Privacy.

The free tier of Amanoki is anonymous. There is no signup, no login, no personally identifiable information collected from callers. The sections below describe the minimal operational data the service does handle.

Request metadata

• Route template (not the full URL) and HTTP status code are counted in-process for traffic shape. Counters are in-memory, cleared on restart, and exposed only through an admin-bearer-gated endpoint.
• Client IP addresses are not stored. Cloudflare and Fly.io may log them at the infrastructure layer per their own policies.
• Request bodies, query parameters, headers, and user agents are not retained past the immediate response cycle.

Error telemetry

When the Sentry integration is enabled, server-side exceptions (5xx) are reported with stack trace and HTTP status. Client-side 4xx errors are dropped before send. Per-fingerprint bursts are throttled to stay inside the free-tier quota.

Cookies

No cookies are set by the landing site or the API. No analytics scripts, no third-party trackers, no ad networks.

Third-party data flow

Weather inputs are fetched from Open-Meteo using server-side requests with no caller-identifying payload. Market data is downloaded from the respective TSO / exchange portals. No data from callers is forwarded to any third party.

When paid tiers open

Paid-tier signup will involve billing information handled by a Merchant-of-Record (Paddle). Amanoki will store the issued API key hash, the tier, the usage counters tied to the key, and the billing-reference identifier provided by Paddle. Card numbers and tax-residency details are handled by Paddle directly, not by Amanoki.

Retention

• In-memory counters: lifetime of the process (hours to days).
• Error telemetry (if enabled): 30 days in Sentry.
• No long-term caller-identifying data is retained.

Contact

A privacy contact will be published alongside the billing stack. Until then the landing security page covers the operational posture.

Last updated: 2026-04-20.