In the following privacy policy, we inform you, which personal data is processed when using the website and the web crawling and scraping web application by crwl.io.
crwl.io e.U. (Owner Christian Olear)
Fabrikstraße 32/605
4020 Linz
AUSTRIA
The purpose of data processing is to provide the website and the web crawling and scraping software (SaaS) by crwl.io.
In particular, personal data is gathered and processed at the following stages:
When visiting the website, server logs are created. These include the IP address, date and time of access, the accessed page, and information about the browser and operating system used.
This data is processed to ensure the security and stability of our systems, for example to detect suspicious activity.
The processing is based on our legitimate interest in accordance with Art. 6(1)(f) GDPR, specifically in ensuring the security, stability, and optimization of our website.
When registering and setting up your user account, we store the following data:
These data are used to provide and personalize the application and enable you to use all its features. The data will be retained for as long as your account exists and will be completely removed upon its deletion.
The processing is based on your consent in accordance with Art. 6(1)(a) GDPR, which you provide during registration.
We use the payment service provider Stripe, operated by Stripe Payments Europe, Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland, to process payments and manage subscriptions.
When executing one-time or recurring payments, the following personal data is transmitted to Stripe:
The processing of this data is based on our legitimate interest in providing an efficient and secure payment method (Art. 6(1)(f) GDPR) and to fulfill our contractual obligations to you (Art. 6(1)(b) GDPR).
Stripe assumes a dual role in the processing of personal data. On the one hand, Stripe acts as a processor when carrying out transactions on our behalf as part of payment processing. In this context, Stripe has been contractually bound under Art. 28 GDPR to comply with applicable data protection regulations and to act exclusively on our instructions.
On the other hand, Stripe also processes certain data as an independent controller, for example to fulfill legal obligations such as fraud prevention or anti-money laundering. These processing activities are carried out on the basis of Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interests of Stripe). We have no influence on this type of data processing.
As Stripe is a US-based company operating globally, personal data may be transferred to Stripe group companies in the United States. Stripe ensures appropriate safeguards for these transfers, including the use of EU standard contractual clauses (SCCs) and, where applicable, certification under the EU-U.S. Data Privacy Framework.
Further information about Stripe's data protection measures and options for objection and complaint can be found at: https://stripe.com/privacy-center/legal.
Your payment data will be stored by us for the duration of the payment process and beyond, as required for refunds, claims management, or fraud prevention.
Cookies are small text files that are stored on your device when you visit a website, allowing subsequent page visits to be associated with you and possibly collecting information, e.g. about your activity on the website.
There are different categories of cookies:
The use of non-essential cookies only takes place after your explicit consent via our cookie banner, which is displayed upon first visit. You can change or withdraw your consent at any time.
Cookies used when visiting the crwl.io website and web application:
Protecting your personal data is important to us. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These include, among others, encrypted data transmission (TLS), access controls, role-based permissions, regular security updates, and backups.
Our systems are designed to prevent unauthorized access to personal data as well as accidental or unlawful alteration, loss, or disclosure.
To fulfill our contractual or legal obligations, the purpose of data processing, or when there is a legitimate interest in business transactions involving third parties, it may be necessary to transmit your data to third parties. Possible recipients may include authorities, courts, tax advisors, banks, lawyers, insurers, IT service providers, and hosting companies. The forwarding of your data is exclusively based on the GDPR.
In general, your personal data will not be transferred to recipients in third countries. If we need to transfer your data to a country outside the EEA, it will only be to countries for which the EU Commission has decided that they have an adequate level of data protection, or we will take measures to ensure that all recipients have an adequate level of data protection, including the use of standard contract clauses (2010/87/EC and/or 2004/915/EC).
When we process your personal data, you are considered a data subject under the GDPR. In this case, you can exercise your data subject rights. These rights include:
Some of these rights can be exercised independently within the application (e.g. rectification). If this is not the case, you can contact us by email (office@crwl.io).
If you believe that our processing of your personal data violates applicable data protection law or your data protection rights have otherwise been violated, you have the option to lodge a complaint with the competent supervisory authority. In Austria, the competent authority for this purpose is the Datenschutzbehörde (https://www.dsb.gv.at/).