Privacy Policy
Effective date: February 05, 2026
This Privacy Policy explains in detail how Infocentrica Limited (“Company”, “we”, “us”, “our”) processes personal data in connection with the operation of the ScrapeIntel platform, website, APIs, and related services (collectively, the “Service”).
This Privacy Policy is intended to provide transparency regarding the Company’s data processing activities and to ensure compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable guidance issued by the UK Information Commissioner’s Office (ICO).
1. DATA CONTROLLER
1.1.
For the purposes of applicable data protection legislation, Ciao Apps LTD acts as the data controller in respect of personal data processed in connection with the provision, administration, operation, maintenance, and security of the Service. In this role, the Company determines the purposes for which personal data is processed and the essential means by which such processing is carried out.
1.2.
The Company determines how personal data relating to user registration, authentication, account administration, billing, payments, customer communications, technical monitoring, fraud prevention, and regulatory compliance is processed, and ensures that such processing is limited to what is necessary and proportionate for the stated purposes.
1.3.
The Company is established in the United Kingdom and operates from its registered office at Office 632 60 Tottenham Court Road, London, England, W1T 2EW, and is therefore subject to UK data protection law for the purposes of its data processing activities.
1.4.
All enquiries relating to this Privacy Policy, the Company’s processing of personal data, or the exercise of data subject rights may be addressed to privacy@scrapeintel.com, and the Company will review and respond to such enquiries in accordance with applicable legal requirements and within a reasonable timeframe.
2. SCOPE AND APPLICATION
2.1.
This Privacy Policy applies to all personal data processed by the Company when you access, browse, or use the Service, whether through the website or APIs, including when you create or manage an account, purchase credits, submit requests, or communicate with the Company.
2.2.
This Privacy Policy applies irrespective of whether you are acting as an individual user, a business user, or a representative of a legal entity, and regardless of whether your use of the Service is occasional or ongoing.
2.3.
This Privacy Policy does not apply to personal data contained within third-party websites, platforms, or content that users choose to access, extract, or process through the Service, as such content is neither provided nor controlled by the Company.
2.4.
Any processing of personal data contained within third-party content accessed through the Service is initiated and determined solely by the user, including decisions regarding purpose, scope, and further use, and therefore falls outside the Company’s role as data controller.
3. CATEGORIES OF PERSONAL DATA PROCESSED
3.1.
The Company processes personal data that users provide directly when registering for an account, logging into the Service, configuring account settings, or otherwise interacting with the Company where such processing is necessary to provide access to the Service.
3.2.
This data may include identifiers and contact information such as email address, username, authentication credentials, account identifiers, and similar information required to create, secure, and manage a user account.
3.3.
The Company processes billing and transaction-related data, including records of purchases, credit balances, invoices, and payment confirmations, for the purpose of administering payments and maintaining accurate financial records.
3.4.
Payment card details and other sensitive payment information are processed exclusively by third-party payment service providers in accordance with their own privacy policies and are not stored, accessed, or retained by the Company.
3.5.
The Company processes technical and usage-related data generated automatically through use of the Service, including IP addresses, device identifiers, browser and operating system information, timestamps, log files, API requests, and usage metrics, primarily for security, performance monitoring, and troubleshooting.
3.6.
The Company processes communications data, including the content of emails, support tickets, feedback, and other correspondence, in order to respond to enquiries, provide assistance, and maintain records of communications.
3.7.
The Company does not intentionally collect special category personal data or criminal offence data and does not require such data for access to or use of the Service.
4. PURPOSES OF PROCESSING
4.1.
The Company processes personal data in order to enable users to access, authenticate, and use the Service in accordance with the applicable Terms of Use. This includes ensuring that users can create accounts, log in securely, maintain active sessions, and access features and functionality made available through the Service.
4.2.
Personal data is processed to create, administer, and manage user accounts throughout their lifecycle, including the maintenance of account settings, preferences, credentials, and security mechanisms, as well as to prevent unauthorised access to accounts.
4.3.
The Company processes personal data for the purpose of administering billing, payments, and credit usage, including issuing invoices, maintaining transaction records, reconciling payments, handling refunds where required by law, and complying with accounting and tax obligations.
4.4.
Personal data is processed to communicate with users in relation to the operation of the Service, including responding to enquiries and support requests, sending technical or service-related notices, notifying users of changes affecting the Service, and providing security or compliance-related communications.
4.5.
The Company processes personal data to monitor, analyse, and improve the performance, stability, and functionality of the Service, including identifying technical issues, optimising system performance, and ensuring that the Service operates reliably and securely.
4.6.
Personal data is processed for the purposes of detecting, preventing, and investigating fraud, abuse, misuse, unauthorised access, or other activities that may compromise the security of the Service, harm users, or expose the Company to legal or regulatory risk.
4.7.
Personal data is processed where necessary to comply with applicable legal, regulatory, and statutory obligations, including obligations relating to data protection, financial record-keeping, regulatory reporting, and responses to lawful requests from competent authorities.
5. LEGAL BASES FOR PROCESSING
5.1.
The Company processes personal data where such processing is necessary for the performance of a contract, namely to provide the Service to users, to manage accounts and billing, and to perform obligations arising under the Terms of Use.
5.2.
The Company processes personal data where necessary to comply with legal obligations to which it is subject, including obligations under tax law, accounting regulations, data protection legislation, and other applicable statutory requirements.
5.3.
The Company processes personal data where such processing is necessary for the purposes of its legitimate interests, including maintaining the security and integrity of the Service, preventing fraud and misuse, improving functionality, and protecting the Company’s legal rights, provided that such interests are not overridden by the fundamental rights and freedoms of data subjects.
5.4.
Where personal data is processed on the basis of consent, such consent is obtained in accordance with applicable law and may be withdrawn by the data subject at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal.
6. DATA RETENTION
6.1.
The Company retains personal data only for as long as is reasonably necessary to fulfil the purposes for which such data was collected and processed, taking into account the nature of the data, the purposes of processing, and applicable legal requirements.
6.2.
Account-related and billing-related personal data may be retained for longer periods where required to comply with statutory retention obligations under applicable tax, accounting, or regulatory laws.
6.3.
Technical, usage, and security-related data, including logs and monitoring records, are retained for limited periods appropriate to their operational and security purposes and are periodically reviewed to ensure that retention remains proportionate.
6.4.
Once personal data is no longer required for the purposes for which it was collected, the Company ensures that such data is securely deleted, anonymised, or otherwise rendered inaccessible, in accordance with its internal data retention and security procedures.
7. USER-INITIATED SCRAPING AND DATA PROTECTION RESPONSIBILITY
7.1.
The Service provides technical functionality that enables users to access, extract, and process content from third-party websites strictly at the user’s own initiative and based on parameters determined by the user.
7.2.
The Company does not select or control the websites accessed, the categories of data extracted, or the manner in which extracted data is subsequently used, stored, shared, or otherwise processed by users.
7.3.
Where personal data is included in content processed by a user through the Service, the user acts as an independent data controller, or, where applicable, as a processor acting on behalf of another controller, for the purposes of applicable data protection law.
7.4.
Users are solely responsible for ensuring that any processing of personal data carried out using the Service has a valid lawful basis, that required privacy notices are provided, that data subject rights are respected, and that all applicable data protection obligations are complied with.
7.5.
The Company does not monitor, review, assess, or validate the legality of user-initiated scraping activities and does not assume responsibility or liability for personal data processed by users through the Service.
8. DATA SHARING AND DISCLOSURE
8.1.
The Company may share personal data with third-party service providers where such sharing is necessary to operate, maintain, support, or secure the Service, including providers of hosting, infrastructure, payment processing, analytics, and professional services.
8.2.
All such third-party service providers are engaged under contractual arrangements that require them to process personal data only on the Company’s instructions, to maintain appropriate confidentiality, and to implement adequate technical and organisational security measures.
8.3.
Personal data may be disclosed where required by applicable law, regulation, court order, or lawful request from a competent public authority, or where such disclosure is necessary to protect the Company’s legal rights.
8.4.
The Company does not sell personal data and does not disclose personal data to third parties for their own independent marketing or commercial purposes.
9. INTERNATIONAL DATA TRANSFERS
9.1.
Where personal data is transferred outside the United Kingdom, the Company ensures that such transfers are carried out in compliance with UK GDPR requirements and are subject to appropriate safeguards.
9.2.
Such safeguards may include reliance on adequacy regulations, the use of approved contractual clauses, or other lawful transfer mechanisms recognised under applicable data protection law.
10. DATA SECURITY
10.1.
The Company implements appropriate technical and organisational measures designed to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, alteration, or disclosure.
10.2.
Such measures are proportionate to the nature of the personal data processed and the risks associated with the processing activities and are reviewed periodically to ensure ongoing effectiveness.
10.3.
While no information system can be guaranteed to be completely secure, the Company takes reasonable steps to minimise risks and to respond appropriately to any actual or suspected personal data security incidents.
11. DATA SUBJECT RIGHTS
11.1.
Subject to applicable data protection law, data subjects have the right to obtain confirmation as to whether personal data relating to them is being processed by the Company. Where such processing takes place, data subjects have the right to request access to such personal data, together with supplementary information regarding the purposes of processing, the categories of personal data concerned, the recipients or categories of recipients to whom the data has been or may be disclosed, and the envisaged period for which the personal data will be stored.
11.2.
Data subjects have the right to request the rectification of inaccurate personal data concerning them and the completion of incomplete personal data held by the Company. In assessing such requests, the Company may take into account the nature and purposes of the processing, the information reasonably available to it, and any applicable legal or technical constraints.
11.3.
Data subjects may request the erasure of personal data relating to them where the processing is no longer necessary for the purposes for which the data was collected or processed, where the processing is unlawful, or where erasure is otherwise required under applicable law. The Company may retain personal data where continued retention is required to comply with a legal obligation, to establish, exercise, or defend legal claims, or where permitted by law for legitimate and compelling reasons.
11.4.
In circumstances provided for by applicable law, data subjects have the right to request the restriction of processing of their personal data. This may apply, for example, where the accuracy of the personal data is contested, where the processing is unlawful but the data subject opposes erasure, or where the personal data is no longer required by the Company but is required by the data subject for the establishment, exercise, or defence of legal claims.
11.5.
Where personal data is processed on the basis of the Company’s legitimate interests, data subjects have the right to object to such processing on grounds relating to their particular situation. The Company shall assess such objections and shall cease processing unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or where the processing is necessary for the establishment, exercise, or defence of legal claims.
11.6.
Where applicable under law, data subjects have the right to receive personal data concerning them, which they have provided to the Company, in a structured, commonly used, and machine-readable format, and to transmit such data to another controller without hindrance, provided that such processing is based on consent or contract and carried out by automated means.
11.7.
Where personal data is processed on the basis of consent, data subjects have the right to withdraw such consent at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out prior to the withdrawal and shall not affect processing carried out on other lawful bases.
11.8.
Requests to exercise any of the rights described in this Section may be submitted to privacy@scrapeintel.com. The Company may require reasonable and proportionate verification of identity before responding and shall respond to such requests within the timeframes prescribed by applicable law.
12. COOKIES AND TRACKING TECHNOLOGIES
12.1.
The Service uses cookies and similar technologies that are strictly necessary to enable the core functionality of the Service, including user authentication, session management, security controls, load balancing, and the prevention of fraudulent or unauthorised activity.
12.2.
The Company may also use cookies or similar technologies for analytical, performance, and diagnostic purposes in order to understand how the Service is accessed and used, to monitor system performance, to identify technical issues, and to support the ongoing improvement of the Service, to the extent permitted by applicable law.
12.3.
Where the use of non-essential cookies or similar technologies requires user consent under applicable law, such technologies shall not be deployed unless and until the user has been provided with clear and comprehensive information and has given valid consent through an appropriate consent mechanism.
12.4.
Users may manage or withdraw cookie preferences through their browser settings or, where applicable, through cookie management tools made available on the Service. Disabling certain cookies may affect the availability, functionality, or performance of parts of the Service, but shall not prevent access to essential features where legally required.
13. CHANGES TO THIS PRIVACY POLICY
13.1.
The Company may amend, update, or otherwise modify this Privacy Policy from time to time where such changes are necessary to reflect changes in applicable law or regulatory requirements, guidance or decisions of supervisory authorities, technical or security developments, or changes to the operation, scope, or functionality of the Service.
13.2.
Any updated version of this Privacy Policy shall be published on the Service and shall take effect from the date of publication, unless a later effective date is expressly stated. Continued use of the Service after such publication constitutes acknowledgement of the updated Privacy Policy.
13.3.
Where changes materially affect the rights or obligations of data subjects, the Company will take reasonable steps, where required by applicable law, to bring such changes to the attention of users through appropriate and proportionate means.
14. CONTACT DETAILS AND COMPLAINTS
14.1.
Any questions, concerns, or requests relating to this Privacy Policy, the Company’s processing of personal data, or the exercise of data subject rights may be directed to the Company by email at info@scrapeintel.com. The Company will use reasonable efforts to address such enquiries in a transparent and timely manner.
14.2.
Without prejudice to any other administrative or judicial remedy, data subjects have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if they consider that the processing of personal data relating to them infringes applicable data protection law.
14.3.
The exercise of the right to lodge a complaint shall not affect any other rights or remedies available to data subjects under applicable law.