Open Guestbook collects and processes data with strict privacy controls. This policy explains how we protect your information.
We collect API request metadata (IP address, request timestamps, API endpoint usage) to ensure service security and optimize performance. No user content is stored unless you explicitly enable guestbook entries.
All data transmissions use TLS 1.3 encryption. At-rest storage is encrypted with AES-256. Your API keys are hashed with Argon2 and never stored in plain text.
API request logs are retained for 90 days. Guestbook entries are stored indefinitely unless deleted via the API or administrative controls. You can request data deletion at any time.
All data processing complies with GDPR, CCPA, and ISO 27001 standards
No third-party data sharing without explicit user consent
Right to data portability and deletion for API users
Annual third-party audited privacy compliance
All API communication is encrypted with TLS 1.3 and validated through our Let's Encrypt-certified infrastructure.
Data at rest is protected using AES-256 encryption on hardware with FIPS 140-2 Level 3 certification.
Multi-factor authentication required for all admin operations. Role-based access controls implemented for data access.
Contact our security team at privacy@openguestbook.tech for any questions regarding data protection.