Privacy Policy

1. Introduction and Scope

1.1 About This Privacy Policy

ApexBase LLC ("we," "us," "our," or "Company") operates PikBase, an AI-assisted Backend as a Service platform for enterprise vibe coding. We are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use PikBase services, visit our website, or interact with our platform.

This Privacy Policy applies to all information collected by ApexBase LLC through PikBase services, including our Backend as a Service platform, MCP (Model Context Protocol) tools, CLI integration, AI-assisted development features, and any other digital or physical touchpoints where you interact with PikBase.

1.2 GSB Infrastructure and PikBase

PikBase operates on the GSB (Global Software Base) infrastructure under the explicit authorization of Ali YILDIRIM, the original developer and intellectual property owner of the GSB infrastructure. This authorization grants us comprehensive rights to:

• Develop and enhance Backend as a Service capabilities using GSB infrastructure
• Provide AI-assisted development tools and vibe coding platforms
• Offer MCP server integration and CLI tools for enterprise developers
• Create derivative works and improvements to the GSB-based backend services
• Collect and process data necessary for PikBase platform operations
• Maintain enterprise-grade security and compliance standards

1.3 Consent and Agreement

By accessing PikBase, using our Backend as a Service platform, or providing us with your personal information, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use PikBase services.

2. Information We Collect

2.1 Personal Information

We collect various types of personal information that you voluntarily provide to us or that we automatically collect when you interact with PikBase services:

2.1.1 Account and Identity Information

• Full name, professional title, and contact information
• Email addresses and telephone numbers
• Company information and business addresses
• Professional qualifications and development experience
• Profile information for vibe coding platform access
• Authentication credentials and security settings

2.1.2 Enterprise and Development Information

• Company size, industry, and development team structure
• Current development workflows and vibe coding practices
• Technical requirements and integration needs
• Project specifications and application architecture preferences
• API usage patterns and backend service requirements
• MCP tool configurations and CLI integration settings

2.1.3 Payment and Billing Information

• Credit card and payment method details
• Billing addresses and tax identification numbers
• Subscription preferences and usage tier selections
• Transaction history and service usage records
• Enterprise contract details and purchasing information

2.2 Technical and Platform Data

2.2.1 Backend as a Service Usage Data

• API calls, database queries, and service requests
• Application performance metrics and response times
• Resource utilization and scaling patterns
• Error logs, debugging information, and system diagnostics
• Authentication events and security access patterns
• File storage usage and data transfer statistics

2.2.2 AI-Assisted Development Data

• Vibe coding workflow patterns and AI assistant interactions
• MCP server communication logs and tool usage statistics
• CLI command history and automation script execution
• Code generation requests and AI-assisted development sessions
• Development environment configurations and preferences
• Integration data with third-party development tools

2.2.3 Device and Browser Information

• IP addresses and geographic location data
• Device identifiers and operating system information
• Browser type, version, and development environment details
• Network connection quality and performance metrics
• Session duration and platform interaction patterns

2.3 Application and Development Data

• Application code, configurations, and deployment specifications
• Database schemas, queries, and data models
• API endpoints, webhooks, and integration configurations
• User authentication and authorization rules
• File uploads, media assets, and static content
• Application logs, monitoring data, and performance analytics
• Backup and version control information

2.4 Communication and Support Data

• Customer support inquiries and technical assistance requests
• Developer community forum interactions and contributions
• Email correspondence and platform notifications
• Feedback submissions and feature requests
• Training session attendance and educational material usage
• Webinar participation and developer event interactions

3. How We Use Your Information

3.1 Platform Operations and Service Delivery

• Providing access to PikBase Backend as a Service platform
• Processing API requests and managing database operations
• Delivering AI-assisted development tools and vibe coding capabilities
• Managing MCP server connections and CLI tool functionality
• Maintaining application hosting, storage, and deployment services
• Ensuring platform security, authentication, and access control
• Monitoring system performance and providing technical support

3.2 AI-Assisted Development and Enhancement

• Powering AI assistants and vibe coding workflow optimization
• Providing intelligent code suggestions and development recommendations
• Analyzing usage patterns to improve AI-assisted features
• Optimizing MCP tool performance and CLI integration
• Developing new AI capabilities for enterprise development teams
• Personalizing development environments and tool configurations

3.3 Enterprise Services and Support

• Managing enterprise accounts and team collaborations
• Providing technical consulting and implementation assistance
• Delivering training and educational resources for development teams
• Offering priority support and dedicated account management
• Ensuring compliance with enterprise security and governance requirements
• Facilitating integration with existing enterprise development workflows

3.4 Platform Improvement and Innovation

• Analyzing usage data to enhance platform capabilities
• Developing new Backend as a Service features and tools
• Improving AI-assisted development algorithms and suggestions
• Optimizing platform performance and scalability
• Researching emerging development technologies and practices
• Testing new integrations and enterprise development solutions

4. Information Sharing and Disclosure

4.1 Service Providers and Technology Partners

We may share your information with carefully selected third-party service providers who assist us in operating PikBase and providing Backend as a Service capabilities:

• Cloud infrastructure and hosting providers
• Database management and storage services
• AI and machine learning service providers
• Payment processors and billing systems
• Security monitoring and threat detection services
• Development tool integrations and API services
• Customer support and technical assistance platforms

4.2 Enterprise Customer Integrations

For enterprise customers using PikBase Backend as a Service:

• Integration with customer's existing development and deployment systems
• Sharing operational data with customer's monitoring and analytics platforms
• Providing data exports for customer's compliance and audit requirements
• Facilitating connections with customer's preferred development tools

4.3 Legal Requirements and Safety

We may disclose your information when required by law or when we believe in good faith that disclosure is necessary to:

• Comply with legal obligations and court orders
• Protect and defend our rights and property
• Investigate potential violations of our terms of service
• Protect the safety and security of our platform and users
• Respond to government requests and regulatory investigations

5. Data Security and Protection

5.1 Enterprise-Grade Security Measures

We implement comprehensive security measures to protect your personal and application data:

5.1.1 Technical Safeguards

• End-to-end encryption for all data transmission and API communications
• Advanced encryption standards (AES-256) for data at rest
• Multi-factor authentication for platform access and administrative functions
• Regular security assessments and penetration testing
• Intrusion detection and prevention systems
• Secure coding practices and automated security scanning
• Zero-trust network architecture and access controls

5.1.2 Platform Security

• Isolated tenant environments for enterprise customers
• API rate limiting and abuse prevention mechanisms
• Database access controls and query monitoring
• File storage encryption and access logging
• Secure backup and disaster recovery procedures
• Continuous monitoring of platform security events

5.1.3 Administrative and Operational Security

• Employee background checks and security clearances
• Security awareness training and incident response procedures
• Access controls based on job functions and need-to-know principles
• Regular security audits and compliance assessments
• Vendor security evaluations and due diligence
• Data retention and secure disposal policies

6. Data Retention and Management

6.1 Retention Periods for Different Data Types

6.1.1 Account and Profile Information

• Active accounts: Retained while account remains active and for 90 days after termination
• Inactive accounts: Personal data deleted within 12 months of last activity
• Enterprise accounts: Retained according to contract terms and compliance requirements

6.1.2 Application and Development Data

• Active applications: Retained while applications are deployed and active
• Deleted applications: Data securely purged within 30 days of deletion request
• Backup data: Retained for 90 days for disaster recovery purposes
• Logs and analytics: Retained for 12 months for platform optimization

6.1.3 Platform Usage and Technical Data

• API usage logs: Retained for 6 months for billing and support purposes
• Performance metrics: Retained for 12 months for platform optimization
• Security logs: Retained for 24 months for compliance and investigation
• AI interaction data: Retained for 6 months for model improvement

6.2 Data Export and Portability

Enterprise customers can:

• Export application data and configurations at any time
• Receive data in standard formats for migration purposes
• Access detailed usage reports and analytics
• Download backup copies of their applications and data

7. Your Privacy Rights and Controls

7.1 Access and Transparency Rights

You have the right to:

• Access your personal information and account data
• Receive copies of your application data and configurations
• Understand how your data is used for AI-assisted development
• Review platform usage analytics and billing information
• Request information about data sharing with third parties

7.2 Data Management Rights

• Update and correct your account and profile information
• Delete specific applications or data sets
• Export your data for migration or backup purposes
• Configure privacy settings for AI-assisted features
• Manage team member access and permissions

7.3 Platform Control Rights

• Control which data is used for AI training and improvement
• Opt-out of certain AI-assisted features and recommendations
• Configure data retention periods for your applications
• Manage integration permissions with third-party tools
• Set notification preferences for platform communications

8. International Data Transfers and Compliance

8.1 Global Platform Operations

As a global Backend as a Service platform, we may transfer your data internationally to:

• Data centers in regions closest to your users for optimal performance
• Backup and disaster recovery facilities
• Third-party service providers in various countries
• Enterprise customer's preferred geographic regions

8.2 Data Transfer Protections

When transferring data internationally, we ensure adequate protection through:

• Adequacy decisions by relevant data protection authorities
• Standard contractual clauses and binding corporate rules
• Customer-specified data residency requirements
• Industry-standard certification schemes and security frameworks

9. Compliance with Privacy Regulations

9.1 GDPR Compliance (European Union)

For users in the European Economic Area, we comply with GDPR requirements including:

• Lawful basis for processing personal data in Backend as a Service operations
• Enhanced individual rights for data access, portability, and erasure
• Data protection impact assessments for AI-assisted features
• Appointment of Data Protection Officers for enterprise customers
• Privacy by design and default in platform development

9.2 CCPA Compliance (California)

For California residents, we provide additional rights under CCPA:

• Right to know about personal information collection and use
• Right to delete personal information and application data
• Right to opt-out of personal information sales (we do not sell data)
• Right to non-discrimination for exercising privacy rights

9.3 Enterprise and Industry Compliance

PikBase maintains compliance with relevant industry standards:

• SOC 2 Type II compliance for security and availability
• HIPAA compliance for healthcare applications
• PCI DSS compliance for payment processing
• FERPA compliance for educational applications
• FedRAMP readiness for government deployments

10. Updates to This Privacy Policy

10.1 Policy Changes and Notifications

We may update this Privacy Policy to reflect:

• New Backend as a Service features and capabilities
• Enhanced AI-assisted development tools
• Changes in legal or regulatory requirements
• Improvements to security and privacy protections
• User feedback and privacy best practices

10.2 How We Communicate Changes

When we make material changes to this Privacy Policy, we will:

• Post the updated policy on our website and platform
• Send email notifications to registered users
• Provide in-app notifications for significant changes
• Maintain previous versions for reference and comparison
• Highlight key changes in our communications

11. Contact Information and Support

12. Definitions and Glossary

12.1 Key Terms

• Backend as a Service (BaaS): Cloud-based platform providing backend infrastructure including databases, APIs, authentication, and file storage
• Vibe Coding: AI-assisted development workflow that emphasizes intuitive, rapid application development
• MCP (Model Context Protocol): Communication protocol enabling AI assistants to interact with development tools and services
• CLI Tools: Command-line interface tools for managing PikBase services and automating development workflows
• GSB Infrastructure: The Global Software Base infrastructure developed by Ali YILDIRIM and licensed to ApexBase LLC
• Enterprise Customer: Organizations using PikBase for team-based or large-scale application development
• AI-Assisted Development: Development process enhanced by artificial intelligence tools and suggestions