Privacy Policy

1. Overview

hintrix is committed to protecting your privacy. We collect only the minimum data necessary to provide our web crawling API service. This policy explains what data we collect, why we collect it, and how we handle it.

2. Data We Collect

Data	Purpose	Retention
Email address	Account identification, service communications	Until account deletion
Password	Account authentication (stored as a salted hash, never in plain text)	Until account deletion
API usage logs	Billing, usage tracking, debugging	90 days
IP addresses	Rate limiting, abuse prevention	90 days
Crawled content	Delivering results to you	7 days

We send transactional emails for account verification and password resets via SMTP. We do not send marketing emails.

3. Analytics

We use a self-hosted Plausible Analytics instance for website analytics. Plausible is a privacy-friendly, cookieless analytics tool that does not collect any personal data. It does not use cookies, does not track users across sites, and is fully compliant with GDPR, CCPA, and PECR without requiring consent. Our self-hosted instance means analytics data never leaves our own infrastructure.

4. Cookies

hintrix uses only a single session cookie that is technically necessary for maintaining your login session. This cookie:

• Is strictly necessary for the Service to function
• Does not track you across websites
• Does not contain personal information
• Does not require consent under GDPR as it is a technically necessary cookie

We do not use any tracking cookies, advertising cookies, or third-party cookies.

5. Third-Party Services

We use the following third-party service for payment processing:

• Creem.io -- handles payment processing for credit purchases. When you make a payment, your payment information is processed directly by Creem.io. We do not store your credit card details. Creem.io's privacy policy applies to payment data.

6. Data Sharing

We do not sell, rent, or share your personal data with third parties. Your data is only processed for the purposes described in this policy. We may disclose data only if required by law or to protect our legal rights.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Passwords stored using strong one-way hashing (bcrypt)
• All data transmitted over HTTPS/TLS
• API keys stored securely with access controls
• Regular security reviews of our infrastructure

8. Your Rights

Under GDPR and similar privacy regulations, you have the right to:

• Access -- request a copy of the personal data we hold about you
• Rectification -- request correction of inaccurate data
• Deletion -- request deletion of your account and all associated data
• Export -- request a machine-readable export of your data
• Restriction -- request restriction of processing in certain circumstances

To exercise any of these rights, email . We will respond within 30 days.

9. Data Retention

• Account data (email, hashed password): retained until you delete your account
• API usage logs (endpoints called, timestamps, credit usage): 90 days
• IP addresses: 90 days
• Crawled content: 7 days after delivery, then permanently deleted

When you delete your account, all personal data is permanently removed within 30 days.

10. Children

The Service is not directed at individuals under 16 years of age. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice on the Service. The "last updated" date at the top of this page indicates the most recent revision.

12. Contact

For any questions or concerns about this Privacy Policy, or to exercise your data rights, contact us at: