This policy explains how [Your Company / Trading Name] handles personal data when you use Patchscout. We act as a data controller for your account and as a processor for the lead data you generate.
1. What we collect
- Account data — name, email, organisation, password (hashed).
- Usage data — searches, actions and logs needed to run and secure the Service.
- Billing data — handled by Stripe; we store your plan status and a Stripe customer reference, not card details.
- Lead data — business information you search for and the analysis/outreach generated for those leads.
2. How we use it
To provide and secure the Service, process payments, enforce usage limits, communicate with you about your account, and improve the product. We rely on legitimate interests, contract performance, and consent where applicable (UK GDPR).
3. Sub-processors
We share data with providers only as needed to run the Service:
- Hosting & database (e.g. Vercel, Neon, Railway)
- Google Places & PageSpeed — business search and site metrics
- Anthropic — website evaluation and email drafting
- Microsoft (Graph) — sending outreach and system email
- Stripe — payments and subscription management
4. Retention
We keep account and lead data while your account is active and for a reasonable period after closure, then delete or anonymise it, unless we must retain it for legal reasons.
5. Your rights
Subject to law, you may request access, correction, deletion, or export of your personal data, and object to certain processing. Contact us to exercise these rights. You may also complain to your data-protection authority (in the UK, the ICO).
6. Cookies
We use a single essential cookie to keep you signed in. We don't use advertising or cross-site tracking cookies.
7. Outreach & recipients
When you send outreach through Patchscout, you are the controller of that communication. You are responsible for having a lawful basis to contact recipients and for honouring opt-outs.
8. Contact
Privacy questions or requests? Contact [your support email].