← Back to ScopeForm

Privacy Policy

Last updated: March 23, 2026

1. Introduction

ScopeForm ("we", "us", "our") operates the website scopeform.io (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and company information. If you sign in via Google, we receive your name and email from Google.

Lead Data

When end-users submit estimates through your embedded forms, we collect the information they provide (name, email, phone, address, and form responses). This data is stored on your behalf as the data controller.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers on our servers. We retain your Stripe customer ID and subscription status.

Usage Data

We use PostHog to collect anonymized analytics data including pages visited, features used, and session recordings (with sensitive inputs masked). You can opt out via the cookie consent banner.

3. How We Use Your Information

  • To provide and maintain the Service
  • To process payments and manage subscriptions
  • To send transactional emails (welcome, lead notifications, billing updates)
  • To improve the Service based on usage patterns
  • To provide AI-powered question suggestions for your forms
  • To respond to support requests

4. Data Sharing

We share data only with the following service providers who process data on our behalf:

  • Supabase — Authentication and database hosting
  • Stripe — Payment processing
  • Resend — Transactional email delivery
  • Anthropic — AI-powered suggestions (no personal data sent)
  • PostHog — Product analytics
  • Vercel — Application hosting

We do not sell your personal data to third parties.

5. Data Retention

We retain your account data for as long as your account is active. Lead data is retained until you delete it or close your account. You can export or delete your data at any time by contacting us.

6. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, contact us at info@scopeform.io.

7. Cookies

We use essential cookies for authentication and session management. We also use analytics cookies (PostHog) with your consent. You can manage your cookie preferences via the consent banner displayed on your first visit.

8. Security

We implement appropriate technical and organizational measures to protect your data, including HTTPS encryption, row-level security policies, input validation, and secure authentication practices.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or through the Service.

10. Contact

For questions about this privacy policy, contact us at info@scopeform.io.