Privacy policy

Kevin Lefebvre EI (Sole trader), founder of Crawlswarm.
SIREN: 947 791 836
SIRET: 947 791 836 00036
Registered office: 32 rue de Paris, 92100 Boulogne-Billancourt, France
Operating address: 13 avenue Jacques Cartier, 76100 Rouen, France
Email: contact@initial-infrastructures.com

The following data is collected when using the site:

• · Waitlist registration: email, first name (optional), company (optional), tier of interest, UTM source
• · Account creation: email, first name, company, password (bcrypt hashed), registration date
• · Technical metadata: IP address (anonymized), user-agent, country
• · Google OAuth (if used): email, name, profile picture, Google ID
• · Sessions: encrypted session tokens, expiration

• · Waitlist management and beta invitation
• · Authentication and account access
• · Product communication (notifications, opt-in newsletters)
• · Product improvement via anonymized usage analysis
• · Compliance with legal obligations (billing, accounting)

• · Consent (GDPR Art. 6.1.a) for waitlist registration and marketing emails
• · Contract (GDPR Art. 6.1.b) for providing the service after account creation
• · Legitimate interest (GDPR Art. 6.1.f) for security and product improvement

• · Unconverted waitlist registrations: 2 years from registration
• · User accounts: duration of the contractual relationship + 3 years after deletion
• · Technical logs: 12 months
• · Billing data: 10 years (legal obligation)

The infrastructure is entirely self-hosted. The only sub-processors are the following, all GDPR-compliant and based in the European Union:

• · PRODISTRIB (EU datacenter, 13 avenue Jacques Cartier 76100 Rouen) — self-hosted frontend, PostgreSQL database, and SMTP relay.
• · Google Ireland Ltd. (if OAuth is used, authentication only).
• · Google Ireland Ltd. (Google Analytics 4, anonymized audience measurement — only loaded after explicit consent via Consent Mode v2). More details in the Cookies section below.

No data sold to third parties. No transfers outside the EU.

In accordance with GDPR Articles 15 to 22, users have the following rights:

• · Right of access
• · Right to rectification
• · Right to erasure (right to be forgotten)
• · Right to restriction of processing
• · Right to data portability
• · Right to object
• · Right to withdraw consent at any time

To exercise these rights, write to contact@initial-infrastructures.com with a copy of a valid ID. Response within one month. Users can also export their data and delete their account directly from their account settings (Data section).

In the event of an unresolved dispute, users may lodge a complaint with the relevant data protection authority.

Strictly necessary cookies (authentication session) are always active. Analytics cookies (Google Analytics 4 — `_ga`, `_ga_*`) are only set after explicit consent via the bottom banner. Without consent, no analytics cookies are set (Google Consent Mode v2 with ad_storage and analytics_storage defaulted to denied). No advertising cookies.

Passwords are hashed with bcrypt. Sessions are encrypted. Communications use strict HTTPS. Databases are backed up daily with 30-day retention.

This policy may be updated. Registered users will be notified by email of any material change.