Reference

Data privacy & security

Scout is built for marketing teams who handle sensitive brand data. This page explains exactly what we store, what we send where, and how the system is secured. The full legal text is on our Privacy Policy.

What Scout stores about you

CategoryWhat's storedWhere
AccountName, email, hashed password, plan, profile photoMariaDB on Namecheap dedicated database
Brand profileBrand name, website, industry, description, audience, language, country, competitorsSame DB
Topics & promptsThe text of every topic and prompt you createSame DB
Scan resultsFull AI responses, structured analysis (mention, sentiment, position, etc.), citationsSame DB
Optimize Hub stateStatus (Done/Ignored) of every recommendationSame DB
GSC data (if connected)Read-only mirror of queries, pages, impressionsSame DB, refreshed on demand

What we send to third parties

ServiceWhat we sendWhy
OpenAI (ChatGPT, GPT-4o-mini)Your prompts & the responses for analysisTo run scans and structured extraction.
Google (Gemini)Your promptsTo run scans on Gemini.
PerplexityYour promptsTo run scans on Perplexity.
Anthropic (Claude)Crawled HTML of your pages (Audit), brand description (LinkedIn generator)For AI Audit and LinkedIn suggestions.
RazorpayEmail, plan, payment amountTo process subscriptions.
Google (OAuth + GSC)OAuth tokens; we read GSC data on your behalfFor Google sign-in and GSC integration.
SerpAPIReddit search queries derived from your topicsFor Prompt Discovery (Reddit tab).
Google Cloud SMTP (GSuite)Notification emailsTo deliver invites, alerts, weekly summaries.
What we never send

Your password (we only store a salted hash). Your team members' personal data beyond email and name. Your billing card details (Razorpay handles those — we never see them). Your brand description is sent to AI providers only when you trigger a relevant feature; we don't push it on every API call.

Data retention

Security practices

Reporting a vulnerability

If you find a security issue, please email [email protected] with the details before disclosing publicly. We try to respond within one business day.

Was this page helpful?

Last updated July 2026 · Suggest an edit