Home/Docs/Security, hosting & privacy
Account & billing
Security, hosting & privacy
Updated 2026-05-18
Crawlmind runs on DigitalOcean (NYC region). Customer data: crawled HTML, generated reports, integration refresh tokens: is stored in PostgreSQL (RDS-equivalent managed by DO) + DO Spaces (S3-compatible). All traffic is TLS 1.3; integration secrets are AES-256-GCM-encrypted at rest. Full detail at /legal/security.
Data hosted on Crawlmind
- User accounts: email, hashed password (bcrypt cost 12), MFA secret (encrypted), session refresh hashes
- Organizations: name, slug, branding (logos hosted in DO Spaces)
- Subscriptions: Stripe customer + subscription IDs (no card data; Stripe holds it)
- Crawl artefacts: fetched HTML bodies, parsed JSON-LD, screenshots (Playwright only)
- Issues + recommendations: generated audit findings
- Integration tokens: GSC + GA4 refresh tokens (AES-256-GCM encrypted)
- Audit logs: every admin + sensitive-mutation action, retained 1 year
Encryption posture
- In transit: TLS 1.3 everywhere (Cloudflare → Caddy → app)
- At rest: PostgreSQL volume encryption + per-secret application-layer encryption for tokens, integration creds, staging passwords
- Database backups: encrypted snapshots, retained 7 days
- Spaces objects: server-side encryption (SSE-S3 equivalent)
Access control
- RBAC: OWNER / ADMIN / EDITOR / VIEWER per organization
- MFA: TOTP, enforced per-org (Agency+) or optional individually
- SSO: SAML 2.0 + OIDC on Enterprise
- Audit logs: every privileged action records actor, IP, user-agent, target, metadata
GDPR rights
EU/UK/Swiss data subjects:
- Right to access: download a full export of everything we hold about your account from
/me/export. Async job, ZIP delivered to your email - Right to rectification: update profile, org settings, billing contact in-app
- Right to erasure:
/me/delete-accountschedules a 14-day grace deletion. Cancel within the window or wait for purge. - Right to portability: exports are JSON for app data + CSV for tabular reports
DPA available on request: [email protected]. See /legal/dpa for the standard text we incorporate into Terms for EU customers.
Sub-processors
Current sub-processors that handle customer data:
- DigitalOcean: hosting + Spaces object storage
- Stripe: payments
- OpenAI / Anthropic: AI enrichment (your plan choice)
- Postmark: transactional email
- Sentry: error tracking (no customer data; just stack traces)
- GitHub: source code only
We maintain a versioned list at /legal/subprocessors. We notify customers 30 days before adding any new sub-processor.
Reporting a security issue
Email [email protected]. We acknowledge within 24h. Bug bounty: out of scope for now (we're pre-Series-A); we'll publicly credit the reporter on /legal/security for any genuine finding.
Related docs
Ready to try it?
Free tier: 5 crawls / month, no credit card.