Privacy Policy

Last updated: March 2026

ApiArk is built on a simple principle: your data is yours. We collect nothing by default.

Zero Data Collection by Default

ApiArk collects absolutely nothing out of the box. There is no analytics, no tracking, no fingerprinting, no usage metrics, and no telemetry. We do not use any third-party SDKs that phone home—no Google Analytics, no Mixpanel, no Segment, no Sentry SaaS.

Your Data Stays Local

All user data remains on your local filesystem at all times:

  • Collections and environments are stored as plain YAML files
  • Secrets are stored in standard .env files
  • History and settings are stored in a local SQLite database and JSON files
  • Nothing is uploaded anywhere unless you explicitly use Git push, export, or webhook features

Opt-In Crash Reports

On first launch, a non-modal banner asks if you'd like to help improve ApiArk by sending anonymous crash reports. The default is No.

If you opt in, crash reports contain only: stack trace, OS version, and app version. They never contain request URLs, headers, bodies, environment variables, or secrets.

Crash reports are stored locally in ~/.apiark/crash-reports/ as JSON files. You can inspect or delete them at any time.

No License Validation

ApiArk is 100% free. There are no license keys, no subscription checks, and no phone-home calls. Every feature works fully offline without any validation.

No Third-Party Services

ApiArk does not integrate with any third-party data collection or analytics services. The only external connections ApiArk makes are:

  • API requests you explicitly send (your intent)
  • OAuth flows you initiate
  • Update checks against our release server
  • Update checks against our release server

Data Deletion

To completely remove all ApiArk data from your machine, uninstall the application and delete the ~/.apiark/ directory. That's it. There is no cloud account to close, no remote data to request deletion of.

GDPR Compliance

ApiArk is compliant with GDPR by design. No personal data is processed unless you explicitly opt in to crash reporting. The license validation endpoint is hosted in the EU.

Contact

If you have questions about this privacy policy, contact us at [email protected].