Privacy Policy

What FetchLens Does

FetchLens is a bot detection and AI traffic analytics service. It helps website owners understand which AI bots, crawlers, and scrapers visit their sites, and whether AI platforms send real human traffic back.

What Data We Collect

When a request is processed through FetchLens middleware, we collect the following HTTP request metadata:

• User-Agent string (to identify bot type)
• Accept header (to detect AI tool behavior)
• Requested URL path
• Country (derived from CDN headers, not precise geolocation)
• Timestamp of the request

We do not collect:

• IP addresses (in the production middleware)
• Cookies or session data
• Form inputs or page content
• Personal advertising profiles

Account and Sign-In Data

When you create a FetchLens account or sign in (via Google, GitHub, or email/password), we collect the following information:

• Email address
• Display name
• Profile picture URL (for social sign-in providers)

This data is stored securely in our database and used solely for authentication, account management, and displaying your profile within the application. Login activity (timestamp, sign-in method) is recorded for security auditing purposes.

Google User Data

FetchLens uses Google Sign-In for authentication purposes only. This section describes how we interact with Google user data in compliance with the Google API Services User Data Policy, including the Limited Use requirements.

• Data Accessed — When you sign in with Google, we receive your email address, display name, and profile picture URL via standard OpenID Connect scopes (openid, email, profile). We do not request access to any other Google data or services.
• Data Usage — This data is used exclusively to create and manage your FetchLens account, authenticate your sessions, and display your name and avatar in the dashboard. We do not use Google user data for advertising, analytics profiling, or AI/ML model training.
• Data Storage — Your Google account information (email, name, profile picture URL) is stored in our secure database and is associated with your FetchLens account.
• Data Sharing — We do not share, sell, or transfer your Google user data to any third parties. Your data is never used for purposes unrelated to providing the FetchLens service.
• Data Retention and Deletion — Your account data is retained for as long as your account is active. You may request deletion of your account and all associated data by contacting us at the email addresses listed below.

Legal Basis

We process request metadata under legitimate interest (GDPR Article 6(1)(f)) for the purpose of security, bot detection, and analytics. The production middleware is designed to detect and log bot traffic only — requests from regular human visitors are not stored.

Data Retention

FetchLens uses a two-tier data retention model:

• Raw event data — Individual bot detection records (User-Agent, URL path, timestamp, country) are retained for 6 months & automatically deleted after 12 Months.
• Aggregated summary data — Daily statistical summaries (total visits per bot type, page-level counts, category breakdowns) are retained indefinitely to provide long-term trend analysis. These summaries contain no individual request details and cannot be used to reconstruct specific visits.

Data Processor Role

When website owners install FetchLens on their sites, they are the data controller and FetchLens acts as a data processor. Site owners are responsible for disclosing FetchLens in their own privacy policy, similar to disclosing Cloudflare, Google Analytics, or other third-party services.

No Data Resale

We do not sell, rent, or share collected data with third parties. Data is used solely to provide bot detection and analytics services to the site owner.

Cookies

FetchLens does not set any cookies. The middleware operates entirely on server-side request headers.

Contact

For data-related requests or questions, contact us at contact@bubblspace.com.