Security & Privacy

OpenScouter is built on the principle that your study data and your testers’ personal information belong to you. This page explains exactly how we protect both.

Infrastructure and Hosting

OpenScouter runs across three cloud providers, each chosen for reliability and security maturity.

Platform: The application is deployed on Vercel, which provides edge-cached delivery, automatic HTTPS, and DDoS protection at the network layer.

Database: All study data, user accounts, reports, and tester records are stored in Supabase Cloud. Supabase runs on AWS and holds SOC 2 Type II certification.

AI Microservice: Facial verification for tester identity checks runs on a dedicated Railway service using the DeepFace library. This service is isolated from the main application and handles no long-term data storage.

Encryption

All data in transit is protected with TLS 1.2 or higher. This applies to every connection between your browser, the OpenScouter platform, and our backend services.

Data at rest is encrypted through Supabase’s managed encryption layer, which uses AES-256 encryption for all stored records. You do not need to configure this yourself. It is on by default for every account.

Access Control

Your data, your access

OpenScouter is designed so that only the people who should see your data can see it. No OpenScouter employee has routine access to the content of your studies or reports.

Every database table in OpenScouter uses Row-Level Security (RLS). This is enforced at the database level, not just in application code. A query from one organisation cannot return rows belonging to another, even if a bug existed in the application layer.

Access within your organisation follows a role-based model:

• Owners can manage billing, invite members, and delete the account.
• Admins can create and manage studies, view all reports, and manage team members.
• Members can create studies and view reports they have been granted access to.

Permissions are checked on every request. There is no way to escalate privileges without an explicit role change from an Owner or Admin.

Tester Anonymisation

Client-facing reports never reveal the identity of individual testers. When you receive a report, findings are attributed to tester profiles described by their relevant characteristics (for example, “a tester who uses a screen reader and has ADHD”) rather than by name, photo, or any personally identifiable detail.

This protects testers from unwanted contact and ensures your team evaluates feedback on its merit.

Why anonymisation matters

Testers share honest, sometimes critical feedback because they trust it will not be traced back to them. Anonymisation is not a compliance checkbox. It is what makes candid feedback possible, and candid feedback is what makes our reports useful.

Data Retention

OpenScouter retains your study data for as long as your account is active. Once a study is closed, its data remains accessible in your dashboard for reference and compliance purposes.

Tester-submitted recordings and interaction data are deleted from our servers 90 days after a study closes, unless you have exported them first. Aggregated findings in your report are not affected by this deletion.

Raw facial verification data processed by the DeepFace microservice is never stored. It is used in real time to confirm tester identity and then discarded.

Data Export and GDPR Portability

You have the right to export all data associated with your account at any time. To request a full data export:

1. Go to Settings > Account.
2. Select Export my data.
3. A download link will be sent to your registered email address within 48 hours.

The export includes all study configurations, reports, and account metadata in JSON format. This satisfies GDPR Article 20 data portability requirements.

If you need a specific subset of data (for example, only reports from a particular study), contact privacy@openscouter.com and we will prepare a targeted export.

Account Deletion

Deleting your account permanently removes all associated data from our systems. This action cannot be undone.

To delete your account:

1. Go to Settings > Account.
2. Select Delete account.
3. Confirm by entering your password.

After confirmation, your account and all study data are queued for deletion. The process completes within 30 days, after which no recoverable copies remain in our systems or backups.

If you are under a paid plan, deletion cancels your subscription immediately. No further charges are made.

Incident Response

If a security incident affects your data, we will notify you by email within 72 hours of becoming aware of the breach. The notification will include:

• What data was affected
• What we believe happened
• What we have done to contain it
• What steps you should take

For incidents that meet GDPR breach notification thresholds, we also notify the relevant supervisory authority within the same 72-hour window.

After any incident, we publish a post-mortem within 14 days. We believe transparency after an incident is as important as prevention.

Vulnerability Disclosure

If you discover a security vulnerability in OpenScouter, we want to hear from you before it reaches anyone else.

Please review our Vulnerability Disclosure Policy for reporting guidelines, scope, and our commitment to researchers who act in good faith. We do not pursue legal action against researchers who follow responsible disclosure practices.

You can also reach our security team directly at security@openscouter.com.