Privacy

Your data, your rules.

Plain-English version: we only touch your data to run the product on your behalf. We never sell it, never train models on it, never share it without your say-so.

Last updated: June 27, 2026

1. Information we collect

We collect information you provide directly (account details, company details, leads you upload), data captured automatically from integrations you connect (Meta Lead Ads, Google Lead Forms, WhatsApp Business, website webhooks), and usage telemetry from your interactions with the product.

2. How we use information

Your data is used solely to operate the Sconsett platform on your behalf — routing leads, sending notifications, generating reports, securing your account and improving the product. We never sell your data, never share it with advertisers, and never use it to train third-party models.

3. Multi-tenant isolation

Every record in Sconsett is tagged with your tenant ID. Row-Level Security policies enforce that no employee from another company — including ours — can ever read your data without explicit authorisation in an audit-logged session.

4. Data storage & encryption

Data is stored in ISO-27001 certified data centers in India. All connections are encrypted in transit (TLS 1.3). Sensitive credentials (WhatsApp tokens, OAuth refresh tokens, webhook secrets) are encrypted at rest using AES-256-GCM with per-tenant keys.

5. Subprocessors

We rely on a small set of vetted subprocessors: Supabase (Postgres + Auth), Cloudflare (edge + CDN), Resend (transactional email), Razorpay/Stripe (billing). A full and current list is available on request.

6. Your rights

You can export your data as CSV at any time from inside the product. You can request permanent deletion of your tenant by writing to privacy@sconsett.com — we will purge all primary copies within 30 days and all backups within 90 days.

7. Children's data

Sconsett is a B2B product not intended for use by anyone under 18. We do not knowingly collect data from minors.

8. Updates to this policy

We will notify all workspace admins by email at least 30 days before any material change. Continued use after the effective date constitutes acceptance.

9. Contact

Questions? Write to privacy@sconsett.com or our DPO at dpo@sconsett.com.