This Privacy Policy explains how ScrapeSilo ("we", "us") collects, uses, and protects personal data when you use our website, dashboard, and API (the "Services"). It covers data about you as a ScrapeSilo customer. It does not govern the content of the third-party pages you scrape — you are the controller of any personal data you choose to collect through the Services, and your obligations for that data are described in section 7.
1. Data we collect
| Category | Examples | Why |
|---|---|---|
| Account data | Name, email address, organization, authentication identifiers | Create and secure your account, sign you in, contact you |
| Billing data | Plan, billing email, and a token from our payment processor (we never see your full card number) | Process subscriptions and payments |
| Usage data | API requests, target URLs and extraction instructions you submit, execution records, credit consumption, timestamps | Run and meter the Services, enforce quotas, support and debug |
| Technical data | IP address, browser and device information, log data | Security, abuse prevention, reliability |
2. How we use it
- To provide, operate, secure, and improve the Services.
- To meter usage, enforce plan limits, and bill you.
- To communicate with you about your account, security, and material changes to the Services or these policies.
- To detect, investigate, and prevent fraud, abuse, and violations of our Acceptable Use Policy.
- To comply with our legal obligations and enforce our Terms.
Where required by law, our basis for processing is performance of our contract with you, our legitimate interest in operating and securing the Services, your consent (where we ask for it), and compliance with legal obligations. We do not sell your personal data, and we do not use the data you scrape to train AI models.
3. Service providers we rely on
We use a small number of third-party providers to run ScrapeSilo, and we share personal data with them only as needed to deliver the Services. Rather than tie this policy to specific vendors, we describe them by the function they perform:
| Category of processor | What they handle |
|---|---|
| Payment processing | Subscription billing and card processing |
| Authentication & identity | Account sign-in and session management |
| Cloud hosting & infrastructure | Running the API, dashboard, and databases, and storing execution records |
| Proxy & network | Routing scrape requests when you enable proxying |
| Email delivery | Transactional and account email |
Each provider is bound to process personal data only on our instructions and to protect it. Some may process data in countries other than yours; where that happens we rely on appropriate safeguards (such as standard contractual clauses) as required by law. We will provide the current list of specific providers on request — see section 8.
4. Retention
We keep account and billing data for as long as your account is active and as needed afterward to meet legal, tax, and accounting obligations. Usage and execution records are retained for as long as they are useful for operating, supporting, and securing the Services, and then deleted or anonymized. You can delete API keys at any time and request deletion of your account as described below.
5. Security
We protect personal data with appropriate technical and organizational measures, including encryption in transit, hashing of API keys at rest, access controls, and isolation between accounts. No system is perfectly secure, but we work to keep risk low and will notify you and the relevant authorities of a breach affecting your data where the law requires.
6. Your rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of your personal data, to object to certain processing, and to withdraw consent. If you are in the EEA or UK, you have the rights granted by the GDPR / UK GDPR. If you are a California resident, you have the rights granted by the CCPA/CPRA, including the right to know, delete, and correct, and the right not to be discriminated against for exercising them — and because we do not sell or "share" personal data for cross-context behavioral advertising, there is no opt-out to exercise on that front. To make a request, contact us using section 8; we will verify and respond within the timeframes the law requires. You may also lodge a complaint with your local supervisory authority.
7. Data you scrape
When you use the Services to collect personal data from third-party pages, you are the data controller for that data and we act as your processor. You are responsible for having a lawful basis to collect and use it, for honoring the rights of the people it concerns, and for complying with the Acceptable Use Policy. We process scraped data only to return it to you and to operate the Services.
8. Contact
For privacy questions or to exercise your rights, email privacy@scrapesilo.com. We will respond as required by applicable law. See the contact page for other ways to reach us.