Another company is using retool to take date from calculators on my website without my permission. How can I stop your software from doing this
Hi @Books2022, thank you for writing in about this. How is the other Retool org taking data? Are they connecting via Rest API? Do they have access to your auth credentials?
1 Like
Hey @Books2022, welcome to the community 
Albeit the reason being different 
Retool just offers an environment to build tools on. What you do with these tools can't possible be controlled in such a way.
I assume they load your page and scrape data off the dom? There lots of ways of preventing this (not 100%, but making it very hard at least).
Nothing Retool can do about that!
1 Like
I'll second @minijohn on that.
I do lots of web scraping for one of my businesses and I use a couple of different techniques in .Net to do it, Headless Chrome and HTTPClient. In my use case I am only scraping data from databases in publicly available regulatory agency websites.
But nothing is stopping anyone from using C#, Java, Javascript or Python running from Azure, AWS, Retool or their own laptop from doing unethical data extraction.
On one of my websites where lots of proprietary data is exposed to smart people (the result of the compilation and processing of hundreds of those regulatory databases), I have metered the backend API so that it would take a very, very long time, or lots of VMs running in parallel to duplicate my database.
1 Like
We have paid a lot of money for the dev of our online calculators. Basically its theft
No, they do not have permission.
Definitely want to make sure we do what we can to help! How specifically is the other company using Retool to take your calculator data? Let me know what actions would be ideal for you and I can look into it!
It's not theft, but it may be a breach of your terms of service. The web is open for anyone to use what is publicly made available. You can try to block the IPs these - in your eyes - malicious requests are coming from.
I want to know what can be done to stop retool from extracting data from my website. Does the data request come through your servers or the company using retool. Is it a plugin?
We track all data that goes into our calculators. This company had hundreds of queries with no orders. We went to their website and filled in their calculator and the data then showed up in the back end of our site. They have the retool logo on their calculator.
Sounds like they used Retool to develop the calculator. @Books2022 there's really nothing you can do at this point 
Someone just bruteforced through all conditions. But as @bradlymathews said, there are loads of ways to make your website way harder to scrape, but never impossible.
1 Like
Oh well, its up to the solicitors now. We have adjusted terms and conditions to make it a breach with consequences if they continue to do it. We are looking at wording it so that it comes under commercial theft which in Australia is governed by Federal law.
@Books2022, you may block Retool's IP addresses.
They are listed here: Allow Retool's Cloud IP addresses
At the time of writing, they are the following:
52.177.12.28/32
52.175.251.223/32
35.90.103.132/30
44.208.168.68/30
2 Likes