← Back to home

Data Sources & Compliance

Transparency is core to how we operate. Here's exactly how Pulsadar collects data, which APIs we use, and how we handle rate limiting, caching, and privacy.

Our principles

Official APIs only

We use documented, public APIs wherever available. No scraping of authenticated pages, no headless browsers, no terms of service violations.

Rate limit compliance

Every API call is throttled to stay well within published rate limits. We use exponential backoff on errors and never retry aggressively.

Smart caching

Results are cached to reduce redundant API calls. Stale-while-revalidate patterns ensure freshness without overwhelming source platforms.

Public content only

We only monitor publicly visible posts, comments, and discussions. Private messages, DMs, and gated content are never accessed.

Platform-by-platform

🔴

Reddit

Stable
Method: Official JSON API

We use Reddit's public JSON endpoints to search for relevant posts and comments. All requests respect Reddit's API rate limits and terms of service. We only access publicly visible content.

🟠

Hacker News

Stable
Method: Algolia Search API

We use the official HN Algolia API (hn.algolia.com) which is publicly provided for search and data access. This is the same API used by most HN readers and tools.

📚

Stack Overflow

Stable
Method: Stack Exchange API v2.3

We use the official Stack Exchange API with proper API key registration. Requests are throttled to stay well within the published rate limits. Only public Q&A content is accessed.

🐦

Twitter/X

Limited
Method: Official API v2

We use Twitter's official API v2 for search queries. Due to API pricing volatility, we have built fallback mechanisms including reduced polling frequency and cached results. We prioritise Reddit and HN for reliability.

🐙

GitHub Issues

Stable
Method: GitHub REST API v3

We use GitHub's official REST API to search public issues and discussions. All requests use proper authentication and respect rate limits. Only public repositories are monitored.

💡

Indie Hackers

Stable
Method: Public feed parsing

We monitor Indie Hackers through publicly available RSS/feed endpoints. Content is cached to minimise requests. Only publicly visible posts and comments are included.

How we handle your data

What we store

We store your product keywords, matched signals (post title, URL, content snippet, author username, AI-generated summary and score), and your account information. Signals are retained for 90 days, then automatically purged.

What we don't store

We do not store complete post histories, user profiles from source platforms, or any private/authenticated content. We never collect passwords or authentication tokens for source platforms.

API volatility and fallbacks

Platform APIs can change without notice. We actively monitor terms of service changes and maintain fallback mechanisms including RSS feed monitoring and reduced polling intervals. If a platform restricts API access, we adjust our approach or temporarily pause that source — we never circumvent restrictions.

Infrastructure

Pulsadar runs on Vercel (serverless) with data stored in Supabase (Postgres). All connections are encrypted via TLS. Authentication is handled by Supabase Auth with bcrypt password hashing. We do not sell or share your data with third parties.

Questions about our data practices?

We're happy to answer questions about how we handle data, comply with platform terms, or anything else.

hello@pulsadar.com