Last updated: today
Privacy Policy
ScopeGuard uses Supabase Auth for login and stores business data in the configured PostgreSQL database. We also record audit events to provide traceability for signing workflows. This Privacy Policy explains how your information supports account access, OTP signing, and auditability.
What we collect
Your email and profile details used for authentication and account creation, plus signed contract events needed to support audit trails.
SSO / OAuth
If you sign in using SSO/OAuth, the identity provider authenticates you. ScopeGuard only verifies and syncs the identity claims needed to create and secure your workspace.
Audit logs and security events
ScopeGuard stores signing-related metadata (such as actions, participants, and optional metadata) to maintain an audit trail. These records help you review what happened and when, and they support integrity checks across scope changes.
How we use data
We use the information to run contract workflows: drafting, signing, OTP verification, approvals, and audit event storage.
Legal basis
Where applicable, we rely on contractual necessity, legitimate interests, and/or consent to process your information. You can learn more about privacy and data protection principles at GDPR resource guides.
Contact
For privacy questions, use the email in the footer.
Data retention
ScopeGuard may retain contract snapshots and signing metadata as needed to support audit requirements and to allow you to review historical decisions. If you need help understanding what is retained for your workspace, contact us using the email in the footer.
Updates to this Privacy Policy
We may update this Privacy Policy from time to time. The “Last updated” date indicates when it was last revised. Continued use after updates means you accept the updated policy.