Skip to content
Scopable logoScopable

Privacy Policy

Effective Date: March 15, 2026
Last Updated: March 15, 2026

1. Introduction

This Privacy Policy describes how Scopable Inc. (“Scopable,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you access or use our platform, applications, APIs, website, and related services (collectively, the “Services”).

Scopable provides a platform for managed service providers (“MSPs”) and similar IT services organizations. In providing the Services, we may process data belonging to our customers (“Customers”) as well as data belonging to our Customers' end clients (“Clients”).

By using the Services, you agree to the collection, use, and disclosure of information in accordance with this Privacy Policy. See also our Terms of Service. Questions? Contact us.

2. Information We Collect

We collect information in the following categories:

2.1. Account Information

Information you provide when creating and managing your account, including your name, email address, organization name, role, and authentication credentials.

2.2. Billing and Transaction Information

If you subscribe to paid Services, we collect payment information processed through our third-party payment processor. We do not store complete payment card numbers on our servers.

2.3. Third-Party Platform Data

When you connect Third-Party Platforms (such as professional services automation tools, remote monitoring and management tools, identity platforms, or similar business tools) to the Services, we import and process data from those platforms as authorized by you. This may include service tickets, client records, contact information, contract details, configuration data, and other business data.

2.4. Client Data

Through your use of the Services, we may process data relating to your Clients, including contact information, service records, communication history, and other information imported from Third-Party Platforms or entered directly into the Services.

2.5. Usage Data

We automatically collect information about how you interact with the Services, including pages viewed, features used, actions taken, session duration, browser type, device information, operating system, and IP address.

2.6. Analytics Data

We use analytics tools to collect aggregated information about usage patterns. See Section 7 (Cookies and Tracking Technologies) for details.

2.7. Communications

Information you provide when you contact us for support, provide feedback, or otherwise communicate with us.

3. How We Use Information

We use the information we collect for the following purposes:

  • Providing the Services — To operate, maintain, and deliver the features and functionality of the Services;
  • Improving the Services — To analyze usage patterns, diagnose technical issues, and develop new features and enhancements;
  • Customer Support — To respond to your inquiries and provide technical assistance;
  • Communications — To send you service-related notices, updates, and security alerts;
  • Billing — To process payments and manage subscriptions;
  • Security — To detect, prevent, and address fraud, abuse, and security threats;
  • Compliance — To comply with legal obligations and enforce our Terms of Service; and
  • Aggregated Insights — To generate aggregated, anonymized, and de-identified data for analytics, benchmarking, and product development. Such data does not identify any individual.

4. Artificial Intelligence and Automated Processing

4.1. AI Features

The Services incorporate artificial intelligence and machine learning technologies to provide features such as data analysis, recommendations, content generation, and automated workflows.

4.2. How AI Processes Your Data

When you use AI-powered features, your Customer Data and Client Data may be transmitted to and processed by third-party AI service providers for the purpose of delivering the requested functionality.

4.3. No Training on Your Data

We do not use your Customer Data or Client Data to train third-party artificial intelligence or machine learning models. Data submitted to AI features is used solely to generate responses and provide functionality within the Services.

4.4. Data Retention for Product Improvement

We may retain inputs and outputs from AI-powered features for up to six (6) months for the purpose of improving our own Services, including evaluating performance, identifying errors, and enhancing functionality. This data is stored securely and is not shared with third-party AI providers for their training purposes.

4.5. AI Accuracy

AI-generated outputs may not always be accurate or complete. You are responsible for reviewing and verifying any AI-generated content before relying on it or sharing it with others.

5. How We Share Information

We do not sell your personal information. We may share information in the following circumstances:

5.1. Service Providers and Sub-Processors

We engage third-party service providers to perform functions on our behalf, including:

  • Cloud Infrastructure — Hosting, database management, and content delivery
  • Payment Processing — Subscription billing and payment handling
  • Analytics — Usage analysis and product improvement
  • AI and Machine Learning — Artificial intelligence features and functionality
  • Communications — Email delivery and notifications
  • Security — Fraud detection, threat monitoring, and access management

These providers are contractually obligated to use your information only as necessary to provide services to us and in accordance with this Privacy Policy.

5.2. Legal Requirements

We may disclose information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud.

5.3. Business Transfers

In connection with a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will provide notice before your information becomes subject to a different privacy policy.

5.4. With Your Consent

We may share information with your consent or at your direction.

6. Data Retention

6.1.

We retain your Customer Data for as long as your account is active or as needed to provide the Services.

6.2.

Upon account termination, we will retain your Customer Data for thirty (30) days to allow for export, after which it may be deleted in accordance with our data retention schedules.

6.3.

We may retain certain information as required by law or for legitimate business purposes, including fraud prevention, dispute resolution, and enforcement of our agreements.

6.4.

Aggregated, anonymized, and de-identified data may be retained indefinitely.

6.5.

AI-related data is retained as described in Section 4.4.

7. Cookies and Tracking Technologies

7.1. Website (scopable.io)

Our website uses the following tracking technologies:

  • Google Analytics — To analyze website traffic and usage patterns
  • Ahrefs Analytics — To analyze website performance and search visibility

7.2. Application (app.scopable.io)

Our application uses PostHog — To analyze product usage, feature adoption, and user experience.

7.3. Essential Cookies

We use essential cookies that are necessary for the functioning of the Services, including authentication, session management, and security cookies.

7.4. Managing Cookies

Most browsers allow you to control cookies through their settings. Disabling certain cookies may affect the functionality of the Services. For more information, visit your browser's help documentation.

8. Data Security

8.1.

We implement commercially reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction.

8.2.

These measures include encryption of data in transit and at rest, access controls, regular security assessments, and monitoring for unauthorized access.

8.3.

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8.4.

You are responsible for maintaining the security of your account credentials and for any activity under your account.

9. International Data Transfers

9.1.

Our Services are hosted in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States.

9.2.

If you are located in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, we rely on appropriate legal mechanisms for international data transfers, which may include Standard Contractual Clauses approved by the European Commission or other applicable transfer mechanisms.

9.3.

By using the Services, you acknowledge and consent to the transfer and processing of your information in the United States.

10. Your Rights Under GDPR

If you are located in the EEA, the United Kingdom, or Switzerland, you have the following rights under applicable data protection law:

  • Right of Access — You may request a copy of the personal data we hold about you.
  • Right to Rectification — You may request that we correct inaccurate or incomplete personal data.
  • Right to Erasure — You may request that we delete your personal data, subject to certain exceptions.
  • Right to Restrict Processing — You may request that we limit how we use your personal data.
  • Right to Data Portability — You may request a copy of your personal data in a structured, commonly used, machine-readable format.
  • Right to Object — You may object to our processing of your personal data in certain circumstances.
  • Right to Withdraw Consent — Where we rely on consent as the legal basis for processing, you may withdraw consent at any time.

To exercise any of these rights, contact us at . We will respond within thirty (30) days or as required by applicable law.

You also have the right to lodge a complaint with your local data protection supervisory authority.

10.1. Legal Basis for Processing (GDPR)

Where GDPR applies, we process personal data on the following legal bases:

  • Performance of a contract — To provide the Services in accordance with our Terms of Service
  • Legitimate interests — For product improvement, security, fraud prevention, and analytics, where these interests are not overridden by your rights
  • Consent — Where you have provided explicit consent
  • Legal obligation — To comply with applicable laws

10.2. Data Processing Agreements

If you require a Data Processing Agreement (“DPA”) in connection with your use of the Services, please contact us at .

11. Your Rights Under CCPA

If you are a California resident, you have the following rights under the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”):

  • Right to Know — You may request that we disclose the categories and specific pieces of personal information we have collected about you.
  • Right to Delete — You may request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Correct — You may request that we correct inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing — We do not sell or share your personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination — We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at or submit a request through our website.

We will verify your identity before processing your request and respond within forty-five (45) days as required by law.

11.1. Categories of Personal Information

In the preceding twelve (12) months, we may have collected the following categories of personal information: Identifiers (name, email, IP address); Commercial Information (subscription records, billing history); Internet Activity (browsing history, feature usage, interactions); Professional Information (organization name, job title); Geolocation (general location derived from IP address).

12. Customer Responsibilities as Data Controllers

12.1.

When you use the Services to process Client Data, you act as the data controller (or equivalent under applicable law) and we act as a data processor on your behalf.

12.2.

You are responsible for:

  • (a) Providing appropriate privacy notices to your Clients;
  • (b) Obtaining all necessary consents for the collection and processing of Client Data;
  • (c) Ensuring your use of Client Data through the Services complies with applicable privacy and data protection laws; and
  • (d) Responding to data subject requests from your Clients regarding their personal data.

12.3.

We will reasonably assist you in fulfilling your obligations as a data controller, including responding to data subject access requests, to the extent that we are able.

13. Children's Privacy

The Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website, through the Services, or via email. Your continued use of the Services after such notice constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Scopable Inc.
Email:
Website: https://scopable.io

For GDPR-related inquiries:

End of Privacy Policy