Privacy Policy
Last updated: 2026-04-28
CarScout (“CarScout”, “we”, “us”) is a price-intelligence product for used-car buyers. This policy explains what data we collect, how we use it, who processes it on our behalf, and how you exercise your rights.
Data we collect
- Account & auth data — email address and authentication metadata via Supabase when you sign in or create an account.
- Purchase records— Stripe customer ID, subscription status, and payment metadata when you buy a Buyer's Pass. We never see or store your full card number.
- Analytics & product telemetry — anonymized event data via PostHog and aggregate web-vitals via Vercel Analytics. Used to understand which features earn their keep.
- Optional VIN lookups — vehicle identification numbers you submit to the scanner are persisted to deliver your report and to improve our pricing models.
How we use your data
- Deliver the price-intelligence product (deal pool, verdicts, comparisons).
- Manage your account, billing, and subscription state.
- Detect fraud and abuse (rate-limiting, login-anomaly detection).
- Improve our pricing models and product features in aggregate.
Third-party processors
We rely on the following sub-processors. Each has its own privacy policy governing data they process on our behalf:
- Supabase — auth and primary database.
- Stripe — payment processing and subscription billing.
- PostHog — product analytics and event tracking.
- Vercel — application hosting and Web Vitals.
- Resend — transactional email.
- Twilio — dynamic phone numbers used for dealer outreach.
- Anthropic — used only by the Deal Advisor feature for on-demand AI verdicts.
Cookies & local storage
We use first-party cookies and browser local storage for session management (Supabase auth), theme preference, and product analytics. We do not run third-party advertising trackers.
Your rights
You can request access to, export of, or deletion of your account data at any time by emailing privacy@carscout.ai. We will respond within the timeline required by applicable law.
Retention
Account and purchase data is retained for the life of your account plus the period required by tax and accounting law. Analytics data is retained in aggregate. Specific retention windows are pending legal review.
Contact
Questions, requests, or complaints: privacy@carscout.ai.