jsonscraper
Back to Home

GDPR Notice

Effective date: March 5, 2026.

This notice summarizes how jsonscraper aligns data handling practices with the General Data Protection Regulation (GDPR).

1. Roles and scope

Depending on the context, jsonscraper may act as a controller for account and billing data and as a processor for customer-submitted operational data.

2. Categories of data

We process account identifiers, billing records, technical logs, support communications, and preference settings needed to operate and secure the service.

3. Legal bases

Legal bases include contract performance, legitimate interests (service security and reliability), legal obligations, and consent where required.

4. Data subject rights

You may request access, rectification, erasure, restriction, portability, or objection according to applicable GDPR provisions.

5. Retention policy

We retain personal data only for as long as necessary for service delivery, fraud prevention, legal compliance, and support obligations.

6. International transfers

Where data is processed outside the EEA, we apply contractual and organizational safeguards appropriate to transfer risk.

7. Security measures

Controls include encrypted transport, access restrictions, credential protection, audit trails, and incident response procedures.

8. Subprocessors and providers

We may rely on vetted infrastructure and payment providers to deliver services. Access is limited to what is necessary for operations.

9. Breach response

If a personal-data incident occurs, we investigate promptly, mitigate impact, and provide notices where required by law.

10. Contact for GDPR requests

For GDPR-related requests, contact [email protected] or use the Contacts page and include sufficient verification details.

11. Request verification and response timing

To protect account security, we may require identity verification before fulfilling access, deletion, or portability requests. We respond within GDPR timelines, including lawful extensions for complex requests.

12. Lawful retention exceptions

Where deletion is requested, some records may be retained when required for legal obligations, dispute resolution, fraud prevention, or security investigations, to the extent permitted by law.

13. Data processing boundaries

When acting as a processor, jsonscraper handles operational data according to customer instructions and documented service purposes. Customers remain responsible for their own controller obligations and lawful-use assessments.

14. Supervisory authority rights

If you believe your rights were not handled appropriately, you may lodge a complaint with your local supervisory authority in the EEA.