Privacy Policy
Last updated: April 6, 2025
What We Collect
freshcrate collects the following data in the course of operating the service:
- Package metadata from GitHub — names, descriptions, star counts, licenses, and README content. This is all publicly available data.
- IP addresses — logged in our
request_logtable when you make API requests. - API key usage — we track which API key was used for each request for rate limiting purposes.
What We Don't Collect
We do not use cookies, tracking pixels, analytics services, or any form of behavioral tracking. There are no personal accounts or user profiles. We don't collect names, email addresses, or any personally identifiable information beyond IP addresses in API logs.
IP Address Retention
IP addresses are stored in our request_log table and automatically pruned after 30 days. They are used solely for rate limiting and abuse prevention.
GitHub Data
We index publicly available repository metadata from GitHub, including repository names, descriptions, star counts, licenses, and README files. All of this data is already publicly accessible on GitHub. We function as a directory and search engine for open source packages.
API Keys
API keys are created voluntarily by users. Keys are hashed with SHA-256 before storage — we only store the hash and a visible prefix (e.g., fc_abc1...). We cannot recover your full key after creation. Keys are not automatically collected.
Third-Party Services
We use the following external APIs to index data:
- GitHub API — for package and repository metadata
- arXiv API — for research paper metadata
- HuggingFace API — for model and paper metadata
We do not share your data with any third parties.
GDPR & Data Deletion
IP logs are automatically pruned after 30 days. If you want to request deletion of any data associated with you, contact us at privacy@freshcrate.ai.
Children
freshcrate is not directed at children under 13. We do not knowingly collect data from children.
Contact
For privacy-related inquiries, email privacy@freshcrate.ai.