Privacy Policy

Account information: When you create an account, we collect your email address, display name, and a hashed password (if using email/password auth). If you sign in with a third-party provider such as Google, we receive only the profile information that provider grants us — typically your name and email address.

Usage data: We log API requests, including the URL scraped, timestamp, credit cost, job status, and any error codes. This data is used to display your usage history in the dashboard and to diagnose issues. We do not store the full HTML content of pages you scrape beyond what is needed to return results to you.

Payment information: Billing is handled entirely by Paddle. We never see or store your full card number, CVV, or raw bank details. We receive a customer ID, subscription status, and transaction records from Paddle so we can manage your plan and credits.

Technical data: We collect standard server logs including IP addresses, browser user-agent strings, and request timestamps. These logs are retained for up to 90 days for security and abuse-prevention purposes.

Service delivery: Your account information and API keys are used solely to authenticate you and deliver scraping results. We use usage logs to calculate credit consumption and enforce plan limits.

Billing and subscriptions: We share your email address with Paddle to create and manage your billing account. Paddle handles payment processing, invoicing, and tax compliance on our behalf.

Communications: We may send you transactional emails (e.g., account creation confirmation, credit limit warnings, subscription receipts). We will only send marketing emails if you have explicitly opted in, and you can unsubscribe at any time.

Security and fraud prevention: IP addresses and request logs are analysed to detect abuse, rate-limit violations, and account takeover attempts.

We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:

• Paddle — our payment processor. Paddle acts as a Merchant of Record and processes payments under their own privacy policy.
• Infrastructure providers — we run on cloud infrastructure (e.g., hosting, databases, object storage). These providers process data on our behalf under data processing agreements and do not use your data for their own purposes.
• Legal requirements — we may disclose information if required to do so by law or in response to a valid legal request, such as a court order or government subpoena.

We use a minimal set of cookies required solely for authentication and session management. Specifically, we set a secure, HTTP-only session cookie when you log in. This cookie expires when you log out or after a period of inactivity.

We do not use advertising cookies, third-party tracking pixels, or analytics cookies that identify you across sites. If we add any analytics in the future, we will update this policy and (where required) request your consent.

We retain your account data for as long as your account remains active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are legally required to retain it (e.g., billing records for tax purposes, which we retain for 7 years).

API usage logs are retained for 12 months and then automatically deleted. Server logs are retained for 90 days.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you.
• Correction — ask us to correct inaccurate data.
• Export — receive your data in a portable format (JSON).
• Deletion — request erasure of your account and associated data.
• Objection — object to processing based on legitimate interests.

To exercise any of these rights, email us at support@scrapios.com. We will respond within 30 days.

We use industry-standard security measures including TLS encryption in transit, encrypted storage for sensitive fields, and strict access controls. API keys are hashed and never stored in plain text. Despite these measures, no system is completely secure, and we cannot guarantee absolute security.

If you have any questions or concerns about this Privacy Policy, please contact us at:

support@scrapios.com

We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on the site. Continued use of Scrapios after such changes constitutes acceptance of the updated policy.