CRCrawlRanker
Back
Last updated · May 2, 2026

Privacy Policy

What we collect, why, where it lives, and how to make it go away. CrawlRanker does not require an account, so there is less to disclose than most policies — but every line below is true.

What we collect

The Service does not require you to sign up. We do not collect names, emails, or payment information at scan time. We do collect the following:

  • The URL you submit. Stored as the canonical identifier of the scan.
  • The scanned page's public HTML. Stored alongside the scan as parsed crawl data so we can re-render report details without re-fetching the site.
  • Scan metadata. Score, findings, model used, duration, cost, scored-at timestamp.
  • Request metadata for abuse prevention. IP address and user agent are visible to our hosting layer at request time. We do not store the raw IP. For per-IP rate limiting we keep a SHA-256 hash of the IP plus a timestamp in our database for a short retention window (the longest active rate-limit window plus 7 days, currently ~8 days). We retain transient request logs (default 30 days) at the hosting provider for security purposes only.
  • Per-attempt scan logs. Every /api/scan attempt — including failed and rate-limited attempts — is recorded in an internal log table for operational observability. We store: the URL submitted, domain, status (success / denied / errored), error code, request duration, request country, a truncated user-agent string, the SHA-256 hash of the IP, and (on successful scans) the model used and its cost. Raw IPs are never persisted. Logs are retained for 90 days and are visible only to staff via the internal admin console.
  • Browser preferences. Theme and locale settings are stored in your browser (see the section below) so the site remembers them between visits. They never leave your device.

What we do not collect

  • No accounts, no passwords, no email addresses unless you write to us.
  • No third-party analytics or advertising trackers at the time of writing.
  • No payment information — there is no paid tier yet.
  • No biometric, location, health, or sensitive personal data.

Cookies and local storage

The Service uses essentially no cookies. The full inventory of what may end up on your device:

  • Theme preference (browser localStorage) — stores your dark / light mode choice so the UI does not flash on next visit. Held in the browser; never transmitted.
  • NEXT_LOCALE (cookie, ~1 year) — set by the i18n layer when more than one locale is available. With a single locale (current state) this cookie is rarely set in practice; documented here because the framework may set it during locale negotiation.

We do not run third-party analytics, advertising trackers, social-share scripts that load remote pixels, or fingerprinting libraries. If we add anything in those categories the change will be listed here on the same day, and the “last updated” date will move.

The internal admin dashboard at /admin uses a session cookie for staff authentication, scoped to that path. Public users of the scanner never see it.

You can clear or block cookies and localStorage in any modern browser's settings. Doing so for crawlranker.com will reset your theme preference but will not prevent you from running scans.

Public scan reports are public

When you submit a URL, the resulting report (URL, domain, scores, findings, scored-at timestamp) is published at crawlranker.com/…/s/{id} and listed in our public sitemap. This is the core mechanic of the Service. If you do not want a particular scan published, do not submit it. To request removal of a specific public scan, see the contact section.

Third-party processors

To deliver the Service we share data with the following processors. Each only receives what they need.

  • Anthropic — the public HTML and structural summary of the scanned page is sent to Anthropic's Claude API for AI scoring. Per Anthropic's data policy, API inputs are not used to train their models. Anthropic privacy policy.
  • Supabase — scan records, parsed crawl data, and cost telemetry are stored in a Supabase-hosted Postgres database. Supabase privacy policy.
  • Sentry — when a server-side or browser error occurs we send the error message, stack trace, request URL, IP address, and user agent to Sentry so the bug can be triaged and fixed. Session replay is disabled, so we do not record interactions or page contents. Errors are the only data sent. Sentry privacy policy.
  • Hosting provider — the application is hosted on a Vercel-class platform. Transient request logs (IP, user agent, path, status) live there for security purposes only.

If we add a new processor we will list it here on the same day it goes live and update the “last updated” date.

Retention

Scan records are retained indefinitely so that public report URLs remain valid. You can request deletion of a specific scan at any time by emailing the address below with the report URL. Per-attempt scan logs (including failed attempts) are retained for 90 days and pruned automatically. Rate-limit events are retained for ~8 days. Transient hosting logs are kept for up to 30 days.

Your rights

Depending on where you live, you may have the right to access, correct, or delete personal data we hold about you. Because the Service has no accounts, the only personal data we are likely to hold about you specifically is the URL you submitted plus any email correspondence you have sent us. To exercise these rights, write to hello@crawlranker.com from the email you used to contact us, or include the report URL of the scan you want removed. We respond within 30 days.

If you are in the EEA / UK and you are not satisfied with our response, you have the right to complain to your local data protection authority.

Children

CrawlRanker is not directed at children under 13 (or 16 in the EEA) and we do not knowingly collect data from them. If you believe a child has submitted a URL or otherwise contacted us, write to us and we will delete the record.

International transfers

Data may be processed in regions where our hosting and API providers operate, including the United States. By using the Service you consent to that transfer.

Contact

Privacy questions, deletion requests, and complaints: hello@crawlranker.com. We aim to reply within 7 days; legal requests within 30.