LEGAL

Privacy Policy

Last updated: May 12, 2026

1. Who we are

ScoutStack is operated by Scout Data Inc. (“ScoutStack,” “we,” or “us”). This policy covers two groups of people: customers who hold ScoutStack accounts, and homeowners whose property records appear in ScoutStack as part of our customers’ sales work.

2. What we collect

From customers

  • Account data: name, work email, phone, company, role, and the credentials you create.
  • Billing data: we use Stripe to process payments. Card numbers are entered into Stripe and never touch our servers — we store only the last 4 digits and a token.
  • Usage data: what features you use, when, and from which device. Used to operate, secure, and improve the product.
  • Technical data: IP address, browser, OS, approximate location, and similar fields written automatically by your browser.

From homeowner records

  • Property records: address, parcel data, permits, ownership history, and similar public-record fields, sourced from county assessors, public records, and licensed data partners.
  • Contactability signals: verified phone numbers, email addresses, and DNC status, used by customers to contact homeowners about home services.

3. How we use your data

We use customer data to:

  • Provide, maintain, and secure the ScoutStack product.
  • Bill you and answer support requests.
  • Communicate with you about your account, releases, and occasional product news. You can opt out of marketing email at any time; transactional email cannot be turned off while your account is active.
  • Improve the product — including aggregate analytics and training internal models. We never train models on the contents of your private notes or customer-uploaded files.
  • Comply with legal obligations and enforce our terms.

4. Who we share data with

We share data only with the parties below. We do not sell personal data, and we do not share it with advertisers or data brokers.

  • Subprocessors who run infrastructure on our behalf: cloud hosting (AWS, Vercel), payment processing (Stripe), email delivery, error monitoring, analytics, and customer support tooling. Each is contractually bound to handle the data only for the purpose we engaged them for.
  • Your team and admins. Customer accounts belonging to the same workspace can see each other’s shared lists, routes, and activity, per the workspace’s roles and permissions.
  • When the law requires it — for example, in response to a valid subpoena. We push back on overbroad requests.
  • In a business transfer. If ScoutStack is acquired or merged, customer data moves with the business under the same protections.

5. Google API integrations

When you connect Google Calendar, we request access to manage calendar events. ScoutStack’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We store OAuth tokens encrypted at rest, only to maintain the connection.
  • We create, update, and delete only the calendar events that you schedule inside ScoutStack. We do not read your other calendar events.
  • We do not share, sell, or transfer your Google data to any third party, advertiser, or AI training service.
  • You can disconnect Google Calendar at any time from Settings, which immediately revokes our access.

6. How long we keep data

  • Active customer data is retained for the life of your account.
  • After cancellation, customer data is deleted within 30 days unless we’re required to retain it for legal, accounting, or fraud-prevention reasons.
  • Backups roll off on a 90-day cycle.
  • Property records and homeowner contact data we license are refreshed on an ongoing basis; outdated values are replaced or removed.

7. Security

We encrypt data in transit (TLS 1.2+) and at rest. Access to production systems is restricted to a small group of staff, gated behind SSO and MFA, and audited. We don’t claim perfection — no system can — but if we discover a security issue affecting you, we’ll tell you promptly.

8. Your rights as a customer

Depending on where you live (e.g., GDPR, CCPA), you may have the right to access, correct, export, or delete personal data we hold about you, and to object to certain processing. Email support@scoutstack.ai and we’ll honor verified requests within the timelines the law requires.

9. Homeowner record requests

If you are a homeowner and want to know what records ScoutStack holds about your property, or want your contact information suppressed from our system, email support@scoutstack.ai with the property address. We’ll respond within 30 days.

10. Children’s data

ScoutStack is built for businesses. We do not knowingly collect data from anyone under 16. If you believe we have, contact us and we’ll delete it.

11. Changes to this policy

We’ll update this page when we make material changes and note the date at the top. For larger changes that affect how we use existing data, we’ll email account admins ahead of time.

12. Contact us

Questions or requests: support@scoutstack.ai.