Data Processing Agreement
This page describes how Piloterr processes personal data when acting as a data processor for customers using our web scraping API platform.
Scope and roles
Piloterr provides web scraping and data extraction services. When you submit URLs, queries, or account information through our API or dashboard, we process data on your behalf as a processor. You remain the controller for the lawful basis, purpose, and retention of the data you collect.
Categories of data processed
Depending on your use case, we may process: account and billing information, API request metadata (URLs, parameters, timestamps), extracted public web data returned to you, support communications, and technical logs required for security, billing, and service reliability.
Purpose of processing
We process data solely to provide, secure, and improve the Services: executing API requests, delivering structured results, preventing abuse, measuring usage for billing, responding to support tickets, and meeting legal obligations.
Sub-processors and infrastructure
We use trusted infrastructure and service providers for hosting, monitoring, payment processing, and email delivery. Sub-processors are bound by contractual obligations consistent with GDPR Article 28. See our Sub-processors page at /subprocessors for the current list, or contact us at support@piloterr.com.
Security measures
We apply organizational and technical measures including encrypted transport (TLS), access controls, API key authentication, rate limiting, logging, and regular review of our security practices. See our Privacy Policy for additional detail on how we protect personal information.
Retention and deletion
Request logs and account data are retained only as long as necessary for service delivery, billing, security, and legal compliance. You may request deletion of your account data by contacting support@piloterr.com. Extracted data delivered to you is stored under your control once returned via the API.
International transfers
Where personal data is transferred outside the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms, as required by applicable law.
Your rights and contact
Data subjects should contact the controller (our customer) in the first instance. For processor-related questions, or to request a signed DPA for Enterprise plans, contact us at support@piloterr.com or through the contact form at /contact.