Privacy Policy

1. Information We Collect

AntiScrape is designed with privacy as a core principle. We collect minimal information:

• Encrypted Contact Information: Your email addresses and phone numbers are encrypted using AES-256-GCM encryption before being stored in our database
• Link Metadata: Link type (email, phone, WhatsApp, Telegram) and creation timestamp
• Analytics Data: Anonymous event data (link generation and unlock events) without personally identifiable information
• IP Addresses: Temporarily used for rate limiting to prevent abuse; not stored long-term

2. How We Use Your Information

We use collected information to:

• Provide the encryption and link generation service
• Prevent abuse through rate limiting and CAPTCHA verification
• Generate anonymous usage statistics
• Improve service performance and reliability

3. Data Security

We implement industry-standard security measures:

• AES-256-GCM Encryption: All contact information is encrypted server-side before storage
• Secure Key Management: Encryption keys are stored in environment variables, never in code or database
• CAPTCHA Protection: Cloudflare Turnstile prevents automated abuse
• Rate Limiting: 10 requests per minute per IP address on unlock endpoints
• HTTPS: All data transmission is encrypted via TLS

4. What We DON'T Do

We are committed to your privacy:

• We do NOT store your unencrypted email addresses or phone numbers
• We do NOT log or track which specific links you unlock
• We do NOT sell, rent, or share your data with third parties
• We do NOT use tracking cookies or analytics that identify individual users
• We do NOT require account creation or personal information

5. Data Retention

Encrypted links remain active indefinitely unless deleted due to abuse reports. We do not automatically expire or delete links. Users cannot currently delete their own links, but this feature may be added in the future.

6. Third-Party Services

We use the following third-party services:

• Cloudflare: Hosting, CDN, and Turnstile CAPTCHA service
• Cloudflare D1: Database for storing encrypted data

These services have their own privacy policies. We recommend reviewing Cloudflare's privacy policy at cloudflare.com/privacypolicy.

7. Your Rights

Since we do not collect personally identifiable information and all data is encrypted, there is no personal data to access, modify, or delete. If you have concerns about a specific link, please contact us through our contact page.

8. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect information from children under 13.

9. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the "Last updated" date below.

10. Contact Us

If you have questions about this Privacy Policy, please contact us through our contact page.