Privacy Policy

Last Updated: October 12, 2025

1. Introduction

Welcome to Scrapius ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SaaS platform at scrapius.com (the "Service").

By using Scrapius, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when you:

  • Create an account (email address, password)
  • Subscribe to our newsletter (email address)
  • Use our Service (saved ideas, search queries, validation data)
  • Subscribe to Pro tier (billing information processed by Stripe)
  • Contact us for support (name, email, message content)

2.2 Automatically Collected Information

When you access our Service, we automatically collect:

  • Usage data (pages visited, features used, time spent)
  • Device information (browser type, operating system, device type)
  • IP address and general location data
  • Log data (access times, error logs, performance metrics)

2.3 Third-Party Data

Our Service analyzes publicly available Reddit posts and comments. We do not store Reddit user credentials or access private Reddit data. All Reddit data accessed is publicly available and subject to Reddit's Terms of Service and Privacy Policy.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Provide, maintain, and improve our SaaS platform
  • Account Management: Create and manage your account, authenticate access
  • Subscription Processing: Process payments and manage Pro tier subscriptions
  • Personalization: Save your ideas, validation history, and preferences
  • Analytics: Analyze usage patterns to improve features and performance
  • Communication: Send product updates, security alerts, and support responses
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service
  • Security: Detect, prevent, and address technical issues and fraud

4. Data Storage and Security

4.1 Data Storage

We use Supabase (a secure, enterprise-grade database platform) to store your data. Supabase provides:

  • Row-level security (RLS) policies ensuring you only access your own data
  • Encrypted data transmission (SSL/TLS)
  • Regular automated backups
  • SOC 2 Type II compliance

4.2 Security Measures

We implement industry-standard security measures including:

  • End-to-end encryption for data in transit
  • Secure password hashing (bcrypt)
  • JWT-based authentication with secure token handling
  • Regular security audits and vulnerability assessments
  • Access controls and monitoring

4.3 Payment Security

We use Stripe for payment processing. We do not store credit card information on our servers. All payment data is handled by Stripe in compliance with PCI-DSS requirements. Please review Stripe's Privacy Policy at stripe.com/privacy.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Service Providers: Supabase (database), Stripe (payments), OpenAI (AI analysis), Vercel (hosting)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection: To protect our rights, property, or safety, and that of our users
  • With Your Consent: When you explicitly authorize us to share your data

6. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Data Portability: Receive your data in a structured, machine-readable format
  • Opt-Out: Unsubscribe from marketing communications
  • Withdraw Consent: Revoke previously granted permissions

To exercise these rights, contact us at privacy@scrapius.com or through your account settings.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy:

  • Active Accounts: Data retained while your account is active
  • Account Deletion: Most data deleted within 30 days of account deletion request
  • Archived Posts: Automatically deleted 30 days after archiving
  • Legal Requirements: Some data may be retained longer to comply with legal obligations
  • Backups: Data may persist in backups for up to 90 days after deletion

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze usage patterns and performance
  • Improve user experience

You can control cookies through your browser settings. Note that disabling cookies may affect Service functionality.

9. Third-Party Services

Our Service integrates with third-party services that have their own privacy policies:

  • Supabase: supabase.com/privacy
  • Stripe: stripe.com/privacy
  • OpenAI: openai.com/privacy
  • Reddit: reddit.com/policies/privacy-policy
  • Vercel: vercel.com/legal/privacy-policy

We recommend reviewing these policies to understand how your data is handled by these services.

10. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected data from a child under 18, please contact us immediately at privacy@scrapius.com.

11. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification for significant changes

Your continued use of the Service after changes constitute acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@scrapius.com

Support: support@scrapius.com

X (Twitter): @alechko_ags

14. GDPR & CCPA Rights

14.1 GDPR (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR including the right to lodge a complaint with a supervisory authority.

14.2 CCPA (California Users)

If you are a California resident, you have additional rights under CCPA including:

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your CCPA rights