Privacy Policy

Effective May 1, 2026

This Privacy Policy explains what data Scoutr collects when you use our service, how we use it, and the rights you have over it. We aim to be transparent and minimal in what we collect.

Who we are

Scoutr is operated as an individual service offering located in Argentina. Throughout this policy, "we", "us", and "Scoutr" refer to the service operator. "You" refers to the user of the service.

What data we collect

  • Email address (when you create an account or pay for a single report)
  • Display name and profile picture (only if you sign in with Google)
  • IP address and browser/device metadata (used for rate limiting and analytics)
  • The ideas you submit for analysis (encrypted at rest)
  • Reports we generate for you
  • Usage events (pages visited, features used, generated by PostHog)
  • Payment metadata such as last 4 digits of card and billing country (we do not store full card numbers — these are handled by Polar / Stripe)

How we use your data

  • To provide the service: generate reports, deliver them, and let you access your dashboard
  • To process payments through Polar (our merchant of record)
  • To send you transactional emails (report delivery, account confirmations)
  • To improve the product (anonymized usage analytics)
  • To respond when you contact us

Third parties we share data with

  • Supabase (database and authentication, US East region)
  • OpenAI (we send your idea text via API to generate the analysis; OpenAI does not use API submissions for model training as of this writing)
  • Brave Search (queries derived from your idea, not the full idea text)
  • Polar (payments, merchant of record — handles tax and card data)
  • PostHog (product analytics — events and pageviews, no idea content)
  • Resend (transactional email delivery)
  • Vercel (web hosting)
  • Google (only if you choose Google sign-in)

We do not sell your personal data. We do not share your idea text with anyone other than the AI providers required to generate your report.

How we protect your data

Your idea text is encrypted at rest (AES-256-GCM) before it is stored. Authentication and session cookies use industry-standard mechanisms. Payments never touch our servers — they are processed by Polar. We use HTTPS for all traffic.

How long we keep your data

  • Account data and reports: as long as your account is active, plus 30 days after cancellation
  • Usage analytics events: up to 12 months
  • Payment records: as required by tax law (7 years in Argentina)

Your rights

You can request access, correction, or deletion of your personal data at any time by emailing tom@scoutr.dev. If you are in the EU, EEA, UK, California, or Argentina, you have additional rights under GDPR, CCPA, and Ley 25.326. We will respond within 30 days.

Cookies

We use a small number of cookies: session cookies for authentication (essential), a language preference cookie, and analytics cookies set by PostHog. None of our cookies are used for advertising or cross-site tracking.

Children

Scoutr is not intended for users under 16. If we learn we have collected data from a user under 16, we will delete it.

Changes to this policy

We may update this policy as the service evolves. We will post the updated effective date and, for material changes, notify active users by email.

Contact

Questions or requests: tom@scoutr.dev