Public data only, PII scrubbed at source, ISO-aligned, NDA-first, and documented for compliance review. Here's exactly how we handle trust.
Web data has a reputation for living in a grey zone. We've built iWeb deliberately on the defensible side, because our clients' legal, security and procurement teams — and increasingly their investors — have to sign off on where their data comes from. Here's exactly how we handle it.
We collect only publicly accessible data — no login-gated or private content, no circumventing access controls.
Personal identifiers are removed at collection. Review text and ratings are retained; reviewer identities are not.
Quality and information-security processes aligned to ISO 9001 and ISO/IEC 27001.
We sign your NDA before sensitive discussions and provide written methodology for compliance review.
Only publicly available information — the same data any visitor to a website or app can see without logging in. We do not access private accounts, bypass authentication, or collect data behind paywalls or access controls.
We scrub personally identifiable information at the point of collection. For use cases like reviews, we keep the content, rating and metadata that carry the signal while dropping reviewer names and handles, consistent with GDPR-style principles.
For training corpora, we provide per-source provenance documentation and respect text-and-data-mining opt-outs — the elements needed for the EU AI Act's training-data transparency requirements, applicable to general-purpose AI since August 2025. Read our AI-ready data guide →
We're not lawyers and this isn't legal advice — but we give your legal team the documentation they need to make their own assessment. See our 2026 compliance guide →
Collecting publicly available data is broadly defensible in major jurisdictions, and courts (e.g. hiQ v. LinkedIn in the US) have supported access to public data, though specifics vary by jurisdiction and use. We collect only public data, scrub PII, respect rate limits and document our methods — but your legal team should make the final assessment for your use case, and we provide the documentation to enable that.
We scrub personally identifiable information at the point of collection. For reviews and similar content, we retain the text, rating and metadata that carry the signal while removing reviewer names and handles, consistent with GDPR-style data-minimization principles.
For training corpora we provide per-source provenance documentation (source, date, method, access basis) and respect text-and-data-mining opt-outs — the elements needed to meet the EU AI Act's training-data transparency requirements, which apply to general-purpose AI models since August 2025.
Our quality and information-security processes are aligned to ISO 9001 and ISO/IEC 27001. We operate NDA-first and can provide written methodology documentation for your security and procurement review.