Diagnostics
For billing, fraud detection, and troubleshooting purposes, we collect certain information from your users as part of their use of your services. In general, all information processed by our services is fully encrypted, meaning YAXI cannot read the clear text unless the data is explicitly recorded. Below is a detailed description of the information we process or store, which you can include in your privacy policy to inform your users.
Web server logs
For each HTTP request you issue, our web server automatically logs the following information:
| Information | Example |
|---|---|
Masked source IP address and port |
|
Timestamp |
11/Apr/2025:17:24:56.150 |
Requested endpoint |
|
HTTP response status of the request |
200 |
User agent |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0 |
Service call records
For each service call, we record the following anonymous information:
| Information | Example |
|---|---|
Your user’s account servicing payment service provider |
N26 |
The connection that was used |
|
Amount and currency, if any |
€50.00 |
Timestamp |
2025-03-28 13:42:12.103 |
A YAXI internal ID |
|
ID assigned by the account servicing payment service provider, if any |
|
We use this data for the following purposes:
-
To account the usage of our services to you.
-
To allow you to view and review past service calls.
-
To compile statistics.
-
To address claims of fraud. If we have reasonable grounds to suspect fraud, we may be obliged to disclose the relevant records for further investigation. In this case, we will notify you of this disclosure.
For fraud investigation purposes, we are required to retain this information for up to seven years.
Observability traces
To monitor and improve the reliability and performance of our services, we collect anonymous traces that include the following information:
| Information | Example |
|---|---|
Anonymized IP |
|
Timestamp |
2025-03-28 13:42:12.103 |
Requested endpoint |
|
User agent |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0 |
Your ticket ID |
|
Service ID |
|
API key ID |
|
Tenant ID |
|
Connection ID |
|
Invocation ID |
|
Session ID |
|
Context ID |
|
Encryption Session Key ID |
|
Messages we log explicitly |
|
| The messages we log explicitly to our observability traces never contain personally identifiable information. Also see Diagnostic archive. |
Additionally, when the request triggered a call to a remote system, the following information is recorded:
| Information | Example |
|---|---|
Timestamp |
2025-03-28 13:42:12.103 |
Duration |
150ms |
Endpoint with blanked IDs |
|
Response status |
200 |
Remote system’s response ID (value of
|
|
The data is stored for 90 days.
Diagnostic archive
To help troubleshoot any issues you or your users may encounter, we create an encrypted diagnostic archive for each service call. This archive includes a detailed request log. While our service removes sensitive information (such as online banking credentials), it may still contain personal data. The encrypted diagnostic archive is inaccessible to YAXI, but only YAXI has the key to decrypt it, meaning that neither you nor YAXI can access its contents without your cooperation.
With your user’s informed consent, you may share the encrypted diagnostic archive with YAXI for debugging purposes. Please note that diagnostic archives are not stored permanently and are only available to you for a limited time. YAXI deletes diagnostic archives you shared as soon as the issue is resolved, or no later than 14 days.