🎯 Free: your first AI visibility check in 5 minutes, refreshed every 7 daysTry it free →

Privacy Policy

Effective date: April 29, 2026 Version: 1.5 (English)

This English version is provided for convenience. Users located in the Russian Federation are additionally governed by the Russian-language Privacy Policy at /privacy, which reflects the requirements of Federal Law No. 152-FZ. In case of discrepancy, the Russian version prevails for users in the Russian Federation.

1. Who we are

The data controller is Individual Entrepreneur Vladislav Puchkov (OGRNIP 325527500077954, INN 525714183108), operator of the GEO Scout Service (the "we", "us", "Operator").

Contact: support@geoscout.pro

2. Scope

This Privacy Policy describes how we collect, use, share, and protect personal data of visitors, registered Users, and paying customers of GEO Scout. It applies to our website, dashboard, APIs, and related services.

3. Data we collect

3.1 Account data

Email address, name, hashed password, authentication tokens, profile preferences, language, locale, timezone.

3.2 Billing data

Subscription plan, billing period, invoice history, receipt identifiers, payment status. Card details are processed directly by the payment provider (YooKassa or, for international users, another processor we may integrate) and are never stored on our servers.

3.3 Service data

Brand URLs, competitor URLs, prompts, keyword clusters, content plans, notification settings, reports — any data you submit in order to use the Service.

3.4 Usage data

Device type, browser, IP address, country, pages viewed, actions performed, feature usage, performance metrics, and error logs. Collected for security, analytics, and product improvement.

3.5 Support data

Contents of your support requests and communications with us.

3.6 Cookies

See our Cookie Policy.

4. Legal bases (for EEA/UK users)

We rely on the following legal bases under GDPR:

  • Contract — to provide the Service you requested;
  • Legitimate interests — to secure the Service, prevent fraud, analyse usage, and improve features;
  • Consent — for marketing communications and non-essential cookies;
  • Legal obligation — to comply with accounting, tax, and law enforcement requirements.

5. How we use your data

  • Operate and maintain the Service;
  • Authenticate you and secure your Account;
  • Process payments and issue receipts;
  • Provide customer support;
  • Send transactional emails (e.g. receipts, security alerts, service notices);
  • Send product updates and marketing if you opted in;
  • Analyse usage in aggregate to improve the product;
  • Detect and prevent abuse, fraud, and violations of these Terms;
  • Comply with legal obligations.

6. Third-party processors

We share data only with trusted processors acting on our instructions. We distinguish two categories:

Processors of personal data (account, billing, communications):

  • Supabase (self-hosted in Russia) — primary database and authentication;
  • YooKassa — payment processing (Russia);
  • Transactional email provider — registration and service emails (specific provider available on request);
  • Sentry — application error monitoring (US/EU);
  • Umami Analytics — privacy-friendly, first-party usage analytics (EU cloud or self-hosted);
  • Telegram — optional bot notifications, Chat ID only (UAE/Germany).

Processors of business data (NOT personal data) — receive only search prompts and public URLs:

  • OpenAI (ChatGPT) — US;
  • Anthropic (Claude) — US;
  • Google (Gemini via AI Studio; Google AI Mode and Google AI Overview via ScrapingDog) — US;
  • xAI (Grok via OpenRouter) — US;
  • Perplexity AI (via OpenRouter) — US;
  • DeepSeek (via OpenRouter with Exa Search) — China/US;
  • Yandex — Russian Search with Alice and Alice AI (Russia);
  • Firecrawl — web scraping for brand websites (US);
  • Google PageSpeed Insights — performance metrics (US);
  • Yandex Webmaster API — site quality metrics (Russia, optional integration).

A full list of sub-processors and their current locations is available on request via support@geoscout.pro.

7. International transfers

Personal data of Russian residents (account credentials, profile, billing identifiers) is stored on infrastructure located in the Russian Federation, in line with Article 18 of Federal Law No. 152-FZ. Business data sent to AI providers (search prompts, public URLs) may be processed in the United States, the European Union, China, the United Arab Emirates, or other jurisdictions where the relevant processor operates. For users outside Russia, the same flows apply: account data is stored on our Russian infrastructure and processing of business data abroad is performed under the providers' standard terms; where required by your local law, transfers rely on Standard Contractual Clauses or equivalent safeguards. By using the Service from outside Russia you acknowledge and consent to this transfer.

8. Data retention

  • Account data — while your Account is active, plus up to 12 months after deletion for legal and dispute-resolution purposes;
  • Billing data — as required by accounting and tax law (typically 5 years);
  • Usage logs — up to 12 months;
  • Support correspondence — up to 3 years.

After the retention period ends, data is deleted or anonymised.

9. Your rights

You may, subject to applicable law:

  • Access the personal data we hold about you;
  • Correct inaccurate data;
  • Request deletion ("right to be forgotten") subject to legal retention;
  • Restrict or object to processing;
  • Export your data in a portable format;
  • Withdraw consent for marketing and optional cookies;
  • Lodge a complaint with your local data protection authority.

Exercise requests: support@geoscout.pro. We will respond within 30 days.

10. Security

We apply industry-standard measures including encryption in transit (TLS), encryption at rest where supported by the underlying service, Row Level Security (RLS) at the database layer, hashed passwords, access controls, and continuous monitoring. No system is perfectly secure; please use strong passwords and keep your credentials safe.

11. Children

The Service is not directed to individuals under 18. We do not knowingly collect data from children.

12. Automated decision-making

We do not make decisions with legal or similarly significant effects based solely on automated processing.

13. Changes

We may update this Policy. Material changes will be announced in-app or by email at least 14 days before they take effect.

14. Contact

Privacy questions and requests: support@geoscout.pro.