SEO Crawler
Legal

Privacy Policy

Last updated: December 16, 2025

New Horizon Code Pty Ltd ("New Horizon Code", "we", "us", "our") is committed to protecting personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles ("APPs"), and other applicable privacy and data protection standards.

This Privacy Policy ("Policy") explains how we collect, use, store, disclose, and protect personal information in connection with the SEO Crawler service (the "Platform").

By creating an account, authenticating a domain, using the API, initiating a crawl, or otherwise using the Platform, you acknowledge you have read and understood this Policy.

On this page
1. Definitions2. Scope3. Our roles4. Information we collect5. How we use information6. Lawful basis7. Client responsibilities8. AI9. Disclosure10. Cross-border transfers11. Security12. Retention13. Your rights14. Data breaches15. Important disclaimers16. Updates17. Complaints & contact18. Governing law19. Children’s privacy

1. Definitions

"APPs"
means the Australian Privacy Principles under the Privacy Act 1988 (Cth).
"Client"
means the individual or entity holding an SEO Crawler account.
"Crawl Data"
means technical, structural, and publicly available information retrieved from webpages belonging to domains you authenticate, including metadata, HTTP responses, URL structure, sitemaps, and HTML content.
"Domain Authentication"
means the process used to verify ownership or control of a domain prior to enabling crawling or scraping functionality.
"Personal Information"
has the meaning given in the Privacy Act — information or an opinion about an identified individual, or an individual who is reasonably identifiable.
"Services"
means the features, tools, analytics, and automations supplied through the Platform.
"User"
means any individual authorised by the Client to access the Platform.
Unless otherwise stated, references to "you" and "your" mean the Client and its Users.

2. Scope of this Policy

This Policy applies to:

  • personal information collected when you create an account or interact with the Platform;
  • diagnostic, security, and telemetry data collected to operate and secure the Platform; and
  • information retrieved when crawling domains you authenticate.

This Policy does not apply to information contained on websites you do not own or control. The Platform is designed to crawl only domains that you successfully authenticate. However, content on your authenticated domains may include Personal Information (for example, names or contact details displayed on pages), and that content may be included in Crawl Data as part of normal crawling.

3. Our Roles: Controller and Processor

3.1 Account, billing, and Platform operations

For account administration, billing, customer support, security monitoring, and operation of our Services, New Horizon Code acts as the controller of Personal Information we collect from you and your Users.

3.2 Crawl Data from authenticated domains

For Crawl Data, you control which domains are authenticated, what is crawled, and how outputs are used. In that context, we generally act as a service provider/processor, processing Crawl Data on your instructions to provide the Services.

You are responsible for ensuring you have the authority to crawl each authenticated domain and for ensuring your use of Crawl Data complies with applicable privacy, contractual, and legal obligations.

4. Information We Collect

We may collect the following categories of information.

A. Account & Billing Information

  • name and email address
  • organisation name and contact details
  • authentication and access credentials (stored securely)
  • subscription tier, invoices, and billing history
  • payment details processed by third-party payment processors (for example, Stripe). We do not store full payment card numbers.

B. Domain & Crawl Data

Once a domain is authenticated, the Platform may collect:

  • URLs, HTTP status codes, redirects, metadata, canonical tags, robots directives, schema, and sitemaps
  • internal links, anchor text, and site architecture signals
  • performance or diagnostic metrics collected during crawling
  • rendered structure where applicable (for example, where JavaScript rendering is enabled)
  • framework/vendor detection results
  • AI-generated summaries and insights derived from Crawl Data

Crawl Data is limited to content that is publicly accessible or accessible under your authenticated permissions.

We do not attempt to bypass authentication controls or technical measures that restrict access.

C. System, Security & Diagnostic Data

We automatically collect:

  • IP address and approximate location (derived from IP)
  • device, browser, and operating system information
  • session identifiers, authentication logs, and security events
  • cookies necessary for session integrity and security
  • usage analytics, performance logs, and error reports
  • audit logs relating to account activity and administrative actions

5. How We Use Information

We collect and use personal information only where reasonably necessary to operate the Platform and provide the Services, including to:

  • create and administer accounts
  • verify Domain Authentication and prevent misuse
  • provide, operate, maintain, and improve the Platform
  • generate reports, analytics, and AI insights
  • secure accounts and infrastructure, including fraud detection and prevention
  • provide support and respond to enquiries
  • communicate service updates, maintenance notices, and security notifications
  • enforce our Terms of Service and acceptable use restrictions
  • meet legal obligations and respond to lawful requests

We do not sell or rent personal information.

Marketing communications

We may send product and service communications to account holders (for example, announcements, feature updates, billing notices). Where required, we will provide opt-out mechanisms in those communications.

6. Lawful Basis (Australia)

Under the APPs, we collect, use, and disclose personal information where it is:

  • reasonably necessary for our functions and activities, and
  • collected and used in a fair and lawful way.

We will not use Personal Information for secondary purposes unless permitted under the Privacy Act or with your consent.

7. Client Responsibilities

By using the Platform, you warrant that:

  • you are authorised to authenticate and crawl each domain you add;
  • Crawl Data retrieved from your domains is lawfully collectable and usable for your purposes;
  • you will ensure Users comply with this Policy and our Terms of Service;
  • you will maintain account security and confidentiality of access credentials; and
  • you will not use the Platform in a manner that violates privacy, copyright, confidentiality, or contractual obligations.

8. AI and Automated Analysis

Some subscription plans include AI features such as summaries, prioritisation, and recommendations.

AI features may process Crawl Data to generate outputs. AI outputs:

  • are informational only;
  • may be incomplete or inaccurate; and
  • must be reviewed by a qualified human before action is taken.

We do not use your Crawl Data to train external AI models. Where AI service providers are used to generate outputs, this is done for the purpose of providing the Services and under contractual controls consistent with this Policy.

9. Disclosure of Personal Information

We disclose personal information only as necessary to provide and secure the Services, or as permitted by law.

This may include disclosure to:

  • your authorised Users within your organisation;
  • infrastructure, hosting, analytics, observability, support, and billing providers (for example, cloud hosting providers, monitoring/telemetry providers, customer support tools, and payment processors);
  • contractors and professional advisers under confidentiality obligations;
  • regulators, law enforcement, or courts where required or authorised by law; and
  • related entities for internal operational purposes.

We do not disclose Crawl Data to third parties except to the extent required to operate the Platform (for example, hosting and processing), to provide the Services you request, or where required by law.

10. Cross-Border Data Transfers

Some service providers may store or process information outside Australia.

Where we transfer Personal Information overseas, we take reasonable steps to ensure:

  • the recipient is subject to privacy protections substantially similar to the APPs; or
  • appropriate contractual safeguards are in place; or
  • you have consented; or
  • another APP exception applies.

Primary application data is hosted in Australia where feasible; however, ancillary services (for example, telemetry, support tooling, or email delivery) may involve overseas processing.

11. Data Security Safeguards

We implement technical and organisational safeguards designed to protect Personal Information, including (as appropriate):

  • encryption in transit and at rest
  • role-based access controls (RBAC)
  • logging and audit trails
  • network controls, rate limiting, and anomaly detection
  • secure credential storage and MFA support
  • ongoing monitoring and risk assessment

No system is completely secure. You acknowledge that online services carry inherent risk.

12. Data Retention and Destruction

We retain Personal Information only as long as necessary for the purposes outlined in this Policy or as required by law.

On account closure or verified request, we will destroy or de-identify Personal Information unless:

  • retention is required by law; or
  • retention is reasonably necessary for legitimate business purposes (for example, fraud prevention, dispute handling, or security investigations).

Crawl Data may be deleted earlier upon request, subject to technical feasibility and verification.

13. Your Rights

You may request:

  • access to the Personal Information we hold about you;
  • correction of inaccurate or outdated information; and
  • export of account data or Crawl Data where technically feasible.

Requests must be submitted to legal@newhorizoncode.io. We will respond within a reasonable timeframe consistent with the APPs.

14. Notifiable Data Breaches

In the event of an eligible data breach under the Notifiable Data Breaches scheme, we will:

  • investigate promptly;
  • take remedial action; and
  • notify affected individuals and the OAIC where required.

15. Important Disclaimers

To the fullest extent permitted by law:

  • we are not responsible for unlawful or unauthorised crawling performed by you;
  • we are not responsible for losses arising from your reliance on AI-generated outputs; and
  • we are not liable for indirect, consequential, or economic loss.

Nothing in this Policy excludes rights that cannot be excluded under Australian law.

16. Updates to this Policy

We may update this Policy from time to time. Updates take effect upon publication on the Platform or our website.

Where required by law, we will provide notice of material changes or seek consent.

17. Complaints and Contact

If you have a privacy concern or complaint, contact:

Privacy Officer
New Horizon Code Pty Ltd
Suite 121, Level 14
167 Eagle Street
Brisbane QLD 4000

We will assess complaints and respond within 30 days or a reasonable timeframe.

If you are not satisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

18. Governing Law

This Policy is governed by the laws of Queensland, Australia. Disputes must be brought in the courts of Queensland.

19. Children's Privacy

The Platform is not intended for individuals under 18. We do not knowingly collect Personal Information from minors.