Privacy policy

Last updated: 2026-05-20.

What we collect

When you sign in we receive your email address and display name from our identity provider (signin.0p.studio). When you run a scrape we record the query, the location, the resulting count of places, and the moment the job started and finished. We retain the resulting dataset (the rows you paid for) in encrypted S3 storage so you can re-download it later.

What we don't collect

We don't track you across the web. There are no third-party analytics scripts, no advertising pixels, no session replay. We don't sell, share, or resell the data you scrape. Every dataset belongs to the household that paid for it.

Where data lives

Application data (humans, households, subscriptions, jobs, ledger entries) is stored in a single Neon Postgres database hosted in the US. Scrape results are stored in AWS S3 (us-east-1), encrypted at rest with SSE-S3, and only accessible via short-lived signed URLs tied to your account.

Payments

Stripe processes all payments. We never see your card number; we receive a customer ID, the line items you bought, and a webhook receipt. Stripe's privacy policy lives at stripe.com/privacy.

The scraped data

The places we extract are publicly visible on Google Maps. We don't bypass authentication, don't pull private profiles, and don't republish anything proprietary. Your use of that data must still comply with applicable laws — CAN-SPAM for email outreach, TCPA for phone outreach, GDPR/CCPA for any data subjects in those jurisdictions. We provide the tool; you remain the data controller.

Deletion

To delete your account or download your data, open a privacy ticket. We respond within 7 days and complete the deletion within 30.

Contact

/contact · routed to 0p@mailagent.to