Privacy Policy
We take your users' privacy very seriously. Our default settings give your users great privacy protection without compromising on speed or usability. However, you can modify your search engine's privacy settings within your settings page.
We don't store user searches
We don't store your users' searches or the data they've requested from us. This ensures your users' privacy and means that their searches cannot be tied together by us to form a profile of them.
We don't store user data
We don't store your IP address, your user agent or any other user data that could be used to identify you. We have no idea who you are or what you search for. If we were ever subpoenaed to supply this information, we would have nothing to give.
We don't sell any data to advertisers
Since we don't store your users' data, we have no data to sell to advertisers. This means that advertisers can never use any data your users have requested from Search Expander to target your users with ads.
We don't track your users across the web
Unlike Google, we don't track your users across the web. This means your users won't see any ads following them around the web as a result of any data they've requested from Search Expander.
All data requests are encrypted
As is the standard these days, all data requests made by our service are SSL-encrypted, ensuring that the users' ISP (Internet Service Provider) cannot see the full request or the response data.
We automatically delete our server logs every day
Every website is hosted by a web hosting company that keep their own server logs. These are separate to the website's own logs. These logs contain users' IP addresses and all https requests. We take the extraordinary step of automatically deleting our web host's server logs every day.
We don't use Google Analytics
Most large websites use Google Analytics – a free, powerful tracking tool that gives webmasters lots of data about their visitors – and all that data also goes back to Google. Which is why we don't use it. In fact, we don't use any external tracking tools.
Let your users break free from their filter bubble
When you search on Google, your search results are often influenced by your search history and your search profile. This is called a filter bubble. At Search Expander, the data we provide to your users is not based on anything but their search query and search results, allowing them to break free from their filter bubble.
Use your own proxy
Our service will also support the use of an NGINX proxy, which shields your users' IP addresses from our servers. This is useful for private search engines. Additionally, all our assets, third-party images and other third-party data can all be proxied separately.
POST vs GET Requests
Some private search engines use POST requests by default, whilst others allow their users to choose. Our service supports GET and POST requests, which can be configured client-side. This gives you and your users full control over how requests are handled.
Let your users choose our EU server
We have a number of servers in different countries with proximity steering and failover support to give your users the fastest response time and maximum uptime. However, we also allow you or your users' to specify that all our data is served from our EU server, if need be.
Our service is fully configurable
You can switch elements of our data on and off as you please. For example, if you don't want playable audio samples from Spotify, embedded Google Maps, embedded YouTube videos or Wikipedia popup balloons, you can simply switch these things off. We put you and your users in full control.
Get a cookie-free experience!
We do not set our own cookies on your users' devices. But, for maximum speed, we can allow third-party code such as Google Maps and third-party images to be downloaded directly from the source, should you choose to do so. Some of these third-party services may set cookies. But by disabling third-party code and proxying third-party images, etc., you can ensure that no cookies whatsoever will be set.
No man-in-the-middle
Many websites (and some search engines) use a CDN (Content Delivery Network) like Cloudflare to speed up their site. This can introduce a “man-in-the-middle” privacy problem, as a CDN can intercept and decode all https requests, which is why we don't use them. Our nameservers are privately controlled by NS1.com.
What data do we collect?
We only collect aggregated, non-personalised data for the purposes of providing you with reporting data and improving our services. This includes...
- the total number of data requests made in each country by each search engine customer
- the type of data request, e.g. knowledge panel, instant answer (and type of instant answer, e.g. weather data), and search suggestions data.
- the total number of requests made to our external data providers like Wikipedia (this is anonymous and does not include user data)
- error data, including error codes, etc.
How do we use this data?
We use this data for the purposes of providing reports to our search engine customers, which enables them to see how many data requests have been made from their search engines, from which countries, and the type of data request.
We also use this data to provide our own reports on the number, type and source of data requests being generated by each search engine customer. We also use it to detect and help prevent abuse of our service.
What data do we share with other third-parties?
We often request data from other parties to enhance your users' search experience, such as Wikipedia, TMDb, Spotify, Goodreads, TripAdvisor, etc. This is almost always done anonymously by our server on your users' behalf. The only exceptions are client-side requests, all of which can be switched off, if need be. These include the following...
Wikipedia popup balloons: (desktop and laptop computers only): within our knowledge panels, we include lots of data from Wikipedia. If you hover your mouse pointer over a link within our knowledge panel, we often pop open a balloon to show your user more information about that topic. This information is pulled dynamically from Wikipedia in real-time. This popup reveals the user's IP address to Wikipedia, just as if the user were searching on Wikipedia directly, but, importantly, it does not reveal the user's search terms to Wikipedia. This feature can be easily switched off or proxied from within your search engine's settings page.
Embedded maps: if the user's search is location-based, we may show the user an embedded, interactive map to show the location, which improves the user experience. For example, if your user searched for the “Tower of London”, we would show the user its location on a map. These maps are requested in real-time using client-side javascript and reveal the user's IP address and user agent to the map provider, just as if the user searched on their site directly. We currently use Google Maps as the map provider because it offers the best user experience and it's free, enabling us to keep our costs down. This feature can be easily switched off from within your search engine's settings page.
Embedded videos: If videos are returned as part of your user's search results, we can often embed these videos within your search results so that your user can play them without leaving your search results page. If these videos are from YouTube, then we embed the videos in such a way that it prevents YouTube from setting or reading cookies, which prevents YouTube gathering data about your users. However, if your user chooses to play the video, the video will be streamed directly from the video source site and your user will be subject to their privacy policy, just as your user would if he/she played the video directly on the source site. In the case of YouTube, this means your user will be subject to Google's privacy policy, just as if he/she viewed the video directly on YouTube. If your user is signed-in to YouTube at the time, your user's personalised YouTube privacy settings will be used.
If you'd prefer to switch embedded videos off (for YouTube and other video sources), you can do so within your search engine's settings page. You can also opt to see a thumbnail image of the video instead (which can be proxied) with a simple link to the third-party video source site (e.g. YouTube).
Image thumbnails: To make our data load as fast as possible, image thumbnails contained within the response data are downloaded directly to your users' browsers from the image source site by default. The source site may include Wikipedia, TMDb (The Movie Database, for movie or TV poster images, movie thumbnails and actor thumbnails), Goodreads and Google Books (for book covers), Spotify (for album covers and similar artists, etc.), YouTube (for video thumbnails) and Tripadvisor (for thumbnail images of restaurants, hotels and visitor attractions), etc. When your users download these thumbnail images directly from the source, the source site can see your users' IP addresses and user agents, but they cannot see your users' search terms. Some third-party sites may set cookies on your users' devices.
For a private search experience, with no cookies, all image thumbnails from third-party sites can be proxied. This prevents the third-party site from seeing your users' IP addresses and user agents and prevents them setting or reading cookies.
Private Search Engines
Our service can be used by private search engines to render our data in a completely private way:
We support the use of an NGINX proxy, so that all data requests and responses to our server are made via a proxy. This is something you will have to set up on your end – detailed instructions can be found in our documentation.
We support POST vs GET requests, which can be configured client-side, allowing your users to choose between the two options.
We allow all our assets and all third party images, audio and data requests to be proxied. You can set your own proxy URL for each of these within your search engine's settings page.
By default, we use proximity steering to serve our data from the closest server to your user. However, we also allow your users to specify that all our data is served from our EU-server.
Our blog
You can keep up to date with new developments and features on our blog. Our blog is hosted separately at blog.searchexpander.com and is powered by WordPress. Our blog commenting system is powered by Disqus (privacy policy).
What if I email you?
If you email us, we will store your email within our email client. This obviously includes your email address.
This privacy policy is subject to change as we add and modify the features on Search Expander.
If you have any questions about this privacy policy or anything else then please contact us.