Legal
Security
Last updated 24 June 2026
We take the security of your data seriously. This page summarises the measures we use to protect the MentionScout Service and how to report a vulnerability. For how we handle personal data, see our Privacy Policy.
Encryption in transit
All traffic between your browser and MentionScout, and between MentionScout and our sub-processors, is encrypted using TLS. We do not serve the application over unencrypted connections.
Managed hosting
The Service runs on reputable managed cloud infrastructure with their physical, network and platform security controls. We apply security updates and follow current operational best practices.
Access controls
Access to production systems and customer data is limited to authorised personnel on a need-to-know basis. Passwords are stored hashed, and we use the principle of least privilege for internal access.
Sub-processors
We rely on a limited set of trusted third parties to deliver the Service:
- AI answer engine providers. OpenAI, Anthropic, Google and xAI, and Perplexity, which receive your prompts to generate the responses we measure.
- Paddle. Our Merchant of Record and payment processor.
- Cloud hosting and infrastructure. Our hosting, database, queue and content-delivery providers.
Your data is not used to train AI models
We do not sell your data, and we do not provide your content to AI providers to train their models. Where a provider's terms allow, we configure our integrations to exclude your inputs from model training.
Responsible disclosure
If you believe you have found a security vulnerability, please report it to [email protected]. We ask that you give us a reasonable opportunity to investigate and remediate before any public disclosure, and that you avoid accessing or modifying data that is not yours. We will acknowledge your report and keep you informed of our progress.