Ripper.bot

Privacy Policy

Privacy

Last updated: May 9, 2026.

This policy explains what data Ripper.bot collects, why, and what happens to it. We tried to write it in plain English. If anything is unclear, email support@ripper.bot and we'll explain.

Who we are

Ripper.bot is operated by the Ripper.bot team. "We," "us," and "our" refer to the Ripper.bot team.

What we collect

When you use Ripper.bot, we collect the following:

  • Email address — required to create or sign in to your account. If you don't provide a name, we'll use the part of your email before the @ as a display name.
  • IP address — read from the CF-Connecting-IP header provided by Cloudflare. Used for rate limiting and abuse detection.
  • User-agent string — your browser's identification header. Used for diagnostics.
  • Timestamps — when you first signed up, when you last used the service, and how many times you've used it.
  • URLs you submit — the pages you ask Ripper.bot to rip. We use these to fulfill your request, show your rip history, and investigate abuse.
  • Captured ZIPs — the archive we create for you. We store it long enough to power the download page, currently up to 7 days, then the link expires.

We do not collect passwords, social graph data, or browsing history outside of Ripper.bot.

Cookies and local storage

  • sb_access and sb_refresh — HTTP-only, secure session cookies that keep you signed in through Supabase Auth.
  • sb_pkce — a short-lived HTTP-only, secure cookie used only during the Google OAuth sign-in round trip. It is cleared after the callback completes.
  • ripperbot.email.v1 (localStorage) — a convenience store that remembers your email on your device so you don't have to retype it. Stays on your device; we never read it server-side.

We do not use third-party advertising cookies, social pixels, or cross-site trackers.

How we use what we collect

  • To deliver the service — accept your request, run the capture, return your ZIP.
  • To keep you signed in, show your account history, enforce the 3-rips-per-24-hours quota, and block abuse.
  • To send you occasional product updates and educational content related to Ripper.bot. You can unsubscribe any time.
  • To diagnose failures and improve the service.
  • To meet legal, regulatory, or enforcement requests where required.

Who we share it with

  • Cloudflare — our hosting provider. Cloudflare routes requests to Ripper.bot and operates the Workers, KV storage, and headless-browser rendering that run the service. Cloudflare processes data under its own policies and applicable data-processing agreements.
  • Supabase — our authentication, database, and ZIP storage provider. Supabase stores account records, rip job metadata, and the ZIP files that power your download links.
  • Resend — our transactional email provider. Resend sends secure sign-in links, account emails, and rip-ready emails.
  • Google — only if you choose Continue with Google. Google handles the OAuth sign-in step and returns the account information needed to authenticate you.
  • Firecrawl — our primary page-capture provider for submitted URLs. We send the target URL when Firecrawl is used for a rip.

We don't sell your email, we don't syndicate your data to third-party ad networks, and we don't share your submitted URLs with marketers.

Data retention

Account records, lead records, and rip job metadata persist until you ask us to delete them or we decide to retire the dataset. Auth cookies expire according to Supabase session settings and may be refreshed while you remain signed in. Rate-limit entries auto-expire within minutes.

Captured ZIP files are stored for the download window, currently up to 7 days. Each generated download URL is short-lived, currently 1 hour.

To delete your record, email support@ripper.bot from the address you signed up with and ask. We'll remove it within 30 days.

Your rights

Depending on where you live, you may have the right to (a) ask what data we hold on you, (b) correct inaccurate data, (c) delete your data, (d) object to specific processing, (e) receive a machine-readable copy, or (f) lodge a complaint with your local data-protection authority. Contact us to exercise any of these rights.

Children

Ripper.bot isn't directed at children under 13. We don't knowingly collect data from anyone under 13. If you're a parent or guardian and you think a child has submitted data, contact us and we'll delete it.

International transfers

Ripper.bot is served via Cloudflare's global edge network. Your data may be processed in a country outside your own, including the United States. We rely on Cloudflare's contractual safeguards (including Standard Contractual Clauses, where applicable) for international transfers.

Security

We use TLS everywhere, HTTP-only secure auth cookies, strict SSRF protection (so the tool can't be used to reach private networks), and IP-based rate limiting to prevent abuse. Captured ZIPs are stored only for the download window described above.

No online service is perfectly secure. Do not rip pages that are confidential to someone else.

Changes to this policy

If we change this policy, we'll update the "Last updated" date at the top. Material changes will be flagged on the Ripper.bot homepage or emailed to active users.

Contact

Privacy questions, requests, or complaints: support@ripper.bot.

This is plain-language policy copy. It isn't legal advice. If you need formal guidance about your rights, consult your own attorney.