Privacy Policy

Who we are

Wherabouts provides location and geocoding APIs — address autocomplete, reverse geocoding, geofencing, region classification, and routing — to developers and businesses. This policy covers our marketing site, the authenticated dashboard, and the API.

Information you provide

When you create an account we collect your name, email address, and authentication credentials. Passwords are handled by our authentication provider and are only ever stored as salted hashes — never in plain text.

If you join or create a team we collect organization details and team membership. When you enable paid usage, payment details are collected and processed by our payment provider, Stripe; we do not store full card numbers on our systems.

We also keep any messages you send us for support or sales.

Information we collect automatically

When you call the API we record request metadata — timestamps, the endpoint used, the identifier of the API key, response status, and request counts — to meter usage, bill accurately, and detect abuse.

We collect standard log and device data such as IP address and user agent, and we use cookies and similar technologies to keep you signed in and to understand aggregate usage of our site.

Address and location queries

When you use the API, the query text and coordinates you send are processed to return geocoding results. We may retain limited query logs for billing, debugging, and improving accuracy.

We do not use the addresses or coordinates your application sends to build advertising profiles, and we do not sell this data.

How we use information

We use the information above to provide, secure, and improve the service; to meter and bill usage; to communicate with you about your account and important changes; and to comply with legal obligations.

Sharing and sub-processors

We share data with infrastructure providers who process it on our behalf, including our database host (Neon), our edge and compute platform (Cloudflare), and our payment processor (Stripe). These providers are bound by contractual confidentiality and data-protection obligations.

We may disclose information if required by law or to protect the rights, safety, and security of Wherabouts and its users. We do not sell personal information.

International transfers

Wherabouts operates internationally, with coverage anchored in the United States and Australia and expanding to other regions. Your information may be processed in countries other than your own, subject to appropriate safeguards.

Data retention

We retain account data for as long as your account is active. Usage and request logs are kept for a limited period necessary for billing, security, and service improvement, after which they are deleted or anonymized.

Your rights

Depending on where you live, you may have the right to access, correct, delete, or export your personal information, and to object to or restrict certain processing. To exercise any of these rights, contact us at privacy@wherabouts.com and we will respond within the time required by applicable law.

Security

We protect your information with encryption in transit, hashed credentials and API keys, and access controls. No system is perfectly secure, but we work continuously to safeguard your data. See our Security page for more detail.

Children

Wherabouts is not directed to children, and we do not knowingly collect personal information from anyone under 16.

Changes to this policy

We may update this policy from time to time. When we do, we will revise the effective date above and, for material changes, provide additional notice.

Contact us

If you have questions about this policy or your data, contact us at privacy@wherabouts.com.