Document Purpose: This document outlines the policies and practices Resource Aigent will follow to collect data in a legally compliant and ethical manner while operating in a "gray zone" for data fetching. The goal is to protect Resource Aigent from legal risks while ensuring the company can collect useful public data within the boundaries of privacy laws, terms of service (ToS), and ethical business practices.
Resource Aigent recognizes that while data scraping and fetching may occur in a legal gray area, certain principles must guide our operations to mitigate legal and ethical risks:
Resource Aigent primarily focuses on the following types of data:
Resource Aigent will comply with the following data protection laws:
GDPR (General Data Protection Regulation): Resource Aigent will avoid collecting or processing personal data of individuals without their explicit consent, unless there is a clear legal basis for doing so (e.g., legitimate interest). The focus will be on business emails and publicly available information to minimize the risk of non-compliance.
CCPA (California Consumer Privacy Act): Resource Aigent will ensure that no personal data of California residents is collected or sold without clear and unambiguous consent. Data subjects will have the right to access, delete, or restrict the use of their data.
CAN-SPAM (U.S. Anti-Spam Law): Resource Aigent will ensure that email addresses collected from public sources are only used in compliance with email marketing laws. All commercial emails sent will include opt-out mechanisms, clear identification of the sender, and the purpose of the email.
Resource Aigent commits to fetching publicly available information that is accessible without:
Best Practice: All data collection operations will be regularly reviewed to ensure that they target only data that is intended to be publicly accessible by the website owner.
Resource Aigent acknowledges that scraping or fetching data may sometimes conflict with a website’s Terms of Service (ToS). To minimize this risk:
Robots.txt Compliance: Resource Aigent will review and respect robots.txt files, except in cases where the public data we intend to access is not explicitly disallowed by law or terms of service. This includes avoiding pages that explicitly state "Disallow" in the robots.txt file.
ToS Review: Prior to engaging in data collection from a website, Resource Aigent will carefully review the site’s Terms of Service. If a website explicitly forbids scraping or unauthorized data collection, Resource Aigent will refrain from collecting data from such a site unless explicit permission is granted by the site owner or operator.
Resource Aigent employs various methods for data collection, each with its own guidelines:
Manual data collection may be carried out by virtual assistants (VAs) or employees under specific conditions:
Resource Aigent may use automated tools to gather publicly available business data from websites. This will be done in compliance with the following practices:
Whenever possible, Resource Aigent will integrate directly with official APIs offered by websites or platforms. This ensures that the data we collect is done so within the platform’s guidelines and with full legal compliance.
Resource Aigent ensures that the data collected will be used in compliance with the following:
Business Communication: Collected data will primarily be used for business communication purposes (e.g., email marketing for B2B services), ensuring that it complies with CAN-SPAM, GDPR, and CCPA regulations.
No Resale of Personal Data: Resource Aigent will never sell or share personal data without explicit consent from the individual. Only aggregated and anonymized data will be shared with third parties, if applicable.
User Consent for Email Campaigns: All individuals or companies contacted through collected emails will be provided with an opt-out mechanism and clear information on how their data was collected.
Resource Aigent has developed the following risk management strategies to minimize legal risks associated with data fetching:
Legal Counsel Review: Regular legal reviews will be conducted to ensure that Resource Aigent remains compliant with evolving data protection laws and platform ToS.
User Accountability: If third-party users or partners request data collection services, Resource Aigent will implement disclaimers that clearly place the burden of legal compliance on those users for how they use the data.
Incident Response Plan: Resource Aigent will maintain an incident response plan to quickly address any legal claims, cease-and-desist orders, or platform bans that may arise from data collection activities.
Resource Aigent will keep a detailed log of all data collection activities, including:
This documentation will be regularly audited by the legal team or an external consultant to ensure compliance with evolving data protection regulations.
All Resource Aigent employees and contractors involved in data collection activities will be trained in:
Resource Aigent is committed to legal compliance and ethical data collection while maintaining competitive data-fetching practices. By following the guidelines outlined in this document, Resource Aigent will ensure that its operations remain within the bounds of the law while gathering useful public information to support business growth.
Approved by: Resource Aigent Leadership Team
Date: October 1, 2024
Version: 1.0