Case Studies Industries Departments Features AI Cost Savings
Quickstart Tutorial Examples Features Deepdive Search Demo API Reference Technical Write Ups
About Legal Security Pricing
Pricing Login

Sturdy Statistics: Summary of Key Policies

Terms of Service (TOS)

  • Your data remains yours. We do not access, sell, or use it beyond providing our services.
  • API keys are your responsibility. They function as authentication credentials, and you must keep them secure to prevent unauthorized access.
  • Appropriate use is required. Users must not attempt to circumvent security, overload the system, or use Sturdy Statistics to engage in illegal or prohibited activities.
  • Service availability is a priority. While we strive for high uptime, occasional disruptions may occur due to maintenance or unforeseen circumstances.
  • Billing is transparent and predictable. Fees are charged in advance, and users can adjust their subscription tier or cancel at any time.
  • Policy violations may result in suspension or termination. Compliance ensures a secure and efficient experience for all users.
  • Legal matters are governed by California law. Disputes are resolved through arbitration in Santa Barbara.

Privacy Policy

  • We do not sell or share customer data. Our commitment is to security and operational integrity, not data monetization.
  • We collect only essential information. This includes account details, API logs (for security monitoring), and any customer-uploaded data.
  • Data is protected with industry-leading security. Encryption (TLS 1.3 in transit, AES-256 at rest) and strict access controls safeguard customer data.
  • Minimal retention by default. Data can be deleted upon request, and accounts are permanently erased within 30 days of termination.
  • Third-party services are limited and optional. We use AWS for hosting and OpenAI for an optional feature. No other external data sharing occurs.

API Key Management Policy

  • API keys must be treated as confidential credentials. They grant access to the system and should be handled with the same level of security as passwords.
  • Regular key rotation is recommended. To mitigate risks, we advise rotating API keys at least every 3 months.
  • Principle of least privilege. Use distinct keys with restricted permissions rather than granting broad access unnecessarily.
  • Proactive monitoring is essential. Users should track API activity and promptly revoke or rotate any compromised credentials.
  • Secure storage is required. API keys should never be exposed in public repositories, client-side applications, or unsecured locations.