Last updated: February 8, 2026
When you create an API key, we store the email address you provide (if any) and a hashed version of your key. We log API request metadata (timestamp, endpoint, status code) for rate limiting and debugging. We do not sell or share this data.
The TariffDiff website does not use cookies or client-side tracking. There are no analytics scripts, no ad pixels, and no third-party trackers on this site.
We retain API request logs for 90 days. Logs include your API key prefix (not the full key), the endpoint called, response status, and timestamp. This data is used solely for:
API keys are stored as salted hashes. All traffic is encrypted via TLS. We do not store plaintext keys after initial generation.
We do not share your data with third parties. The only external services we connect to are the USITC API and Federal Register API to source tariff data.
Questions about this policy can be directed to the contact information on our website.
← Back to TariffDiff