HookGrabber

Privacy Policy

Last updated: March 2025

1. Overview

HookGrabber ("we", "us") takes your privacy seriously. This policy explains what data we collect, how we use it, and your rights regarding it.

2. Data We Collect

We collect only what is necessary to operate the Service:

  • Account data — your GitHub username, email address, and public profile information provided by GitHub OAuth at sign-in.
  • Webhook request data — HTTP method, path, headers, body, query parameters, source IP address, and timestamp for each request captured through your endpoints. This is the core function of the Service.
  • Usage data — basic server logs (timestamps, IP addresses, HTTP status codes) for security monitoring and abuse prevention.

3. How We Use Your Data

  • To provide, operate, and improve the Service
  • To authenticate you and manage your account
  • To enforce rate limits and prevent abuse
  • To send transactional communications (account changes, billing)

We do not sell your data or use it for advertising.

4. Webhook Payload Data

Webhook payloads you capture may contain sensitive information (API keys, personal data, etc.). You are responsible for ensuring that the data you route through HookGrabber complies with your own privacy obligations. We treat payload data as confidential and do not access it except as required to provide the Service or respond to a verified legal request.

5. Data Retention

Captured webhook requests are retained according to your plan tier (48 hours for free accounts; longer for paid plans). Account data is retained for the lifetime of your account and deleted within 30 days of account termination.

6. Data Sharing

We share data only in limited circumstances:

  • Infrastructure providers — hosting and database providers that process data on our behalf under data processing agreements.
  • Legal requirements — if required by law, court order, or to protect the rights and safety of users or the public.

7. Cookies and Tracking

We use a single session cookie to keep you logged in. We do not use third-party analytics cookies or advertising trackers.

8. Your Rights

You may request a copy of your data, correct inaccuracies, or delete your account at any time from the Settings page. For any privacy request not available in-app, contact us at privacy@hookgrabber.dev.

9. Security

We use industry-standard measures including encrypted connections (TLS), encrypted storage, and access controls. No system is perfectly secure; please use the Service responsibly and avoid routing highly sensitive secrets through it in plain text.

10. Changes to This Policy

We may update this policy. Material changes will be communicated via email or an in-app notice at least 14 days before they take effect.

11. Contact

Privacy questions or requests: privacy@hookgrabber.dev.