Privacy Policy

This policy explains what personal data Datylo collects, how we use and protect it, and the choices and rights you have. It applies to our website, the Datylo platform, and related services.

Last updated: June 9, 2026

01Who we are & scope

Datylo (“Datylo”, “we”, “us”, or “our”) provides a web-data platform for extraction, scheduling, monitoring, and visualization. This Privacy Policy describes how we handle personal data when you visit datylo.com, sign up for an account, or use the Datylo platform at app.datylo.com (together, the “Services”).

For personal data we process about our website visitors and account holders, Datylo is the data controller. For data you collect and process through the Services, you are generally the controller and Datylo acts as a processor on your behalf — see Data you collect with Datylo.

02Information we collect

Information you provide

  • Account data — name, email address, password, and organization or workspace details when you register or are invited to a workspace.
  • Billing data — billing contact and the limited payment metadata returned by our payment processor. We do not store full card numbers.
  • Communications — messages, support requests, and feedback you send us.
  • Scraper configuration — the code, target URLs, schedules, selectors, and settings you create. These may incidentally contain personal data if you include it.

Information we collect automatically

  • Usage data — pages and features used, actions taken in the app, and timestamps.
  • Device & log data — IP address, browser type, operating system, referring pages, and diagnostic logs.
  • Cookies & similar technologies — see Cookies & tracking.

Information from third parties

  • Connected data sources — when you connect a Facebook or Instagram account to collect data from it, we receive access tokens and the page or account data returned by the Meta Graph API.
  • Service providers — infrastructure, email-delivery, and error-monitoring providers may share limited operational data with us to run and secure the Services.

03How we use information

We use personal data to:

  • Provide, operate, and maintain the Services, including running, scheduling, and monitoring your scrapers.
  • Authenticate users, secure accounts, and prevent fraud or abuse.
  • Process payments and manage subscriptions.
  • Send service communications such as alerts, run notifications, and important account or security notices.
  • Provide customer support and respond to your requests.
  • Analyze and improve the Services, develop new features, and understand usage trends.
  • Comply with legal obligations and enforce our terms.

We do not sell your personal data. We send marketing communications only where permitted, and you can opt out at any time.

04Legal bases for processing

Where the GDPR or similar laws apply, we rely on the following legal bases:

  • Performance of a contract — to provide the Services you sign up for.
  • Legitimate interests — to secure, improve, and promote the Services, balanced against your rights.
  • Consent — for non-essential cookies and certain marketing, which you can withdraw at any time.
  • Legal obligation — to meet accounting, tax, and other legal requirements.

05Data you collect with Datylo

The Services let you extract and process data from sources you choose. You are responsible for the lawfulness of that collection, including respecting each source's terms, robots rules, and applicable data-protection laws. You remain the controller of the data you collect through the Services.

Where you process personal data through the Services, we act as your processor and only handle that data to provide the Services and on your documented instructions.

06Sharing & subprocessors

We share personal data only as needed to run the Services:

  • Subprocessors & service providers — cloud hosting and storage, message queuing, email delivery, and error monitoring, bound by contractual confidentiality and data-protection terms.
  • Within your organization — with other members of your workspace, according to the roles and permissions you set.
  • Legal & safety — where required by law, to enforce our terms, or to protect the rights, safety, and security of Datylo, our users, or the public.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this policy.

A current list of subprocessors is available on request.

07Data retention

We retain personal data for as long as your account is active and as needed to provide the Services. After that, we keep data only as required for legitimate business or legal purposes — for example, billing records and security logs — and then delete or anonymize it.

Data collected through your scrapers is retained according to your configuration and plan limits, and is deleted when you remove it or close your account, subject to short backup-retention windows.

08Security

We use technical and organizational measures designed to protect personal data, including encryption in transit, access controls, network isolation, and monitoring. No method of transmission or storage is completely secure, but we work continuously to safeguard your information and will notify you and the relevant authorities of a qualifying breach as required by law.

09International transfers

We may process and store personal data in countries other than your own. Where we transfer data internationally, we use appropriate safeguards such as the European Commission's Standard Contractual Clauses or other lawful transfer mechanisms.

10Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data, subject to legal exceptions.
  • Restrict or object to certain processing.
  • Port your data to another service.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data-protection authority.

To exercise any of these rights, email privacy@datylo.com. We will respond within the timeframe required by applicable law. If you are a California resident, you also have rights under the CCPA/CPRA, including the right not to be discriminated against for exercising them; we do not sell or share personal information as those terms are defined under California law.

11Cookies & tracking

We use cookies and similar technologies to keep you signed in (an essential session cookie) and to remember preferences such as your timezone. These cookies are required for the platform to function as expected. We do not currently use advertising or cross-site tracking cookies; if we later introduce non-essential analytics cookies, we will request your consent where required. You can manage cookies through your browser settings, though disabling some may affect functionality.

12Children's privacy

The Services are not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, contact us and we will delete it.

13Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you through the Services or by email. Your continued use of the Services after an update means you accept the revised policy.

14Contact us

If you have questions, requests, or concerns about this policy or your personal data, reach out:

Datylo — Privacy team

Email: privacy@datylo.com