Privacy Policy

This Privacy Policy explains how ScrapeSpace collects, uses, and protects your information. By using the platform, you agree to this policy.

1. Information We Collect

  • Account Data: Email and authentication information managed via Keycloak (our identity provider).
  • Prompt and Script Data: The natural-language prompts you submit to the AI agent, and any reusable automation scripts that result from successful agent runs. Scripts and prompts are stored as part of your team's workspace and are visible only to your team unless you explicitly contribute a script to our shared knowledge base.
  • Stored Login Credentials: If you save third-party site credentials (e.g., a social account login) for use in authenticated automations, those credentials are encrypted at rest using AES-256-GCM. Session cookies captured during a logged-in run are stored alongside the credential and reused only when you explicitly trigger an automation that requires that account.
  • Execution Data: Job logs, statuses, run timings, screenshots (when enabled), and the structured output (records) extracted by your jobs.
  • Billing Data: Payment metadata processed by Stripe. We do not store full payment card numbers; Stripe handles all payment information.
  • Diagnostic and Usage Telemetry: Aggregated metrics on platform reliability and performance (e.g., job duration, error categories, AI token usage). Used for billing, abuse prevention, and product improvement.

2. How Your Data is Used

  • To operate and maintain the platform (running the AI agent, executing saved automations, scheduling jobs, providing live logs).
  • To enforce plan limits and billing.
  • To monitor platform performance, diagnose errors, and prevent abuse.
  • Your prompts and the page contents that the agent encounters during execution are sent to Anthropic's Claude API in order to power the AI agent. Anthropic processes this data per their privacy policy and does not use it to train their models.
  • If you opt into the cross-team knowledge base, generic (non-personal, non-account-bearing) automation scripts may be made available to other teams. Scripts containing your stored login credentials, your clarifier answers, or your private parameter values are excluded from the knowledge base by design.

3. Data Sharing

We do not sell your personal data and we do not share it with third parties for advertising. We share limited data with the following processors strictly to operate the service:

  • Stripe: Payment processing (subscription billing).
  • Anthropic (Claude API): AI agent inference. Your prompts and the page contents the agent reads during a run are sent to Anthropic. Anthropic processes this data under their privacy policy and does not train models on your data.
  • 2Captcha: CAPTCHA solving, when a target site presents a CAPTCHA during your scrape. Only the CAPTCHA challenge data (not your prompt or extracted output) is shared.
  • Keycloak (self-hosted): Authentication and session management. Hosted on infrastructure we operate.
  • Hosting infrastructure: Compute, database (PostgreSQL), Redis cache, and object storage (MinIO) for screenshots and exports. Operated by us on cloud infrastructure.

4. Cookies

ScrapeSpace uses cookies that are strictly necessary to operate the service.

  • Authentication cookies: Set by Keycloak to maintain your logged-in session. Required for the platform to function.

We do not currently use third-party advertising cookies or analytics that require consent.

5. Data Retention

Scripts are stored as part of your workspace and are retained until deleted by you or your team. Job logs and metadata may also be retained for diagnostics and UX purposes. If you delete your account, associated data will be deleted upon request.

6. Account & Data Deletion

You may request full account and data deletion by contacting support. Deletion is manual and irreversible.

7. EU Customers & GDPR

We accept users from the European Union and respect data protection laws. You have the right to request access, correction, or deletion of your data at any time. You also have the right to opt out of non-essential tracking.

8. Security

We implement reasonable security measures including HTTPS encryption, secure authentication, and access control practices.

9. Changes

This policy may be updated. Continued use of the platform constitutes acceptance of the most recent version.

10. Contact

For privacy-related concerns, email: [email protected]