countries DB logo

Privacy Policy

Last updated: December 28, 2025

1. Who We Are

CountriesDB is operated by NAYEE LLC, a company registered in the State of Wyoming, United States, with its registered office at:
30 N Gould St, Suite R, Sheridan, WY 82801, USA.

This Privacy Policy should be read alongside our Terms and Conditions, Cookie Policy, and Refund Policy.

For any privacy-related inquiries, please use our contact form.

2. Scope

This Policy applies to:

  • Visitors of countriesdb.com and related subdomains;

  • Users who create accounts, subscribe, or access our APIs and widgets.

By using the Service, you acknowledge and accept this Privacy Policy.

3. Information We Collect

We collect both personal and technical data to provide and protect the Service.

3.1. Account and Billing Information

When you register or subscribe, we may collect:

  • Name and email address

  • Company details

  • Billing details (payment provider token, not full card data)

  • Chosen subscription plan and usage metrics

Payments are processed securely through third-party processors such as Stripe; we do not store payment card numbers.

3.2. API and Technical Logs

When you use the API or widgets, our servers automatically record:

  • IP address and request metadata

  • API key and endpoint used

  • Timestamps, request volume, and response codes

  • Referring domain(s)

This data is used for metering, security, debugging, and abuse detection.

3.3. Cookies and Analytics

We may use functional cookies and analytics tools (e.g., Plausible or Google Analytics) to understand aggregate usage trends.

Cookies are never used for cross-site advertising or profiling.

You can manage or disable cookies in your browser settings.

4. How We Use Your Information

We use collected data to:

  1. Provide, operate, and maintain the Service

  2. Authenticate API and widget requests

  3. Enforce plan limits and prevent misuse

  4. Communicate with you about your account, billing, or updates

  5. Improve performance, reliability, and security

  6. Comply with legal obligations

We do not sell personal data to any third party.

5. Legal Bases for Processing (for EU/EEA Users)

For users in the European Economic Area, processing is based on:

  • Contract performance (providing the Service you subscribed to)

  • Legitimate interest (fraud prevention, analytics, product improvement)

  • Legal obligation (record-keeping and compliance)

  • Consent (for optional cookies or communications)

6. Data Sharing and Transfers

Your data may be processed in the United States and other countries where we or our trusted partners operate.
We use reputable third-party services under data-processing agreements, including:

  • Payment processors (Stripe)

  • Cloud infrastructure and hosting providers

  • Email and analytics services

When data is transferred outside the EEA, we rely on appropriate safeguards such as the EU–US Data Privacy Framework or Standard Contractual Clauses.

7. Data Retention

  • Account and billing records: retained as long as your account is active and up to 5 years thereafter for accounting and compliance.

  • API logs: typically retained up to 180 days for security and operational purposes.

  • Backup archives: automatically purged on a rolling schedule.

You may request deletion of your personal data as described below.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and obtain a copy of your personal data

  • Request correction or deletion (“right to be forgotten”)

  • Restrict or object to certain processing

  • Request data portability

  • Withdraw consent (where applicable)

To exercise these rights, please use our contact form.
We will respond within 30 days where legally required.

9. Security

We implement administrative, technical, and organizational measures to safeguard information, including:

  • Encrypted data transmission (HTTPS/TLS)

  • Token-based API authentication

  • Rate-limiting and anomaly detection

  • Regular security reviews and access controls

No system is entirely immune from risk, but we strive to maintain industry-standard protection.

10. Children’s Privacy

The Service is intended for professional or business use and not directed to children under 16.
We do not knowingly collect personal data from minors. If you believe such data has been provided, contact us for removal.

11. Changes to This Policy

We may update this Privacy Policy from time to time.
The latest version will always be available at countriesdb.com/privacy-policy.
Your continued use of the Service after changes are posted constitutes acceptance of the updated Policy.

12. Contact

For privacy or data-protection questions, please use our contact form.
NAYEE LLC, 30 N Gould St, Suite R, Sheridan, WY 82801, United States.