Privacy Policy

1. Introduction

This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our website asset scraping service. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA).

2. Information We Collect

2.1 Personal Information

We collect the following categories of personal information:

• Account Information: Username, email address, and authentication credentials provided during registration
• Payment Information: Cryptocurrency wallet addresses used for payment processing (we do not store private keys or sensitive financial data)
• Usage Data: URLs scraped, timestamps of scraping requests, feature usage patterns, and API access logs
• Technical Information: IP addresses, browser type, device information, operating system, and referring URLs
• Communication Data: Support tickets, feedback, and correspondence with our team

2.2 How We Collect Information

• Direct Collection: Information you provide when creating an account, making payments, or using our services
• Automated Collection: Cookies, analytics tools, and server logs that record your interactions with our platform
• Third-Party Sources: Authentication providers (Clerk) for identity verification

3. How We Use Your Information

We use your personal information for the following specific purposes:

• Service Delivery: Processing scraping requests, managing your account, and providing access to premium features
• Payment Processing: Verifying cryptocurrency payments and managing subscription status
• Security & Fraud Prevention: Detecting unauthorized access, preventing abuse, and ensuring platform integrity
• Service Improvement: Analyzing usage patterns to enhance features, optimize performance, and fix bugs
• Communication: Sending service notifications, security alerts, and responding to support requests (we do not send marketing emails without explicit consent)
• Legal Compliance: Meeting regulatory obligations and responding to lawful requests from authorities

4. Legal Basis for Processing (GDPR)

We process your personal data under the following lawful bases:

• Contractual Necessity: Processing required to provide our services under our Terms of Service
• Consent: For optional features like analytics cookies (you can withdraw consent at any time)
• Legitimate Interests: Fraud prevention, security monitoring, and service optimization (balanced against your privacy rights)
• Legal Obligation: Compliance with applicable laws and regulations

5. Data Sharing and Disclosure

We do NOT sell or rent your personal information. We share data only in these limited circumstances:

• Service Providers: Third-party vendors who assist with authentication (Clerk), hosting, and analytics (subject to strict data processing agreements)
• Legal Requirements: When required by law, court order, or to protect our legal rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice provided to affected users)
• With Your Consent: Any other disclosure will require your explicit permission

6. Data Retention

We retain your personal information for the following periods:

• Account Data: Retained while your account is active, plus 90 days after deletion to allow for account recovery
• Usage Logs: Retained for 12 months for security and fraud prevention purposes
• Payment Records: Retained for 7 years to comply with financial regulations
• Communication Data: Support tickets retained for 3 years for service quality and legal purposes

After these periods, data is securely deleted or anonymized.

7. Your Privacy Rights

7.1 GDPR Rights (EEA/UK Users)

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing at any time

7.2 CCPA/CPRA Rights (California Users)

• Right to Know: Request disclosure of categories and specific pieces of personal information collected
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: We do NOT sell or share personal information for behavioral advertising
• Right to Non-Discrimination: Exercise your rights without discrimination in service or pricing

To exercise these rights, contact us at: privacy@yourcompany.com

We will respond to verified requests within 30 days (45 days for complex requests).

8. Cookies and Tracking Technologies

We use the following types of cookies:

• Strictly Necessary Cookies: Essential for authentication and security (cannot be disabled)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Understand how users interact with our platform (requires consent)

You can manage cookie preferences through your browser settings. See our Cookie Policy for details.

9. Data Security

We implement industry-standard security measures including encryption (TLS 1.3 in transit, AES-256 at rest), access controls, regular security audits, and employee training. However, no system is 100% secure. In the event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours as required by GDPR.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. For EEA users, we ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission. We comply with Privacy Shield principles where applicable.

11. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have collected data from a minor, contact us immediately for deletion.

12. Changes to This Policy

We review and update this Privacy Policy at least annually or when significant changes occur to our data processing practices. The "Effective Date" at the top indicates the last update. Material changes will be communicated via email or prominent notice on our platform at least 30 days before taking effect.

13. Contact Information

For privacy-related inquiries or to exercise your rights:

EEA users also have the right to lodge a complaint with their local data protection authority.