Privacy
Last updated: 13 September 2025
This Privacy Policy explains how Crawl Ltd (trading as “Keevo”) ("Keevo", "we", "us") collects and uses personal data when you use our websites, apps, and related services (the Service).
We write this in plain English. If anything isn’t clear, please email support@keevo.ai.
1) Who we are (Controller)
Crawl Ltd (trading as Keevo)
Whitby Court, Abbey Road, Shepley, Huddersfield, West Yorkshire, United Kingdom, HD8 8EL
Email: support@keevo.ai
For UK GDPR purposes, we are the data controller for personal data described in this policy.
2) What we collect
We collect the following categories of personal data:
a) Account & authentication
Email address and name/username you provide when you sign up.
Google sign‑in information (via OAuth) necessary to authenticate you (e.g., Google user ID, email, basic profile if you grant it). We do not receive or store your Google password.
b) Service content you add
Articles, Article Updates, Article Update History created.
Credit and usage information (e.g., plan, credits consumed, timestamps).
c) Billing
Payment details are processed by our payment provider (Stripe). We receive limited billing information (e.g., last 4 digits of card, card brand, billing address, VAT number, status) but we do not store full card numbers.
d) Device, logs & analytics
Technical data from your browser or device: IP address, device type, operating system, browser type/version, pages viewed, time zone, interaction events, and referral URLs.
Cookies and similar technologies (see Section 6).
On our marketing site(s) we use Google Analytics 4 (GA4).
e) Support & comms
Content of messages you send us (email or in‑app), and metadata needed to respond.
We collect data from you, from your use of the Service, and from our processors (e.g., Stripe for billing status, authentication providers for sign‑in signals).
3) Why we use your data (purposes & legal bases)
Purpose | Examples | Legal basis |
|---|---|---|
Provide and secure the Service | Account creation, authentication, hosting, uptime, fraud prevention, access controls | Contract (UK GDPR Art. 6(1)(b)) and legitimate interests (Art. 6(1)(f)) |
Operate features you request | Storing articles, updates, credits; running workflows; returning outputs | Contract |
Billing & account administration | Subscription charging, VAT invoices, dunning emails | Contract and legal obligation (tax) |
Product improvement | Troubleshooting, diagnostics, analytics on aggregated/hashed data | Legitimate interests |
Support & communications | Respond to questions, service notices | Contract or legitimate interests |
Marketing with consent | Email updates, newsletters, cookies for ads/analytics | Consent (you can withdraw any time) |
Legal compliance & enforcement | Handling complaints, preventing misuse, enforcing terms | Legal obligation and legitimate interests |
Where we rely on legitimate interests, we balance our interests with your rights and expectations and only process what is necessary.
4) Who processes your data (recipients)
We use trusted processors to run the Service. Key providers include:
Supabase – database, storage, authentication tooling.
Google – Google Sign‑In (OAuth) for authentication; Google Analytics 4 on our marketing site(s).
Stripe – payments and invoicing (including VAT handling). We do not store full card details.
Railway – application hosting/orchestration infrastructure.
Standard tooling for emails, logging, error monitoring, and support. Details available on request.
These providers process data only under our instructions and subject to confidentiality and security obligations.
5) International data transfers
Our primary systems are hosted in reputable cloud infrastructure. Some providers may process data outside the UK/EEA (for example, in the United States). When we transfer personal data internationally, we use appropriate safeguards, such as:
the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses; and/or
adequacy arrangements such as the UK–US Data Bridge (where applicable).
You can contact us for more information about specific transfer safeguards.
6) Cookies and analytics
We use essential cookies to make the Service work. With your consent, we also use optional cookies for analytics and (occasionally) marketing.
Consent management: You can manage cookie preferences via our banner or your browser settings. Withdrawing consent will not affect the lawfulness of processing before withdrawal.
Google Analytics 4 (GA4): Used on our marketing site(s) to understand aggregate usage. GA4 may use cookies or similar technologies and collect IP address and event data. We configure GA4 with privacy‑enhancing settings where feasible (e.g., IP masking). See Google’s privacy information for details.
7) How long we keep data (retention)
We keep personal data only for as long as needed for the purpose collected:
Account & profile: kept while your account is active. If you close your account, we delete or anonymise within a reasonable period, subject to backups and legal holds.
Service content (articles, updates): retained while your subscription is active and for a short period after termination to allow export, unless you delete earlier.
Billing records: retained for up to 6 years to meet UK tax and accounting rules.
Logs/diagnostics: typically retained for 30–180 days, unless needed longer for security or investigations.
Backups may persist for a limited time with restricted access before being overwritten.
8) Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, least‑privilege principles, and audit logging. No internet service is 100% secure; you are responsible for keeping your credentials safe and using unique, strong passwords.
9) Your rights
Under UK data protection law, you have rights to:
Access your personal data and get a copy;
Rectify inaccurate or incomplete data;
Erase data (in certain cases);
Restrict or object to processing (in certain cases);
Data portability for data you provided to us, where processing is based on consent or contract and carried out by automated means;
Withdraw consent at any time where we rely on consent (e.g., marketing);
Complain to the ICO (see Section 11).
To exercise rights, email support@keevo.ai. We may need to verify your identity before acting on a request.
10) Children
The Service is intended for business users and is not directed at children. Please do not use the Service if you are under 18.
11) Complaints
If you have concerns, please contact us first at support@keevo.ai. You also have the right to complain to the UK data protection regulator:
Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113
Web: https://ico.org.uk/
12) Changes to this policy
We may update this policy from time to time. We will post the latest version on our site and indicate the “last updated” date. Material changes may also be notified by email or in‑app.
13) Contact
Questions or requests about this policy or your personal data:
Email: support@keevo.ai
Post: Crawl Ltd (trading as Keevo), Whitby Court, Abbey Road, Shepley, Huddersfield, West Yorkshire, United Kingdom, HD8 8EL
Service‑specific notes
Authentication: We use Google sign‑in (OAuth) and the Supabase auth stack to verify identity. We receive identifiers and profile data you authorise. We do not store your Google password.
Hosting & storage: We use Supabase for database/storage and Railway for application hosting/orchestration. These providers may engage sub‑processors; we require appropriate contractual safeguards.
Payments: We use Stripe to process payments. Stripe acts as an independent controller for some activities (e.g., fraud prevention, compliance) and as our processor for others. Please review Stripe’s own privacy notices.
AI features: Content and prompts you submit may be processed by third‑party AI model providers under our instructions to generate outputs. We take steps to minimise personal data in prompts and to restrict providers’ use of data for their own purposes where available.
© 2025 Crawl Ltd. All rights reserved.
