ScoutComic Intelligence

Privacy Policy

Last updated: May 5, 2026 · Effective: May 5, 2026

ComicScout ("Scout," "we," "us," "our") makes a real-time comic-book buying assistant for iOS. This Privacy Policy explains what we collect, how we use it, who we share it with, and the rights you have over your data. We've written it in plain language; the legal terms are still binding.

1. Who we are

ComicScout is operated from California, United States. You can reach us at hello@comicscout.co. For privacy-specific requests, use the same address with the subject line "Privacy Request."

2. What we collect

Account data

When you sign in with Apple, we receive an opaque user identifier and the email address you choose to share (real or relay). We do not receive your Apple ID password and we cannot link the relay address back to your real one.

Scan content

When you scan a listing — a photo, a screenshot, or a pasted URL — we send that image or URL to our servers so the model can analyze it. Scan images are processed in memory and deleted within 24 hours. A non-identifying record of the analysis (issue, grade, asking price, verdict, score) is retained so you can see your history and so the model can improve over time.

Usage analytics

We collect anonymized analytics: which screens were viewed, how long an analysis took, whether it succeeded or errored, app version, device model, and OS version. These events are not joined to your account identifier in our analytics warehouse.

Subscription & billing

Subscriptions are processed by Apple through StoreKit. We receive a transaction receipt and renewal status; we do not see your payment instrument, billing address, or App Store name. Purchases are governed additionally by Apple's privacy policy.

Diagnostic logs

If the app crashes or an analysis errors, we receive a stack trace and the request ID. These logs may include the URL you were analyzing but are scrubbed of personal identifiers and deleted after 30 days.

3. What we do not collect

  • We do not access your photo library beyond the single image you choose to scan.
  • We do not request location, contacts, microphone, or motion data.
  • We do not embed third-party advertising SDKs.
  • We do not sell, rent, or trade your personal information. Period.

4. How we use what we collect

  • To deliver the verdict — image analysis, comp lookup, and risk-flag detection.
  • To run your account — sign-in, history, watchlist, subscription state.
  • To improve the model — aggregated, de-identified scan metadata informs which signals improve verdict accuracy.
  • To fix bugs and prevent abuse — diagnostic logs and rate-limit telemetry.
  • To comply with the law — when we receive a valid legal process.

5. Who we share with

We share data only with vendors who help us run the service, under contracts that bind them to the same protections we give you. As of the effective date these include:

  • Apple — Sign in with Apple, StoreKit, push notifications.
  • Cloud hosting — for compute and storage of analysis records.
  • Model providers — for image classification and language reasoning. Inputs are processed on a zero-retention basis where the provider supports it.
  • eBay public data — we read public sold-listing pages; we do not transmit your account data to eBay.

We do not share scan images with advertisers, data brokers, or analytics partners.

6. Your rights

Wherever you live, you can ask us to:

  • Access the personal information we hold about you.
  • Correct inaccuracies in your account record.
  • Delete your account and associated history. We honor deletions within 30 days; backup copies expire on a 90-day rolling cycle.
  • Export your scan history as JSON or CSV.
  • Opt out of model-improvement use of your scan metadata.

European Economic Area, United Kingdom & Switzerland (GDPR)

Our legal bases are: performance of the contract (delivering the analysis you requested), legitimate interests (security, fraud prevention, model improvement), and consent (where required for analytics on certain platforms). You have the right to object, restrict processing, and lodge a complaint with your local supervisory authority.

California, Colorado, Virginia, Connecticut, Utah (US state laws)

We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA, CPA, VCDPA, CTDPA, or UCPA. You can exercise your access, deletion, and correction rights via hello@comicscout.co. We do not discriminate against users who exercise privacy rights.

7. Children

ComicScout is intended for users 13 and older. We do not knowingly collect data from children under 13. If you believe a child has used the app, contact us and we will delete the account.

8. Data retention

  • Scan images: deleted within 24 hours.
  • Scan history records: kept until you delete the scan or your account.
  • Diagnostic logs: 30 days.
  • Analytics events: 13 months in aggregate.
  • Billing receipts: as required by tax law (typically 7 years).

9. Security

Data is encrypted in transit (TLS 1.2+) and at rest. Access to production systems is limited to engineers with hardware-key two-factor authentication. We follow industry-standard practices but no system is perfectly secure; if we discover a breach affecting your data, we will notify you within the timeframes required by law.

10. International transfers

Our servers are located in the United States. If you use the app from outside the US, your data is transferred to the US under appropriate safeguards including the EU Standard Contractual Clauses and the UK International Data Transfer Addendum.

11. Changes to this policy

If we make a material change, we will notify you in-app and update the "Last updated" date at the top. Continued use after a change means you accept the new policy.

12. Contact

Privacy questions or requests: hello@comicscout.co. We try to respond within 5 business days; under GDPR / CCPA we will respond within 30 / 45 days.