Legal

Privacy Policy

Effective May 3, 2026 · Last updated May 3, 2026

This Privacy Policy describes how CrawlHub ("we", "us", "our") handles information collected when you visit our website, sign up for an account, or use our crawling services (collectively, the "Service"). By using the Service you agree to the practices described here.

1. Who we are

CrawlHub operates a real-time web-intelligence platform that crawls publicly available data from third-party platforms and delivers it to customers via API and dashboard. We are accountable for the data we collect about you as a customer or visitor of this website. For data subjects whose public posts pass through the Service on a customer's behalf, the customer is the data controller and we act as a processor.

2. Information we collect

Account information. When you sign up, we collect your email address, a hashed password, and your account name. If you contact us we'll keep a record of the conversation.

Billing information. Our payment processor (Stripe) collects card details directly. We never see or store full card numbers — we only retain the last four digits, card brand, expiration, and a billing reference for invoicing.

Usage data. When you use the Service we log API calls, dashboard events, IP addresses, browser type, OS, request timestamps, error traces, and which endpoints you query. We use this to operate, secure, and improve the Service.

Crawled data passing through the Service. When you run a crawl, the Service fetches public data from the target platform (X, Telegram, LinkedIn, etc.) and delivers it to you. By default we do not retain copies of crawled records after delivery. If you opt into managed storage (available on Business and Enterprise plans), we retain records for the duration you configure.

Cookies and similar. We use a small set of essential cookies for authentication and CSRF protection, plus first-party analytics to count page views. We do not load third-party advertising trackers.

3. How we use information

  • To provide and operate the Service.
  • To send transactional email (account verification, password resets, billing receipts, security alerts).
  • To respond to your support requests.
  • To detect, prevent, and respond to fraud, abuse, and security incidents.
  • To meet our legal obligations.
  • To improve the Service in aggregate (e.g., understand which endpoints are slow).

We do not sell your information. We do not use your information to train machine-learning models or sell it to data brokers.

4. How we share information

We share limited information only with the following categories of recipients, all bound by data-protection terms:

  • Sub-processors essential to running the Service: our hosting provider (Vercel), our payment processor (Stripe), our error-monitoring tooling, and our transactional email provider.
  • Law enforcement when we receive a valid legal order. We will challenge overbroad requests where lawful.
  • Successors in the event of a merger, acquisition, or asset sale, subject to equivalent privacy protections.

We do not disclose your information to advertisers or data resellers.

5. Crawled-data responsibilities

Crawled data is sourced from public surfaces of third-party platforms and delivered to you. You are responsible for the lawful and ethical use of records you collect through the Service, including compliance with applicable data-protection laws (GDPR, CCPA, etc.) when those records contain personal data of natural persons. Our Terms of Service describes this division of responsibility in more detail.

6. Your rights

Depending on where you live, you may have rights to:

  • Access the personal information we hold about you.
  • Correct information that is inaccurate.
  • Delete your account and associated personal data.
  • Export your data in a portable format.
  • Object to certain processing activities.
  • Lodge a complaint with your local data-protection authority (in the EU/UK, your supervisory authority).

To exercise any of these rights, email [email protected] with your request. We respond within 30 days (or sooner where required by local law).

7. Data retention

  • Account data: retained while your account is active and for up to 12 months after closure for tax/accounting purposes, after which it's deleted.
  • Usage logs: retained for up to 90 days for security and debugging, then aggregated and anonymized.
  • Crawled records: by default not retained beyond delivery. If you opt into managed storage, retention follows the period you configure.
  • Billing records: retained for the period required by applicable tax law (typically 7 years).

8. International transfers

Our hosting and sub-processors operate globally. If you access the Service from outside the country where our hosting is located, your data may be transferred internationally. We rely on Standard Contractual Clauses or equivalent legal mechanisms for transfers from the EU/UK.

9. Security

We use industry-standard practices: encrypted transit (TLS), encrypted storage at rest, hashed passwords (bcrypt or stronger), least-privilege access for employees, audited sub-processors. No system is perfectly secure — if we detect a breach affecting your data we will notify you and the relevant authorities within the timelines required by applicable law.

10. Children

The Service is not intended for individuals under the age of 16. We do not knowingly collect information from children. If you believe a child has signed up, contact us and we'll remove the account.

11. Changes to this policy

We may update this Privacy Policy from time to time. The effective date at the top reflects the most recent change. For material changes we'll notify active customers by email at least 30 days before the change takes effect.

12. Contact

For privacy-related questions, complaints, or requests, email [email protected] with the subject line "Privacy".

Privacy Policy | CrawlHub