Privacy Policy

This Privacy Policy explains what data is processed when you use WebCrawlPro, how data flows between the browser and the backend, and what security measures are used to protect it.

WebCrawlPro includes two main products: a browser-based website crawler (Web Crawl) and an optional Google-connected reporting dashboard (SEO Reports). Each product handles data differently as described in the sections below.

The application does not require an account for Web Crawl. SEO Reports requires Google OAuth to access your Google data with read-only permissions.

Web Crawl data is stored locally in your browser during a session. The backend acts as a proxy for fetching pages so your browser can read HTML across origins. No crawl data is persisted on the server.

SEO Reports stores Google OAuth tokens on the backend and encrypts them at rest. The backend caches Google API responses to improve speed and reduce repeated requests to Google APIs.

Shared report links can be created to show a client-facing report. Depending on configuration, a shared link can be live (fetching data using the owner token) or snapshot (serving stored snapshot data).

When you connect Google, WebCrawlPro uses OAuth to request the minimum access needed to read Search Console and GA4 reporting data. OAuth tokens are kept on the backend and are never returned to the browser.

You can revoke access at any time from your Google account security settings. Logging out also clears the session cookie in your browser. Some reporting features will stop working if access is revoked.

SEO Reports uses a session cookie to keep you signed in after OAuth completes. The cookie is HTTP-only to reduce exposure to client-side scripts and improve security.

Web Crawl can be used without login and does not require a session cookie for basic crawling functionality. Public-facing pages may use Google Analytics to measure visits and engagement, while authenticated report access continues to rely on secure session cookies.

Web Crawl fetches target website pages via the backend proxy. The target website may log requests according to its own policies and terms of service.

SEO Reports calls Google APIs server-side (Search Console API, GA4 Data API, and related Google APIs) using your authorized account credentials. Data returned is displayed in the reporting dashboard.

The frontend may also load Google Analytics on public marketing pages to understand traffic and page engagement trends.

If the contact form is enabled, messages may be sent through an email delivery provider depending on deployment configuration.

You are responsible for securing your deployment environment, including protecting environment variables and restricting administrative access to the hosting infrastructure.

You can use Web Crawl without connecting Google. If you choose to connect Google, you can disconnect at any time and revoke access from your Google account settings.

You can avoid creating share links, or deactivate share links you have created at any time. Shared data access is immediately revoked when a link is deactivated.

All crawl data can be cleared by closing the browser tab or using the built-in reset function. No crawl data is retained on the server.

For privacy questions, reach out to us via the contact page or email connect@gap3.co.