Easysearch

Privacy Policy

Effective on: January 5, 2025

Last updated: January 5, 2025

Data We Collect

Type of Data Reason for Collection
(Legitimate interest)
  • Your name and email address that you provide to us on the Sign Up page or contact form
To contact you and identify your account
  • Any information you provide to us within correspondence with us (e.g. email communications)
To provide support and look up your account information when necessary

Data you provide to us, including but not limited to:

  • Manually-entered resource names for objects like organizations, API keys, and sources
  • Domain names that you provide to us when creating or editing a source or importing verifications from Google Search Console
To provide the service's core functionality
  • The URLs and content of your sites' pages, including extracted text content, page titles, meta descriptions, canonical URLs, and HTTP error codes
To create a search index of your site, which is a core function of the service
  • The content of your sites' TXT DNS records (used to verify domain ownership and then immediately discarded)
To verify your domains, which is required to prevent misuse of the service
  • The list of verified sites linked to your Google Search Console account
To provide the ability to import domain verifications from Google Search Console
  • Information about your computer and browser including your IP address and user agent string
  • Date and time, URL path, HTTP request method, and HTTP response status code associated with every request
To diagnose technical issues with the service
  • The timestamps associated with every query made via the API and prebuilt search pages (but not the queries themselves)
  • The timestamps, URLs, and error messages associated with each crawl
To provide aggregated usage statistics to your organization members and limit monthly usage of the service

We do not log users' search queries; however; for billing purposes, we do record a timestamp for each search. These records are automatically deleted once they are over 30 days old.

Third-Party Data Processing

We do not share any of the personal information that we collect with any third parties; however, we do rely on third-parties for some parts of the service. These third-parties may collect information about you.

  1. We use Cloudflare Turnstile on our sign up and contact forms to protect them from bots and spam. Cloudflare Turnstile may collect some non-personal information about your device and browser. For more information about Cloudflare's data practices, please refer to their privacy policy.
  2. We use Resend to send emails to registered users. This usage is governed by Resend's privacy policy.
  3. When you import site verifications from Google Search Console, we receive a temporary authorization token for your Google Account, which only has read-only access to your Google Search Console sites. The token is used to request a list of your verified sites. Of that list, the domain names are saved and the other information and authorization token are immediately discarded. This usage is governed by Google's privacy policy.
  4. If you use Search by Meaning, the publicly-available content of your pages is sent to OpenAI to be converted to vector embeddings using their Embeddings API. This usage is governed by their enterprise privacy statement.
  5. When users use Easysearch's built-in search page:
    • We use DuckDuckGo's favicon service to show website favicons in search results. In the process, they receive the domain name (and port number, if applicable) of each search result. This usage is governed by their privacy policy.
    • We use content delivery networks (CDNs) from Cloudflare and Google Fonts to load certain resources on search pages. This usage is governed by the Cloudflare's and Google's privacy policies, respectively.
  6. When you make a purchase on our website, your payment information is collected and processed by Lemon Squeezy. Please refer to their privacy policy for more information about how they handle your data. We do not ever receive or store your address or credit card information, except the last four digits of your card number.

Children's Privacy (COPPA)

Our website is not designed for or intended to attract children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If we become aware that we have inadvertently received personal information from a child under 13, we will delete such information from our records.

Your Rights under the GDPR

For citizens of the European Union, you have eight rights as defined by the General Data Protection Regulation (GDPR). This section details the ways you can exercise them.

Our complete list of subprocessors can be found here.

Right to be Informed

You have the right to clear and concise information about how we collect, process, and store personal data. This information is publicly available in our privacy policy. If you have any specific questions, contact us.

Right of Access (Download your data)

You have the right to request a copy of your data.

Most of your data is stored separately for each of the organizations that you are a part of. This includes (but isn't limited to) domain names, sources, page content, and usage information related to the organization like crawls and search query timestamps. You can download this data from your organization's Settings page. For more details, see our documentation.

To request a full copy of your data, which includes your organizations' data, your personal subscription information, and a list of your active sessions, contact us.

Right to Rectification

You have the right to require us to correct and/or complete inaccurate data, and if applicable, we must inform third-parties of the rectification. If we hold any incorrect data about you, and you can't correct it in the dashboard, please contact us and we will rectify the error.

Right to Erasure (Delete your data)

You have the right to require us to delete all of your data. You can do this immediately via the dashboard. To delete data related to any of your organizations, navigate to the organization in the dashboard, go to the Settings page, scroll down to the "Danger Zone" section. Enter your password and click the "Delete Organization" button. The organization's data will be immediately and permanently deleted from our servers.

Finally, to remove data associated exclusively with your account, go to your Account page, scroll down to the "Delete Your Account" section, enter your password, and click "Delete Account". Your account and all data associated with it will be permanently deleted.

If you wish to delete the data of an organization of which you are one of two or more members, you must delete it with the instructions above before deleting your account. If you are the sole member of an organization when you delete your account, it will also be permanently deleted.

After your account is deleted, information about your subscription may remain in non-deleted organizations until it is replaced with a new subscription. This may contain identifying information, such as your name, email address, and last four digits of your credit card number. To have this information deleted, contact us. We will request that you verify ownership of the email address you used to make the payment and then promptly delete the data.

To ensure reliability of the service, we may keep backups of user data for up to 30 days. These backups are automatically deleted when they expire.

Right to Restriction of Data Processing

You have the right to request that we restrict our processing of your personal data if (i) you dispute the accuracy of the personal data; (ii) the processing is unlawful; (iii) we no longer need the data but the data is still necessary for you to exercise a legal claim; or (iv) you have exercised the right to object and we are verifying your objection to data processing on the basis of legitimate interests.

Right to Data Portability

When you exercise your right to access, we will provide your data in a machine-readable format.

Organization-specific data will be sent in the form of a SQLite database file, and account-specific information will be sent in plain text or JSON.

We may be able to accommodate requests for alternate formats.

Right to Object

You have the right to object to processing of your personal information that is based on our legitimate interests or public interest. If you exercise this right, we must provide compelling legitimate grounds for the processing which overrides your interests, rights, and freedoms, in order to proceed with the processing of your personal information.

You can also immediately stop the processing of your personal information at any time by deleting your accounts and organizations.

Use of Cookies

Cookies are small pieces of information that websites can request your browser to store on your computer.

The only cookie we use is an essential, first-party cookie named easysearch-session that identifies your account when you are logged in. This cookie is required to access the Easysearch dashboard, and it is only set when you sign in. It expires after 3 hours, and every time your browser sends a request related to the Easysearch dashboard, the cookie's expiration is extended by up to 3 hours (if it hasn't expired). It is not necessary for users of our prebuilt search pages or the API.

We do not use any preference, marketing, or statistics cookies.

Data Retention

To assist in the event of data loss, we may keep backups of account and organization information for up to 30 days. They are automatically deleted when they expire.

Data Breach Notifications

In the event of a data breach, we will notify affected individuals as required by applicable law. This notification may include information about the nature of the breach, the types of information involved, and steps individuals can take to protect themselves.

Contact Us

If you have any questions related to our privacy policy or need to exercise your rights, you can contact us via the contact form on our website or via email.

Updates to this Policy

If we decide to update this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy (https://easysearch.bswanson.dev/privacy).

We will also notify all registered users via the email addresses linked to their accounts.