Privacy Policy
Last updated: April 2026
What we collect
We keep it minimal:
- Email address - when you create an API key or purchase a report. Used to identify your account and send you your report/key. We don't send marketing emails.
- API usage logs - request counts per API key for rate limiting. We don't log the content of your queries (which coordinates you searched, etc.) beyond standard server access logs.
- Payment information - processed entirely by Stripe. We don't see or store your card number. We store the Stripe payment ID to link payments to report tokens.
What we don't collect
- No tracking cookies or analytics scripts
- No advertising pixels
- No third-party data sharing
- No user behavior tracking beyond basic server logs
The crash data itself
All crash data served by FARS API comes from NHTSA and has already been stripped of personally identifiable information by the government before publication. No names, license plates, VINs, or addresses are included. We don't add any PII back.
Data retention
- API keys and email: kept as long as your account is active. Email us to delete.
- Report purchase records: kept indefinitely so your report token continues to work.
- Server logs: retained for 30 days, then deleted.
Your rights
Want your data deleted? Email [email protected]. We'll delete your API key, email, and any associated records. Report tokens will stop working.