected].