InvokeWorks
Sign inGet started

Last updated: May 14, 2026

Privacy Policy

1. Introduction

InvokeWorks Inc. ("InvokeWorks", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our Platform. By using the Platform, you consent to the practices described herein.

2. Information We Collect

Account information: name, email address, hashed password, role, and optional profile data (website, bio, avatar).

Provider profile: business type, country, payout method details (PayPal email, bank name and last 4 digits only — we never store full account numbers), and agreement timestamps.

Usage data: API request logs, trace data (upstream URL, latency, status codes), rate limit counters, and quota usage. This data is used to operate the gateway and generate analytics.

Technical data: IP addresses, user agent strings, and browser information collected automatically when you access the Platform.

3. How We Use Your Information

  • To operate, maintain, and improve the Platform.
  • To authenticate users and protect account security.
  • To process payments, calculate revenue shares, and issue provider payouts.
  • To enforce rate limits and quota policies.
  • To send transactional notifications (subscription events, billing, key creation).
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with legal obligations.

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Payment processors (e.g., Stripe, PayPal) to facilitate payouts to Providers.
  • Infrastructure providers (hosting, database, Redis) under data processing agreements.
  • Law enforcement or regulators when required by applicable law or valid legal process.
  • Successors in the event of a merger, acquisition, or sale of substantially all assets, with prior notice to users.

Request traces (including upstream URL and response data) may be visible to the subscribing Consumer and the publishing Provider for that Connector.

5. Data Retention

Account data is retained for the lifetime of your account and for up to 90 days after deletion to satisfy legal and financial obligations. Request traces are retained for 90 days. Payout records are retained for 7 years in accordance with financial record-keeping requirements.

6. Cookies and Tracking

We use a single HTTP-only session cookie (auth_token) to maintain your authenticated session. We do not use third-party advertising trackers or analytics cookies. No tracking pixels or fingerprinting scripts are loaded on the Platform.

7. Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, JWT-based session tokens with short expiry, and Redis-backed rate limiting. Sensitive payout data is stored in minimised form (last 4 digits only). However, no system is perfectly secure and we cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your account and associated data.
  • Object to or restrict certain processing activities.
  • Data portability (receive your data in a structured, machine-readable format).

To exercise these rights, email privacy@invokeworks.io. We will respond within 30 days.

9. International Transfers

InvokeWorks is based in Canada. If you access the Platform from the European Economic Area, United Kingdom, or other regions with data protection laws, your data may be transferred to and processed in Canada and other countries where our infrastructure providers operate. We ensure appropriate safeguards are in place for such transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 14 days before they take effect.

11. Contact

Privacy-related inquiries: privacy@invokeworks.io
InvokeWorks Inc., Ontario, Canada.