Privacy Policy

IdeaCrawl is operated by Amaranthec SRL, a company registered in Romania (CUI: 54794318, registered address: George Enescu 12, Poduri, Bacău, Romania). In this policy "we," "us," or "our" refers to Amaranthec SRL. We operate an idea discovery and community platform at https://ideacrawl.com that allows users to browse, submit, react to, and comment on ideas.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service. By using the Service, you agree to the practices described in this policy.

For any privacy-related questions, please contact us at office@amaranthec.com.

We collect the following categories of personal data:

We collect data through three methods:

• Directly from you — when you register an account, fill out a form, post an idea, leave a comment, or contact us.
• Automatically — when you browse the Service, we automatically collect technical and usage data via cookies, server logs, and Google Analytics.
• From third parties — when you choose to sign in with Google, Google sends us your name, email address, and profile picture. When you subscribe to a paid plan, Paddle sends us confirmation of your subscription status and transaction IDs.

We use your personal data for the following purposes:

We do not use your data to serve you third-party advertisements or sell your information to advertisers.

IdeaCrawl offers "Sign in with Google" as an authentication option. When you choose this method, Google shares the following with us:

• Your full name
• Your Google email address
• Your Google profile picture URL

We do not receive access to your Google Drive, Gmail, Contacts, Calendar, or any other Google services. We request only the minimum scope necessary for authentication.

Your use of Google Sign-In is additionally governed by Google's Privacy Policy. If you delete your Google account, your IdeaCrawl account remains active but you will need to set a password to continue logging in — please contact support@test.ideacrawl.com if this happens.

All payments are processed by Paddle, who acts as the Merchant of Record for all transactions on IdeaCrawl. This means Paddle is the seller of record for tax and billing purposes — your invoice and receipt will be issued by Paddle, and they are responsible for applicable sales taxes and VAT. When you subscribe to a paid plan:

• Your payment card details are entered directly into Paddle's secure checkout and are never transmitted to or stored on IdeaCrawl's servers
• We receive from Paddle only: your subscription status, plan type, transaction IDs, and a tokenised customer reference
• Paddle may collect additional data as part of their fraud prevention and compliance processes, governed by Paddle's Privacy Policy

If you cancel your subscription or delete your account, we retain billing records for up to 7 years as required for accounting and tax compliance purposes.

We use Google Analytics to understand how visitors use IdeaCrawl. Google Analytics uses cookies — small text files stored in your browser — to collect anonymous usage data including pages visited, session duration, device type, and approximate geographic location (country/city level).

The cookies we use:

Google Analytics data is processed by Google and subject to Google's Privacy Policy. We have enabled IP anonymisation in Google Analytics, meaning your full IP address is never stored by Google in connection with Analytics data.

When you post ideas, comments, or reactions on IdeaCrawl, that content is publicly visible to all users of the platform by default. Your display name and profile picture are shown alongside any content you submit.

Please do not include sensitive personal information (such as your home address, financial details, or private contact information) in any public-facing content you post on the platform.

If you delete your account, your public content (ideas, comments) may remain visible on the platform in anonymised or attributed form, or may be deleted — this depends on the nature of the content and community context. You can request full removal by contacting support@test.ideacrawl.com.

We do not sell your personal data to third parties. We share data only in the following limited circumstances:

• Paddle — your email and subscription data are shared with Paddle to process payments and manage your billing
• Google — we use Google Sign-In and Google Analytics, both of which involve data processing by Google under their own privacy policy
• Third-party AI providers — when you use the AI idea generation feature, the text you enter (pain point description and preferences) is transmitted to third-party AI providers to process your request. These providers operate under their own terms of service and privacy policies, which may permit them to retain or use submitted data. See Section AI Data Processing for full details.
• Hosting & infrastructure providers — our servers and databases may be managed by third-party cloud providers who process data on our behalf under strict data processing agreements
• Legal requirements — we may disclose your data if required by law, court order, or government authority, or to protect the rights, safety, or property of IdeaCrawl or its users
• Business transfers — if IdeaCrawl is acquired, merged, or its assets are transferred, your data may be transferred as part of that transaction. You will be notified via email before any such transfer occurs.

All third-party service providers we work with are contractually required to handle your data securely and only for the purposes we specify.

IdeaCrawl uses artificial intelligence features powered by third-party AI providers. When you use the idea generation feature, the text you enter (your pain point description and any preferences you provide) is transmitted to these providers' servers to process your request and return a generated business idea.

You should be aware of the following:

• Your input is not private. Text submitted through AI features is sent to third-party AI providers over the internet. Do not enter sensitive personal information, trade secrets, confidential business data, or personal data of third parties.
• Third-party data policies apply. Each AI provider operates under its own terms of service and privacy policy, which may permit them to retain, analyse, or use submitted data for purposes including improving or training their AI models. We do not control these policies and cannot guarantee that your input will not be used for training.
• International data transfer. Your input may be processed on servers located outside your country of residence, including in the United States.
• No control over provider output. AI-generated results are produced by third-party models. IdeaCrawl does not verify, moderate, or endorse the accuracy of AI output. Generated content may contain errors, inaccuracies, or hallucinations.

We retain your personal data for as long as your account is active or as needed to provide the Service. Specific retention periods:

• Account data (name, email, profile picture) — retained while your account is active. Deleted within 30 days of account deletion request, except where legal retention is required.
• Payment & billing records — retained for 7 years for legal and tax compliance, even after account deletion.
• Usage & analytics data (Google Analytics) — retained for 26 months per Google Analytics default settings.
• Server logs (IP addresses, request logs) — retained for up to 90 days for security and debugging purposes.
• Content (ideas, comments) — retained while your account is active. Upon account deletion, content may be anonymised or removed at our discretion.

To request early deletion of your data, please contact support@test.ideacrawl.com.

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

• HTTPS encryption for all data in transit
• Encrypted storage of passwords (bcrypt hashing — we never store plain-text passwords)
• Restricted access to databases and production systems
• Paddle's PCI-DSS compliance for all payment data
• Regular security reviews and dependency updates

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users by email within 72 hours of becoming aware of the breach.

Depending on your location, you may have the following rights regarding your personal data. We honour these rights regardless of your jurisdiction:

To exercise any of these rights, email us at support@test.ideacrawl.com with the subject line "Privacy Request." We will respond within 30 days. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data appropriately.

The Service is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@test.ideacrawl.com and we will delete that information promptly.

IdeaCrawl may store and process your data in countries outside your country of residence, including the United States, where our infrastructure providers and third-party processors (Paddle, Google) are based.

When your data is transferred internationally, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses (SCCs) adopted by the European Commission, or processing by providers certified under recognised transfer mechanisms.

By using the Service, you acknowledge that your data may be transferred to and processed in countries with data protection laws that may differ from those in your home country.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following additional protections apply to you under the General Data Protection Regulation (GDPR) and equivalent laws:

• We process your data on the legal bases of contract performance, legitimate interest, legal obligation, and in some cases consent (e.g., for optional analytics cookies).
• You have all the rights outlined in Section 12, and these are enforceable legal rights under GDPR.
• You have the right to withdraw consent at any time where we rely on consent as a legal basis.
• You may lodge a complaint with your national data protection authority (e.g., the ICO in the UK, CNIL in France, or the supervisory authority in your EU member state).

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Effective date" at the top of this page
• Notify you via email if the changes are material (e.g., new data categories collected, new sharing practices)
• Where required by law, seek your renewed consent

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out to us:

• Company: Amaranthec SRL
• Registration number (CUI): 54794318
• VAT number: [VAT placeholder]
• Registered address: George Enescu 12, Poduri, Bacău, Romania
• Privacy & legal inquiries: office@amaranthec.com
• General support: support@test.ideacrawl.com
• Website: IdeaCrawl

We aim to respond to all privacy-related requests within 30 days. For urgent data breach concerns, please use the subject line "URGENT: Data Concern" and we will prioritise your request.