Privacy Policy

Last updated: April 7, 2026

Scout is operated at scoutvoice.ai. For privacy questions, contact [email protected].

1. What We Collect

We collect the following categories of data, mapped to how Scout actually works:

(a) Account identifiers. Email address, name, and hashed password (or Google OAuth profile), collected at signup. Used for service delivery and authentication. Not shared with third parties. Retained until account deletion plus 30 days.

(b) Payment data. Card token and subscription ID, processed by our payment processor. We never see or store your full card number. Used for billing. Retained per the processor's retention policy.

(c) Usage metrics. Word counts, session duration, and audio minutes, reported by the desktop app. Used for billing, usage caps, and product improvement. Not shared with third parties. Retained while your account is active; anonymized after deletion.

(d) Audio data. Raw microphone audio, captured by your device microphone. Used for transcription. Streamed directly from your device to our speech-to-text provider — never to Scout's servers. Not retained by Scout; provider retention is governed by their respective service terms and data processing agreements.

(e) Active-window text. Text from the foreground application, read via operating system accessibility APIs. This can include focused-field text, selected text, nearby text in the focused app, and the active window title. In some apps, Scout can also determine text immediately before and after the caret. Enabled by default; disableable in Settings. Processed locally on your device to extract relevant terms (such as names and technical words). Extracted terms may be sent to the STT provider as pronunciation hints. Raw active-window text is not stored on Scout's servers.

(f) Semantic correction context (Pro only). When Pro semantic correction runs, the current dictated text and, if context awareness is enabled, a short excerpt of text immediately before the cursor or field tail (up to 500 characters), plus the active app label and window title, may be sent to Scout's servers and onward to our AI processing provider solely to improve transcript correction and formatting. This request data is not retained by Scout beyond request processing.

(g) Magic Edit and App Styles text. Your transcribed Magic Edit instruction, selected text, or text submitted for App Styles transformation, sent from the desktop app to a third-party AI provider for text transformation or generation. Not stored by Scout; the provider retains data per their data retention policy.

(h) Dictionary. User-defined words and phrases, entered via Settings. Used to improve transcription accuracy. Sent to the STT provider as keyterms. Retained until you delete them.

(i) Device and session data. IP address, app version, operating system, and platform, collected from the desktop app and website. Used for security, abuse prevention, and support. Not shared with third parties. Signup IP is stored on your user record; other session data is ephemeral.

(j) Transcript reports. When you report a transcript for quality review, the transcribed text, any note you add, session metadata (word count, duration, language, app version, platform), diagnostic telemetry (latency measurements, formatting decisions, error states), and your audio recording are sent to Scout's servers. Used to investigate and improve transcription accuracy. Not shared with third parties. Report audio is automatically deleted after 90 days. You may request earlier deletion at any time. Other report data is retained until resolved or until account deletion.

(k) Activity history. Recent dictation and Magic Edit history shown in the desktop app is stored locally on your device so you can review past activity. Scout does not keep that Activity history as a server-side log. Separate service data may still be processed as described elsewhere in this policy, including Magic Edit requests, semantic correction requests, usage metrics, and transcript reports. Local history remains on your device until you delete it from the app or remove the app's local data.

2. Audio Data

During normal dictation, audio streams directly from your device to our speech-to-text provider and never touches Scout's servers. Our servers issue temporary, scoped tokens — they never handle audio during normal use.

When you submit a transcript report, your audio recording is included to help us diagnose the issue. Report audio is stored on Scout's servers for up to 90 days and then permanently deleted. You may request earlier deletion at any time by contacting [email protected].

Our speech-to-text provider's retention of audio data is governed by their service terms and data processing agreement, and by Scout's configuration with the provider. Metadata (such as session timestamps and usage counts) may be retained for billing and operational purposes.

3. Context Awareness

Scout can optionally read text from the active application window (such as email content, chat messages, or document text) using operating system accessibility APIs. This can include text in the focused field, selected text, nearby content in the focused app, the active window title, and in some apps the text immediately before and after the caret. This text is processed locally on your device to extract relevant terms like proper nouns and names. These terms may be sent to the speech-to-text provider as pronunciation hints to improve transcription accuracy.

No screenshots are taken. Only the focused app is read via accessibility APIs; Scout does not inspect background windows. Raw active-window text is not stored on Scout's servers. When Pro semantic correction runs, Scout may send a short preceding-text excerpt, active app label, and window title as part of that single correction request. This feature is enabled by default and can be disabled at any time in Settings. When disabled, no application text is read for context awareness. Active-window text is processed solely for service delivery (transcription accuracy and correction quality) and is not used for any other purpose.

In development builds, Scout may also write local diagnostic logs on your device so you can inspect what context was captured during testing. Those logs stay on your machine unless you choose to share them with us, for example in a support ticket or transcript report.

4. How We Use Your Data

5. Data Sharing

We do not sell or share your personal information for cross-context behavioral advertising. We share data only with service providers necessary to operate Scout:

6. Data Retention

Account data is retained while your account is active. If you delete your account, we remove your personal data within 30 days. Anonymized usage statistics may be retained indefinitely. See the retention column in Section 1 for per-category details.

7. Security

We use HTTPS for all communications, argon2id for password hashing, and JWT-based authentication. API keys for STT providers are stored server-side and never exposed to clients.

8. Children's Privacy

Scout is not intended for users under 16. We do not knowingly collect information from children under 16. If we learn we have collected personal information from a child under 16, we will delete it promptly.

9. Cookies & Tracking

The Scout desktop app uses bearer tokens for authentication and does not use cookies. The web dashboard at scoutvoice.ai uses httpOnly cookies for authentication: a session cookie that keeps you signed in for up to one hour, and short-lived temporary cookies during Google sign-in (cleared immediately after use). These cookies are not used for tracking, advertising, or analytics — they exist solely for authentication.

We use a privacy-focused analytics provider for website traffic that does not use cookies or track individuals. We do not use tracking cookies, advertising cookies, or third-party marketing cookies. We do not serve targeted ads.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:

Categories we collect: Identifiers (email, name), commercial information (subscription data), internet/network activity (usage metrics), audio data (streamed directly to STT provider during normal use; temporarily stored by Scout when included in transcript reports, retained up to 90 days), and user content (dictated text submitted for semantic correction, Magic Edit, App Styles, transcript reports, and active-window text processed locally when context awareness is enabled).

Sources: Directly from you and automatically from your device.

Business purposes: Service delivery, billing, security, product improvement.

Categories disclosed to service providers: Identifiers to our payment processor, audio and extracted keyterms to our speech-to-text provider, and text submitted for semantic correction, Magic Edit, or App Styles, including limited active-window context when semantic correction uses it, to our AI processing provider.

Sale/sharing: We do not sell or share personal information for cross-context behavioral advertising.

Sensitive personal information: We do not use sensitive personal information for purposes beyond service delivery.

Your rights:

How to exercise your rights: Email [email protected] from the email address associated with your Scout account. We verify requests by matching the email to your account. We will respond within 45 days (extendable by an additional 45 days with notice). Authorized agents may submit requests with written authorization from the account holder.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area or the United Kingdom:

Controller: Scout, operated at scoutvoice.ai, contactable at [email protected].

Legal basis: Contract performance (service delivery), legitimate interest (product improvement, security).

Your rights: Access, rectification, erasure, restrict processing, data portability, object to processing (including active-window text processing under Article 21), withdraw consent, lodge a complaint with your local supervisory authority. You can disable active-window text processing at any time in Settings.

International transfers: Data is processed in the United States. Our service providers process data in the US under Standard Contractual Clauses (SCCs) or equivalent transfer safeguards per their respective data processing agreements.

Response time: Within one month of receipt (extendable by two months for complex requests, with notice).

We do not currently have an EU representative under Article 27. We will appoint one if required as our EU user base grows.

12. International Data Transfers

Scout's API server operates in the United States (Virginia). STT providers may process audio in various locations per their policies. All transfers to service providers are governed by their data processing agreements, which include Standard Contractual Clauses where required.

13. Third-Party Links

Our website and app may link to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

14. Changes

We may update this policy. Material changes will be communicated via email or in-app notification.

15. Contact

Questions? Email us at [email protected].