Legal

Security

Last updated 24 June 2026

We take the security of your data seriously. This page summarises the measures we use to protect the MentionScout Service and how to report a vulnerability. For how we handle personal data, see our Privacy Policy.

Encryption in transit

All traffic between your browser and MentionScout, and between MentionScout and our sub-processors, is encrypted using TLS. We do not serve the application over unencrypted connections.

Managed hosting

The Service runs on reputable managed cloud infrastructure with their physical, network and platform security controls. We apply security updates and follow current operational best practices.

Access controls

Access to production systems and customer data is limited to authorised personnel on a need-to-know basis. Passwords are stored hashed, and we use the principle of least privilege for internal access.

Sub-processors

We rely on a limited set of trusted third parties to deliver the Service:

  • AI answer engine providers. OpenAI, Anthropic, Google and xAI, and Perplexity, which receive your prompts to generate the responses we measure.
  • Paddle. Our Merchant of Record and payment processor.
  • Cloud hosting and infrastructure. Our hosting, database, queue and content-delivery providers.

Your data is not used to train AI models

We do not sell your data, and we do not provide your content to AI providers to train their models. Where a provider's terms allow, we configure our integrations to exclude your inputs from model training.

Responsible disclosure

If you believe you have found a security vulnerability, please report it to [email protected]. We ask that you give us a reasonable opportunity to investigate and remediate before any public disclosure, and that you avoid accessing or modifying data that is not yours. We will acknowledge your report and keep you informed of our progress.