Sort:  

Regarding the direct API access I can understand that currently. I think a few weeks from now you will earn enough with the curation rewards to be able to order a few super machines.

Regarding your website you could create kind of an 'account info page' on steem-ua.com and load the data on page load via AJAX request. Your own domain would be added to the allowed ones in the CORS header, so that no requests from other domains will be allowed. Would be a simple and stable, working solution.