Privacy Policy
This policy describes what Networkr collects, why, where it lives, who else sees it, how long we keep it, and how you delete it. We write this in plain English, not lawyerese — if a section is unclear, email privacy@networkr.dev.
1. Who we are
"Networkr," "we," or "us" refers to the service operated at networkr.dev by Heimlandr (Sweden). We are the data controller for information collected through the Networkr service.
Contact for privacy matters: privacy@networkr.dev.
2. What we collect, and why
2.1 Data you give us when you register a site
Site domain, contact email, optional database configuration (URL, credentials — stored encrypted and redacted from API responses), voice preferences, author identity (name, bio, avatar URL, social handles you choose to supply), branding (colours, logo path, footer text), publishing schedule, and optional build-hook URLs.
Why: to publish articles on your site the way you configured it.
2.2 Data we gather from your site's public surface
When you register or are re-audited, our crawler fetches your public homepage, sitemap, and a bounded number of linked pages. We extract meta tags, headings, structured data, visible text, internal link patterns, brand signals (colours, logo), and backend hints (which database platform your site uses, if any).
Why: to generate articles that fit your voice and niche, to detect spam/PBN/scam patterns before admission, to classify your business type for safe cross-linking, and to prevent a post from leaking strategy not already public on your own site (our exposure-manifest rule).
2.3 OAuth tokens for Google Search Console (optional)
If you connect Google Search Console, we store an encrypted refresh token (AES-256-GCM at rest) scoped to the singlewebmasters.readonlypermission. We never request write access. You can revoke at any time from your Google account permissions page — the token dies at Google's end and ours.
Why:to pull Google's indexation verdict per URL so the pipeline can auto-heal rejected posts, and to pull query-level analytics so we can target queries your site already ranks near.
2.4 Operational records
We log authentication events (key mint, revoke, failed-auth IP, timestamp), pipeline runs, error traces, and access logs for the public API. Logs are rotated and access-controlled.
Why: security, abuse detection, debugging, and the public-audit obligations in our Standards.
2.5 Articles you publish through Networkr
Generated articles are written to your site's database (if you connected one) or stored in Networkr's own SQLite (hosted mode). A searchable content registry index (title, slug, tags, excerpt, timestamp, domain) is kept for cross-link scoring.
Why: to serve articles, to cross-link across the network, and to publish the lineage record per post.
3. What we do NOT collect
- No behavioural tracking on the networkr.dev frontend
- No third-party analytics (Google Analytics, Mixpanel, etc.)
- No fingerprinting, no session replay, no heatmaps
- No advertising identifiers
- No Gmail/Workspace content — only the GSC scope you consent to
- No payment card numbers — Stripe handles payment processing when billing launches; Networkr stores only Stripe customer IDs
- No logs of article content sent through the LLM once the pipeline finishes
4. Where your data lives
Networkr runs on servers in Germany (Hetzner, Falkenstein / Nuremberg region). Our SQLite database and encrypted backups live there. Our jurisdiction is the EU/EEA (Sweden-based operator, German infrastructure). International transfers are covered in §7.
5. Third parties that may see your data
Networkr sends limited, purpose-bound data to the following services. Each is a processor under GDPR terms. Links point to each processor's own privacy policy.
| Processor | What we send | Purpose |
|---|---|---|
| Anthropic | Generation prompts (site profile, news context, voice config) | Article generation |
| OpenRouter | Generation prompts (same as above) | Article generation (fallback / multi-model) |
| Serper.dev | Keywords, topic phrases, domain names | SERP research, rank tracking |
| Open PageRank | Domain names | Domain Authority scoring |
| Google PageSpeed Insights | URLs | Core Web Vitals + performance scoring |
| Google Search Console | OAuth token (read-only scope) | Indexation verdicts, query analytics (if you connect) |
| IndexNow | Published URLs | Instant indexing (Bing, Yandex, Naver, Seznam) |
| Mailjet | Recipient email, digest contents | Weekly digest email delivery |
| Netlify / Vercel / Cloudflare / your host | Your build-hook URL only | Trigger your static-site rebuild on publish |
We do not sell your data. We do not share it with advertisers. Each processor is bound by its own DPA; we review integrations before adding them and publish changes in our standards history.
6. How long we keep data
| Site registration data | Until you delete the site via the API |
| Crawl/audit data | 90 days rolling, then deleted |
| Auth events (key mint/revoke/failures) | 90 days |
| Pipeline run history | 180 days |
| Published articles (hosted mode) | Until you delete them via the API; exportable anytime |
| OAuth tokens (GSC) | Until you disconnect or Google revokes |
| Encrypted backups | Rolling 7 days |
7. International transfers
Networkr stores your data within the EU/EEA. Some processors listed in §5 are based outside the EU (Anthropic, Google, Mailjet, etc.) and receive data under the EU's Standard Contractual Clauses (SCCs) and the processor's own certification (DPF where applicable). If you are an EU/EEA resident, you have the right to request the specific transfer mechanism used for any processor.
8. Your rights
Regardless of where you live, you can:
- Access all data we hold about your site via the API
- Export articles as MDX via npx networkr export
- Delete a site and all associated data instantly via DELETE /api/sites/:id
- Disconnect GSC at any time — token revoked client-side and server-side
- Object to any specific processing by emailing privacy@networkr.dev
EU/EEA residents additionally have the right to lodge a complaint with their local Data Protection Authority. UK residents may contact the ICO. California residents have CCPA rights — contact us and we respond within 45 days.
9. Cookies
The networkr.dev frontend is a static site with no analytics and no advertising cookies. We may set a short-lived signed cookie during OAuth flows (10-minute TTL) solely to prevent CSRF. No third-party cookies are set.
10. Security
Tenant API keys are stored as SHA-256 hashes — we cannot recover them. GSC refresh tokens are encrypted at rest with AES-256-GCM. All traffic is HTTPS-only with HSTS enforced. We apply the hardening checklist described in our Standards. Breaches that may affect user data are disclosed within 72 hours of discovery as required by GDPR Art. 33.
11. Children
Networkr is for developers and website operators, not children. We do not knowingly collect data from anyone under 16. If you believe we have such data, email privacy@networkr.dev and we will delete it.
12. Changes to this policy
Material changes are announced by email to active tenants at least 14 days before taking effect. Every prior version is archived at /privacy/history. The version identifier and publish date at the top of this page is the source of truth.
13. Contact
Privacy questions, deletion requests, access requests, DPO correspondence: privacy@networkr.dev. We respond within 30 days; urgent security concerns within 72 hours.
Privacy Policy v1.0 · Published 2026-04-18 · See history for prior versions.