ParcelScope

Privacy Policy

Last updated: May 6, 2026

This policy explains what we collect, why, and what your rights are. We try to keep this short and human-readable.

What we collect

  • Account info — your email, name (optional), and a hashed password.
  • Usage telemetry — search queries, parcels viewed, exports run, add-on requests. Used for quota enforcement, analytics, and abuse prevention.
  • Payment metadata — Stripe handles card data; we store only the customer ID and subscription status.
  • Cookies — a single auth token in localStorage, no third-party ad-tech, no fingerprinting, no cross-site trackers.

What we don't collect

  • We don't fingerprint your browser.
  • We don't share your usage with advertisers.
  • We don't use Google Analytics, Meta Pixel, or similar.

Public records

ParcelScope displays property records from publicly available sources. If you are a property owner and want a record reviewed, email privacy@parcelscope.app. We process property-record removal requests in line with the source agency's rules.

Skip-trace data

When you run a skip-trace, we forward the parcel's owner snapshot to a third-party data broker. The broker's response is stored against your account so you can audit your usage. Skip-trace results may include personal contact information; you are responsible for using it lawfully (no FCRA-regulated decisions, no TCPA violations).

Direct mail

When you send a mail campaign, we forward the recipient name and address to our mail service provider for printing and delivery. We retain a record of pieces sent (status only — not the design).

Your rights

  • Access & export — email privacy@parcelscope.app for a copy of your account data.
  • Deletion — request account deletion at the same address; we purge personal data within 30 days, except where law requires retention.
  • California / GDPR — you may have additional rights to opt-out of certain uses; the email above is the channel for those requests.

Data location

Data is stored in US-based managed PostgreSQL. Backups are encrypted at rest. Access is limited to ThreatLabs employees and contractors under written confidentiality agreements.

Security

TLS in transit, bcrypt-hashed passwords, scoped JWTs, hourly off-host backups. We're a small team and we run incident response transparently — if user data is exposed, we'll notify affected users within 72 hours.

Changes

We'll post the date of the most recent update at the top of this page. Material changes get an email notice.