ScraperAPI and/or Saas.group LLC may collect two types of information from Users: “Personal Data” and “Aggregate Information” (as defined below).
3.1 – Processing Personal Data in a secure, fair, and transparent way is extremely important to us at ,ScraperAPI.
“Controller” is given the same meaning as in the GDPR, i.e. a party that determines the purposes and means of the processing of Personal Data; we are the Controller with respect to your Personal Data.
“Data Subjects” refers to those individuals residing in the European Union who are our Users.
“Incident” means: (a) a complaint or a request with respect to the exercise of an individual’s rights under the GDPR; (b) an investigation into or seizure of the Personal Data by government officials, or a specific indication that such an investigation or seizure is imminent; or (c) any breach of the security and/or confidentiality as set out in this Policy leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, the Personal Data, or any indication of such breach having taken place or being about to take place.
“Personal Data” is given the same meaning as in the GDPR, i.e. any data relating directly or indirectly to an identifiable Data Subject. Personal Data does not include any data that is anonymised, aggregated, de-identified and/or compiled on a generic basis and which does not name or identify a specific individual, directly or indirectly.
“Processing” is given the same meaning as in the GDPR, such as collecting, recording, using, storing, amending, adapting, disclosing, transferring or transmitting, structuring, using, combining, deleting or destroying Personal Data”
“Processor” is the party that processes Personal Data on behalf of the controller; our sub-processors are the Processor of your Personal Data as detailed in this Policy.
3.3 – ScraperAPI collects Personal Data that is voluntarily provided when a User on our Platform creates an account or logs into their account. Specifically, when you sign up for an account, we ask you for your email address, username, GitHub username, business information, billing information and payment information.
3.4 – This information is used to assist us in helping you select the appropriate service package, to allow you to authenticate to the Platform, to send you e-mail notifications, ScraperAPI’s newsletters or other marketing materials.
3.5 – Some of the information you submit may be displayed on a public profile page upon your consent and only to the extent approved by you. ScraperAPI also automatically collects and stores information about our User’s use of the Platform and our Services, including page scraping activities, so that information gathered by a User through our Platform or Services can be served up each time a User logs in to the Platform. The logs are not kept on file for longer than seven (7) days, after seven (7) days the logs are permanently deleted and we don’t have any access to them.
3.6 – We will process User’s Personal Data only to the extent strictly necessary for the purpose of using the Platform and/or providing Services in accordance with the Terms and this Policy and any further written instructions from the User that are mutually agreed upon between us. We shall:
3.6.1 – implement and maintain a reasonable and appropriate security program comprising adequate security, technical and organizational measures to protect against unauthorized, unlawful or accidental Processing, use, erasure, loss or destruction of, or damage to, User’s Personal Data;
3.6.3 – provide adequate training to our staff and ensure that they comply with the obligations in this Policy; and
4.1 – We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
4.1.1 – If you are a User or prospective User, we will process your Personal Data to perform the contract we are about to enter into or have entered into with you or your company;
4.1.2 – Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests; or
4.1.3 – Where we need to comply with a legal obligation.
4.2 – When we process your Personal Data, we are required to have a lawful basis for doing so. There are various different lawful bases on which we may rely, depending on what Personal Data we process and why.
4.3 – Please see the below for more information on the lawful basis that we may rely on:
consent: where you have given us clear consent for us to process your Personal Data for a specific purpose
contract: where our use of your Personal Data is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
legal obligation: where our use of your Personal Data is necessary for us to comply with the law (not including contractual obligations)
legitimate interests: where our use of your Personal Data is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your Personal Data which overrides our legitimate interests)
5.1 – Where you have ordered Services, we may share your Personal Data with third party contractors in order to perform such Services.
5.2 – Payment processing services enable us to process payments by credit card, PayPal or, in some cases, bank transfer. To ensure greater security, we only share the information necessary to execute the transaction with the financial intermediaries handling the transaction and we do not store any of your financial details ourselves. Some of these services may also enable the sending of timed messages to you, such as emails containing invoices or notifications concerning the payment.
5.3 – We will also share Personal Data with law enforcement or other authorities if required by applicable law.
6.1 – We will generally not transfer your Personal Data to any jurisdiction located outside the European Economic Area (EEA) without your consent. Where we transfer your Personal Data outside of the EEA, we will only do so for the purposes mentioned in this Policy and any Contract that we have entered into with you or the entity that you are representing or for our legitimate interests.
6.2 – However, as many countries outside of the EEA do not have the same data protection laws as the EEA, when making such a transfer of data, we will always rely on a safeguard mechanism under the GDPR. We may only transfer your Personal Data to a country which the European Commission have given a formal adequacy decision/regulation that confirms this third-country provides an adequate level of data protection similar to those which apply in the EEA. Or, if the third-country does not have an adequacy decision awarded to it, any transfer of your personal information will be subject to entering into the European Commission’s Standard Contractual Clauses (the SCCs) which are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data.
6.3 – We will not otherwise transfer your Personal Data outside of the EEA or to any organization (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
7.1 – We would like to send you information about the website, our services, the services on sale and any special offers, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
7.2 – We will ask whether you would like us to send you marketing messages when you provide consent to such marketing, or where you have purchased services from us.
7.3 – If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
7.3.1 – contacting us using the detail provided at the end of this Policy; or
7.3.2 – using the ‘unsubscribe’ link in emails.
In supplying Personal Data to us, the User warrants that it has all necessary rights to provide such Personal Data for Processing in connection with the provision of the Services . To the extent required by applicable law, the User is responsible for ensuring that any Data Subject consents that may be necessary to this processing are obtained, and for ensuring that a record of such consents is maintained, including any consent to use Personal Data that is obtained from third parties.
9.1 – We may also collect aggregate information. Aggregate information is information about your activities on the Platform or in connection with the Services that cannot be used to identify, locate, or contact you (such as frequency of visits to the Platform, data entered when using the Platform, Platform pages most frequently accessed, browser type, etc.). Aggregate information is collected as you visit our Platform (Platform) or interact with our Services even if you do not enter any information. Generally, aggregate information is anonymised and is used in a collective manner, and no single person can be identified by that compiled information. We use aggregate information to provide the Services, as well as to determine the use of our Platform and to monitor, audit and analyze information pertaining to our business metrics.
9.2 – We may use aggregate information to improve the Platform and Services, to monitor traffic and general usage patterns, and for our other legitimate business interests. We may disclose aggregate information to third parties for a variety of business reasons, including to potential investors so that they may better understand our user base, etc. Aggregate information will not include any Personal Data and we will not disclose any Personal Data except as expressly stated elsewhere in this Policy.
10.1 – We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorised access to systems where we store Personal Data.
10.2 – We restrict access to collected information to ScraperAPI employees, service providers and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use secure socket layer (“SSL”) technology to encrypt and protect the security of your personal information, including but not limited to your credit card number, when it is sent over the Internet.
ScraperAPI processes your Personal Data only for the purposes for which it was collected and in accordance with this Policy. We review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Data needed to provide or improve our Services. We take reasonable steps to ensure that the Personal Data we process is accurate, complete, and current, but we depend on our users to update or correct their Personal Data whenever necessary.
12.1 – Our Platform and Services are not directed to children and we will not request personally identifiable information from anyone who we know to be under the age of 18, unless we have obtained verifiable parental consent from a parent or legal guardian. If we become aware that a user under the age of 18 has registered with our Platform or Services, provided Personal Data, and we have not obtained prior verifiable consent from a parent or legal guardian, we will immediately remove the User’s Personal Data from our files.
12.2 – We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.
In the event that ScraperAPI sells substantially all of its assets, or one of ScraperAPI’s business units is acquired, Personal Data of Users will likely be one of the transferred assets.
14.1 – Under the GDPR, you have a number of important rights free of charge. In summary, those include rights to:
14.1.1 – fair processing of information and transparency over how we use your use Personal Data
14.1.2 – access to your Personal Data and to certain other supplementary information that this Policy is already designed to address
14.1.3 – require us to correct any mistakes in your Personal Data which we hold
14.1.4 – require the erasure of Personal Data concerning you in certain situations
14.1.5 – receive the Personal Data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
14.1.6 – object at any time to processing of Personal Data concerning you for direct marketing
14.1.7 – object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
14.1.8 – object in certain other situations to our continued processing of your Personal Data
14.1.9 – otherwise restrict our processing of your Personal Data in certain circumstances
14.2 – If you would like to exercise any of those rights, please email or write to us using the details provided at the end of this Policy.
14.3 – We will require information from you to allow us to identify you. We will endeavor to respond to all requests with 30 days of receipt.
15.1 – When you access our Platform or use our Services, we may collect information regarding your IP address for the purposes of administering the Platform and tracking Platform usage. However, your IP address may vary each time you visit or it may remain the same depending on the type of Internet connection you are using or the location from which you access the Platform.
15.2 – We may also collect information about the websites that directed you to our Platform after you clicked on a text or banner link or an ad from another website, or the day and time you visited our Platform and how long you spent on the Platform. We aggregate such information to help us to compile reports as to trends and other behavior about users visiting our Platform. However, such information is anonymous and cannot be tied directly to you.
15.3 – We may also use “cookies” and your personal information to enhance your experience on the Platform, Platform and with the Services and to provide you with personalized offers. A cookie is a small data file placed on your computer’s hard drive that contains information that allows us to track your activity on the Platform. The cookie itself does not contain any Personal Data; however, if you provide us with any personal information the cookie may act as an identifier to tie your personal information to your IP address or computer. You may choose to delete cookies from your computer’s hard drive at any time or to disable cookies on your computer. If you delete cookies that relate to the Platform, we may not be able to identify you upon your return to the Platform. Additionally, if you disable your computer’s cookies, you may not be able to access certain features of the Platform or Services that require that cookies be enabled.
15.4 – The Platform’s cookies cannot be used to read data from your hard drive and cannot retrieve information from any other cookies created by other websites. Additionally, our cookies cannot be used as a virus, Trojan horse, worm, or any other malicious tool that could impair your use of your computer. Our cookies are used to help us better understand how you and other users use the Platform so we can continue to provide a better, more personalized user experience on the Platform.
15.5 – We also share website usage information about our Platform (Platform) with those interested in running targeted promotional campaigns on the Platform. For this purpose, we and our advertisers track some of the pages that you visit on the Platform through the use of pixel tags (also called clear gifs).
15.6 – We will ask for your consent to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested (e.g. to enable you to use our check-out process or remember you when you wish to log-into your account).
15.8 – The table below provides more information about the cookies we use and why: