Privacy Policy

Last updated: February 12, 2026 — Version 1.1

1. Introduction

scrapen.ai (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and store your information when you visit our website or use our Service.

2. Data Controller

Scrapen.ai is the data controller responsible for your personal data. For any privacy-related inquiry, contact us at info@scrapenai.com

We currently do not appoint a Data Protection Officer (DPO), as we are not legally required to do so. For any privacy-related questions, please contact info@scrapenai.com.

3. Data We Collect

We collect only the data that is strictly necessary to provide and improve the Service.

We collect the following categories of data:

  • Account information: name, email, login credentials.
  • Payment information: handled by Stripe (we do not store full card details).
  • Usage data: device type, browser, IP address, session logs.
  • Content data: text, prompts, or information you input into the Service.

4. Legal Basis for Processing

We process your personal data on the following legal grounds under the GDPR:

  • Performance of a contract (Art. 6(1)(b) GDPR): processing necessary to provide you with the Service, manage your account, and process payments.
  • Legitimate interests (Art. 6(1)(f) GDPR): improving and securing the Service, fraud prevention, and analytics.
  • Consent (Art. 6(1)(a) GDPR): where you have given consent for specific processing activities, such as marketing communications or non-essential cookies. You may withdraw your consent at any time.
  • Legal obligation (Art. 6(1)(c) GDPR): where processing is necessary to comply with applicable laws or regulations.

5. Data Storage & Security

Your data is securely hosted on servers provided by Hetzner Online GmbH (Germany).
We apply industry-standard encryption and access controls. We implement technical and organizational measures appropriate to the level of risk in accordance with Article 32 GDPR.

6. Chrome Extension Data Usage

Our Chrome Extension may access and process the content of web pages you explicitly interact with in order to extract information requested by you.

  • The Extension processes content only on pages where the user actively interacts with the Extension features.
  • The Extension does not collect browsing history, passwords, or personal data unrelated to the requested task.
  • Data extracted is transmitted securely to our servers solely to provide the requested Service functionality.
  • We do not sell or share collected data with third parties.
  • All processing occurs only when initiated by the user.
  • Extracted data is automatically deleted after 90 days at most. If the user does not explicitly choose to preserve specific data, it is automatically deleted after 30 days. Users may also request immediate deletion at any time.

Data is not shared with third parties except trusted service providers strictly required for infrastructure and payment processing.

We do not collect or transmit data unrelated to the core functionality of the Extension.

During an active, user-initiated extraction session, the Extension may temporarily display visual indicators on the page (such as an overlay interface, cursor change, or temporary page title modification) to clearly signal that an extraction process is in progress.

These visual modifications are strictly temporary, do not alter the underlying website content or functionality, and are removed once the extraction process is completed.

The Extension may extract only the content explicitly requested by the user, which may include:

  • User-selected text
  • Visible page content
  • User-requested screenshots of the current tab

No background or automatic data collection occurs without explicit user interaction.

7. Payments

All payments are processed through Stripe, which complies with PCI DSS security standards. Stripe acts as a data processor under a Data Processing Agreement (DPA) in line with the GDPR.

8. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Access your data.
  • Request correction or deletion.
  • Object to processing or request data portability.
  • Request restriction of processing.
  • Withdraw consent for marketing communications.
  • Lodge a complaint with a supervisory authority (e.g., the German Federal Commissioner for Data Protection and Freedom of Information — BfDI, or your local data protection authority).
  • Not be subject to automated decision-making, including profiling, that produces legal or significant effects (Article 22 GDPR).

We do not engage in automated decision-making or profiling as defined under Article 22 of the GDPR.

9. Cookies & Analytics

We use cookies to improve the Service and measure performance (Google Analytics, etc.). You can manage or disable cookies in your browser settings or via our Cookie Policy.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account data: retained for the duration of your account and deleted within 30 days of account closure, unless retention is required by law.
  • Payment data: transaction records are retained for the period required by applicable tax and accounting laws (typically up to 10 years).
  • Usage and analytics data: retained for up to 26 months.
  • Content data (data extracted via the Service or Chrome Extension): automatically deleted after a maximum of 90 days from the date of extraction. Users may choose to preserve specific data within their account session using the in-app retention feature; such data is retained for as long as the user actively maintains it. If no explicit preservation action is taken by the user, content data is automatically deleted after 30 days. Users may request earlier deletion at any time by contacting us at info@scrapenai.com.

Server logs are retained for security and fraud prevention purposes for up to 90 days.

11. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA) on servers provided by Hetzner Online GmbH in Germany. However, some of our service providers (such as Google Analytics and Stripe) may process data outside the EEA, including in the United States. Where such transfers occur, we ensure that appropriate safeguards are in place, including EU Standard Contractual Clauses (SCCs) or other mechanisms approved under the GDPR, to protect your personal data.

12. Sub-processors

We use the following third-party sub-processors to operate the Service:

  • Hetzner Online GmbH (Germany) — hosting and infrastructure.
  • Stripe, Inc. (USA) — payment processing.
  • Google LLC (USA) — analytics (Google Analytics).

Each sub-processor is bound by a Data Processing Agreement (DPA) in accordance with the GDPR.

13. Children’s Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that data promptly. If you believe a child has provided us with personal data, please contact us at info@scrapenai.com.

14. Updates to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated via email or through a notice on our website. Please review this page periodically — changes take effect upon publication. Continued use of the Service after the updated Privacy Policy has been published constitutes acceptance of the changes.