Privacy Policy

Last updated: June 5, 2026

At Scopzi, we take the privacy and security of your organization, projects, and communications extremely seriously. This Privacy Policy details the types of information we collect, how we isolate and secure it, and your rights regarding that data.

1. Database Security & Tenant Isolation

Scopzi is built on Supabase (PostgreSQL) using Row-Level Security (RLS) policies. All data boundaries are strictly enforced:

  • Organization Boundaries: Your dashboard, clients, proposals, change orders, and scope items are isolated at the database level. Members of one organization cannot view or modify data belonging to another.
  • Client Portal Protection: Clients accessing the portal can only view messages, approvals, and invoice records explicitly linked to their project. They do not have access to internal organization dashboards or metrics.

2. Information We Collect

To provide the Scope Firewall service, we collect the following:

  • Account Information: Name, email address, password hash, and billing metadata when registering for an account.
  • Workspace Data: Client contact details, project specifications, scope milestones, deliverables, and change orders.
  • Communication logs: Messages exchanged in the client portal, which our AI helper parses to classify requests as in-scope, out-of-scope, or goodwill.

3. AI Processing & Telemetry

Our AI analysis parses client communication and uploaded documents (like proposals or PDFs) to assist in extracting scope and drafting change orders.

  • We log AI prompt parameters and classification outputs in an internal telemetry log for safety, cost monitoring, and security audit purposes.
  • We do not sell your conversation logs or files to third-party data aggregators.

4. Data Retention

We retain your workspace data as long as your organization account is active. If you close your workspace, we delete or archive your data in compliance with standard backup retention policies, unless required to retain it by law.

5. Contact Us

If you have any questions about this Privacy Policy or database isolation models, please visit our Contact Page.