Privacy Policy

Last updated: March 2026

ScoutLoot ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our LEGO deal alert service.

1. Information We Collect

We collect information that you provide directly to us:

• Account Information: Email address, password (hashed), country, postal code (optional), and timezone preferences
• Watch Preferences: LEGO set and minifigure numbers, filter preferences, and collection data you configure
• Optional Integrations: If you connect Telegram, we store your Telegram chat ID and username to send deal alerts. If you connect Discord, we store your Discord webhook URL.
• Signup Attribution: When you sign up, we capture UTM campaign parameters and referrer information from the URL to understand how you found us. This data is stored with your account.

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain our deal alert service
• Send you deal notifications via your chosen channels (email, Telegram, Discord, or browser push)
• Calculate accurate shipping costs to your location using your country and postal code
• Send transactional emails: account verification, password resets, deal alerts, and subscription lifecycle notifications
• Improve and personalize our service

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

• Stripe: Processes payment card data and billing information for Pro subscriptions. We do not store your card details — Stripe handles all payment processing.
• Resend: Processes email addresses and delivers transactional emails (deal alerts, trial reminders, account notifications).
• Google: Processes authentication data when you sign in with Google. We receive only your email address and name — no passwords are shared. We also use Google Fonts to display text on our website.
• Telegram: If you connect Telegram, we use Telegram's API to deliver deal alert notifications to you.
• Legal Requirements: If required by law or to protect our rights
• Business Transfers: In connection with a merger or acquisition

4. Data From Marketplaces

Our service searches publicly available listings on eBay, BrickOwl, Amazon, and BrickLink. We do not access your accounts on these platforms or store any marketplace credentials. We only process listing information that is publicly visible.

5. Analytics and Conversion Tracking

We use the following analytics and tracking tools:

• Plausible Analytics: A privacy-friendly, GDPR-compliant analytics service that we self-host. Plausible does not use cookies, does not collect personal data, and does not track you across websites. It provides us with aggregate page view statistics only.
• Google Ads Conversion Pixel: We fire a Google Ads conversion event when a new user signs up. This sends a signup event to Google — no personal information (no email, no user ID) is transmitted. This helps us measure the effectiveness of our advertising.
• Reddit Conversion Pixel: Similar to Google Ads, we fire a Reddit conversion event on signup only. No personal data is sent.

We do not use Google Analytics, behavioural tracking, retargeting pixels, heatmaps, or session recordings.

6. Data Storage and Security

Your data is stored on secure servers located in the European Union. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

7. Data Retention

We retain your account information for as long as your account is active. You can request deletion of your account and associated data at any time by contacting us.

8. Your Rights (GDPR)

As an EU resident, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data
• Portability: Request your data in a machine-readable format
• Objection: Object to certain processing of your data

9. Cookies

We use minimal cookies necessary for the service to function. We do not use advertising cookies or third-party tracking cookies. For full details on what cookies and local storage we use, see our Cookie Policy.

10. Affiliate Links

Our deal links to eBay, Amazon, and BrickOwl may contain affiliate tracking codes. When you click a deal link and make a purchase, we may earn a commission at no additional cost to you. No personal data is shared with affiliate programs — only the click event is tracked by the respective marketplace.

11. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.

13. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

• Email: support@scoutloot.com