Privacy Policy

Last updated 2026-07-07

This policy explains what personal data Clearfront collects, why, and the choices you have. The important part first: the Clearfront software is self-hosted and runs entirely on your own machine, so the targets you look up, the results it gathers, and your API keys never reach us. This policy therefore covers only the limited data we collect through this website.

1. Who we are

Clearfront ("we", "us", "our") publishes the open-source Clearfront software and this website. For any privacy question, contact us at privacy@clearfront.sh. The data controller for website data is Scott Anderson.

2. The software collects nothing for us

The Clearfront command-line tool and web console run locally on your device with your own API keys. Your targets, your findings, your keys, and everything the tool collects stay on your machine. The software does not send that data to us, and we never see or store it. When the tool queries an external source, your request goes directly from your machine to that provider under the keys you configured, not through us.

3. Information we collect through this website

We collect only what you give us or what is needed to serve the site:

  • -Email address, if you submit it to the removal-guide form or a waitlist. This is optional and only collected when you choose to send it.
  • -Basic, privacy-friendly usage analytics (page views and performance), collected in aggregate without cookies and without profiling you.
  • -Standard server logs kept by our host, such as IP address and browser type, used for security and reliability.

4. How we use your information

  • -To send you the removal guide or early-access updates you asked for, and nothing else without your consent.
  • -To understand, in aggregate, how the site is used so we can improve it.
  • -To keep the site secure and running.
  • -To meet legal obligations where they apply.

We do not sell or rent your personal data, and we do not share it for cross-context behavioral advertising.

5. Legal bases for processing (GDPR)

  • -Consent, for sending you email you signed up for. You can withdraw it at any time.
  • -Legitimate interests, for aggregate analytics and keeping the site secure.
  • -Legal obligation, where the law requires us to retain or disclose data.

6. Cookies and analytics

This site aims to run without tracking cookies. Our analytics are cookieless and do not fingerprint you or build an advertising profile. If we ever add anything that requires consent, we will ask for it first and update this policy.

7. Service providers we use

A small number of providers process website data on our behalf under their own privacy terms:

  • -Our hosting and analytics provider, Vercel, which serves the site and provides aggregate analytics.
  • -Our email or opt-in provider, ConvertKit, if you submit your email, used only to deliver what you requested.

We enter into data processing terms with these providers and rely on appropriate safeguards for any transfer outside your region.

8. How long we keep it

  • -Email addresses: until you unsubscribe or ask us to delete them, then removed.
  • -Aggregate analytics: retained in non-identifying form.
  • -Server logs: kept for a short period for security, then rotated.

9. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict, port, or object to the processing of your personal data, and to withdraw consent. Under the CCPA and similar laws you can request access or deletion and opt out of any sale or sharing of your data; we do not sell or share it. To exercise any right, email us at privacy@clearfront.sh. You also have the right to complain to your local data protection authority.

10. Data about other people in your investigations

If you use the Clearfront software to look up other people, that processing happens on your own machine and you act as the data controller for it. You are responsible for having a lawful basis and for complying with applicable law. See our Acceptable Use Policy. We do not receive or process that data.

11. Security

We use reasonable technical and organizational measures, including encryption in transit, to protect the limited website data we hold. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

12. Children

This website and the software are not directed to children, and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it.

13. Do Not Track

Because we do not track you across sites or over time, there is no cross-site tracking for a Do Not Track signal to turn off. We honor applicable opt-out preference signals where required.

14. Changes to this policy

We may update this policy from time to time. When we do, we will revise the date at the top of the page. Material changes will be made clear on this page.

15. Contact

Questions about this policy or your data: privacy@clearfront.sh.