Privacy Policy

Last updated: October 21, 2025

Scout0 is built for developers who care about their code. Here's what we collect and why.

The Short Version

  • Your code is never stored. We send the file you're analyzing to OpenAI, then delete it immediately.
  • We don't train on your code. Your code is not used to train AI models.
  • We use read-only GitHub access. We can only read files you choose to analyze.
  • We store analysis results. So you can see your history.
  • We use anonymous analytics. To understand what's working and what's broken.
  • We don't sell your data. Ever.

1. Information We Collect

You give us:

  • Email address (for your account)
  • GitHub username (when you connect GitHub)
  • Payment info (processed by Stripe via Polar, we never see your card)

We generate:

  • Analysis results (the reports we create for you)
  • Credit usage (to track your monthly allocation)
  • Anonymous usage data (which features are used, where bugs happen)

We don't collect:

  • Your source code (deleted after analysis)
  • Personal information beyond what's needed
  • Anything from repos you don't analyze

2. How We Use Your Code

When you analyze a file:

  1. You select a file
  2. We send only that file to OpenAI
  3. OpenAI analyzes it and returns insights
  4. We delete the file content immediately
  5. We store the analysis results (not your code)

Your code is never:

  • Stored beyond the analysis request
  • Used to train AI models
  • Shared with anyone
  • Accessible to us (except for debugging with your permission)

OpenAI doesn't train on API data: OpenAI's API data usage policy

3. GitHub Access

We use read-only access:

We can:

  • Read files you select for analysis
  • List your repos and files

We cannot:

  • Modify, delete, or write code
  • Access repos unless you grant permission
  • See anything you don't select

Revoke access anytime at github.com/settings/applications

4. Third-Party Services

ServicePurposeWhat They Get
OpenAIAI analysisFile content (deleted after)
Polar + StripePayment processingBilling info (not your card)
GitHubRepo accessRead-only to selected files
VercelHostingUsage logs
NeonDatabaseAccount data, analysis results
PosthogAnalyticsAnonymous usage data

All third parties have strict data processing agreements and security standards.

5. Analytics

We use Posthog to understand how Scout0 is used:

  • All data is anonymized (we can't identify you)
  • Helps us fix bugs and improve features
  • Currently no opt-out (coming in future update)

We track things like:

  • Which features are used
  • Where errors happen
  • How long analyses take

We don't track:

  • What you're coding
  • Your file names or contents
  • Personal browsing outside Scout0

6. Data Security

  • All data encrypted in transit (TLS)
  • Database encrypted at rest
  • Hosted on secure infrastructure (Vercel, Neon)
  • Your code deleted immediately after analysis
  • Regular security monitoring

7. Your Rights

You can:

  • Access your data: Email us for a copy
  • Delete your account: We'll remove everything within 30 days
  • Revoke GitHub access: Through GitHub settings
  • Export analysis history: Email us
  • Update your information: In your account settings

Contact: support@scout0.com
Response time: Within 48 hours

8. Data Retention

While your account is active:

We keep your analysis history and account information

After you delete your account:

  • Personal information deleted within 30 days
  • Analysis results anonymized (removed from your account)
  • Billing records retained for 7 years (legal requirement)

9. Where Your Data Lives

Scout0 is operated from Canada. Your data is processed and stored in:

  • Database (Neon): US West 2 / Oregon
  • Hosting (Vercel): Global CDN with primary in US
  • AI Analysis (OpenAI): US-based servers
  • Payments (Polar/Stripe): Global infrastructure

All services use encryption in transit and at rest. Your data is protected the same way regardless of location.

Privacy laws we follow:

  • PIPEDA (Canada)
  • GDPR (for EU users)
  • Standard data protection practices globally

If you have concerns about data location, contact us at support@scout0.com

10. Cookies and Tracking

We use minimal cookies:

Essential cookies:

  • Session management (keeps you logged in)
  • Authentication tokens

Analytics:

  • Anonymized usage tracking via Posthog
  • No advertising or third-party tracking cookies
  • No cross-site tracking

11. Children's Privacy

Scout0 is not intended for users under 13. We don't knowingly collect information from children. If you believe we have, contact us immediately at support@scout0.com

12. Business Transfers

If Scout0 is acquired or merged with another company, your data may be transferred. We'll notify you at least 30 days in advance and give you the option to delete your account first.

13. Changes to This Policy

We may update this policy occasionally. If we make significant changes:

  • We'll email you at least 30 days before changes take effect
  • The "Last updated" date at the top will change
  • Continued use after changes means you accept the new policy

14. Legal Compliance

PIPEDA (Canada): We comply with Canada's Personal Information Protection and Electronic Documents Act.

GDPR (EU): For EU users, we process data under these legal bases:

  • Contract: To provide Scout0 services
  • Legitimate interest: To improve our service and prevent fraud
  • Consent: For optional features (you can withdraw anytime)

You have the right to lodge a complaint with your local data protection authority.

15. Contact Us

If you have questions about this policy or our data practices:

Email: support@scout0.com
Response time: Within 48 hours

We're developers too. We get it. If something in this policy is unclear or concerning, let us know.

This policy is effective as of October 21, 2025.

← Back to Home