Privacy Policy

Last updated: February 5, 2026

1. Overview

Outscope ("Outscope," "we," "us," or "our") provides email testing and quality assurance services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Payment information (processed by Stripe; we do not store card numbers)

2.2 Test Email Data

When you send test emails to our sinkhole domains, we process:

  • Email headers (sender, recipient, subject line)
  • Email body content (HTML and plain text)
  • Attachments (if any)
  • Technical metadata (timestamps, routing information)

2.3 Usage Data

We automatically collect:

  • IP address and browser information
  • Pages visited and features used
  • API usage statistics

3. How We Use Your Information

We use collected information to:

  • Provide and improve our email testing services
  • Analyze test emails for quality issues (broken links, PII, formatting)
  • Generate analysis reports sent back to you
  • Process payments and manage subscriptions
  • Send service-related communications
  • Detect and prevent abuse or fraud

4. Data Retention

Test Emails: Retained for 90 days, then automatically deleted.

Account Data: Retained while your account is active. Deleted within 30 days of account closure.

Audit Logs: Retained for 1 year for security and compliance purposes.

5. Data Sharing

We share your information only with:

  • Service Providers: AWS (hosting), Stripe (payments), AI providers (email analysis)
  • Legal Requirements: When required by law, subpoena, or court order
  • Business Transfers: In connection with a merger or acquisition

We do not sell your personal information to third parties.

6. Your Rights (CCPA/GDPR)

Depending on your location, you have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data ("Right to be Forgotten")
  • Portability: Receive your data in a portable format
  • Opt-Out: Opt out of certain data processing activities
  • Non-Discrimination: We will not discriminate against you for exercising these rights

To exercise these rights, contact us at privacy@outscope.ai. We will respond within 30 days.

7. Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls and authentication
  • Regular security audits
  • SOC 2-aligned practices

8. International Transfers

Our services are hosted in the United States. If you are accessing from outside the US, your data will be transferred to and processed in the US. We use standard contractual clauses for EU data transfers.

9. Children's Privacy

Our service is not directed to individuals under 16. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the data promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the service after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights:

Email: privacy@outscope.ai