Privacy Policy

What FetchLens Does

FetchLens is a bot detection and AI traffic analytics service. It helps website owners understand which AI bots, crawlers, and scrapers visit their sites, and whether AI platforms send real human traffic back.

What Data We Collect

When a request is processed through FetchLens middleware, we collect the following HTTP request metadata:

• User-Agent string (to identify bot type)
• Accept header (to detect AI tool behavior)
• Requested URL path
• Country (derived from CDN headers, not precise geolocation)
• Timestamp of the request

We do not collect:

• IP addresses (in the production middleware)
• Cookies or session data
• Form inputs or page content
• Personal advertising profiles

Legal Basis

We process request metadata under legitimate interest (GDPR Article 6(1)(f)) for the purpose of security, bot detection, and analytics. The production middleware is designed to detect and log bot traffic only — requests from regular human visitors are not stored.

Data Retention

Bot detection events are automatically deleted after 90 days via DynamoDB TTL. We do not maintain permanent archives of request data.

Data Processor Role

When website owners install FetchLens on their sites, they are the data controller and FetchLens acts as a data processor. Site owners are responsible for disclosing FetchLens in their own privacy policy, similar to disclosing Cloudflare, Google Analytics, or other third-party services.

No Data Resale

We do not sell, rent, or share collected data with third parties. Data is used solely to provide bot detection and analytics services to the site owner.

Cookies

FetchLens does not set any cookies. The middleware operates entirely on server-side request headers.

Contact

For data-related requests or questions, contact us at contact@bubblspace.com.