Back to Home

How We Collect Data

HarvestMyData collects publicly available contact information from a variety of public sources, including but not limited to social media profiles, public directories, and other publicly accessible platforms.

Legal Basis

The legality of public data collection has been affirmed by US courts. In hiQ Labs v. LinkedIn (2022), the Ninth Circuit Court of Appeals ruled that scraping publicly accessible data does not violate the Computer Fraud and Abuse Act (CFAA). The court held that publicly available data — information visible to anyone without authentication — is not protected under federal computer access laws.

This precedent establishes that information users intentionally make public can be legally collected. Our service operates within this legal framework by accessing only public information that requires no login or authentication.

What We Do NOT Do

To ensure legal compliance and respect user privacy, we explicitly avoid the following:

  • Logging into any platform or user accounts
  • Using or requesting any user credentials or authentication tokens
  • Accessing private profiles or password-protected content
  • Bypassing any access controls, rate limits, or security measures
  • Scraping direct messages, stories, or any private communications
  • Collecting data from accounts set to private
  • Storing personal data beyond the delivery period (7 days)

What We Collect

We collect only information that users have chosen to make publicly visible:

  • Email addresses displayed in public profiles and bios
  • Phone numbers listed in public business profiles
  • Public profile metadata (username, display name, bio, follower counts)
  • Business category information from public accounts

How We Collect It

Our system accesses only publicly visible information — the same data anyone can see without logging in. We use standard HTTP requests to retrieve publicly accessible data, similar to how search engines index public web pages.

Compliance

We maintain compliance with applicable regulations:

  • CFAA: We never access password-protected or private areas
  • GDPR: We collect only publicly shared contact information that users chose to display
  • CAN-SPAM & CCPA: We provide data; you are responsible for using it lawfully

Your Responsibilities

By using HarvestMyData, you agree to:

  • Use collected data in compliance with all applicable laws in your jurisdiction
  • Follow anti-spam regulations (CAN-SPAM, GDPR, CASL, etc.) when contacting leads
  • Honor opt-out requests promptly
  • Not use the data for illegal purposes, harassment, or fraud
  • Take responsibility for securing any data you download

Data Retention

We automatically delete all collected data from our servers within 7 days of delivery. We do not sell, share, or retain your data beyond this period. Once deleted, data cannot be recovered — you are responsible for backing up your downloaded files.