Security
Last updated: March 1, 2026
1. Our Commitment
Protecting your data is fundamental to everything we build at DealScope. We employ industry-standard security practices and continuously invest in keeping your information safe. This page describes the measures we take to safeguard your account, your data, and the platform itself.
2. Infrastructure & Hosting
DealScope is hosted on enterprise-grade cloud infrastructure with SOC 2 Type II certified providers. All servers run in isolated environments with automated patching and 24/7 monitoring. Our infrastructure is deployed across multiple availability zones to ensure uptime and resilience.
3. Encryption
All data transmitted between your browser and DealScope is encrypted using TLS 1.2 or higher. Data at rest — including property reports, account information, and payment details — is encrypted using AES-256 encryption. Database backups are also encrypted and stored in geographically separated locations.
4. Authentication & Access Control
User authentication is managed by Clerk, a SOC 2 compliant identity platform. We support multi-factor authentication (MFA) and encourage all users to enable it. Internal access to production systems is restricted to authorized personnel using role-based access controls, hardware security keys, and audit-logged sessions.
5. Payment Security
DealScope does not store credit card numbers or sensitive payment credentials on our servers. All payment processing is handled by Paddle, a PCI DSS Level 1 certified payment processor. Your billing information is transmitted directly to Paddle over encrypted connections.
6. Data Privacy & Retention
We collect only the data necessary to provide the Service. Property searches and generated reports are associated with your account for your convenience and are retained according to our Privacy Policy. You may request deletion of your data at any time by contacting us. For full details, see our Privacy Policy.
7. AI & Report Data Handling
Property data used to generate reports is sourced from licensed third-party providers and public records. AI-generated analysis is processed in secure, isolated environments. We do not use your individual property searches or reports to train AI models. Report outputs are stored encrypted and accessible only to the account that generated them.
8. Incident Response
We maintain a documented incident response plan that includes detection, containment, investigation, and notification procedures. In the event of a security breach that affects your personal data, we will notify impacted users within 72 hours as required by applicable law.
9. Vulnerability Disclosure
We welcome responsible disclosure of security vulnerabilities. If you discover a potential security issue, please report it to security@dealscope.ai. We ask that you give us reasonable time to investigate and address the issue before making any public disclosure.
10. Continuous Improvement
We regularly review and update our security practices as threats evolve. This includes periodic security assessments, dependency audits, and staying current with industry best practices. Our engineering team follows secure development lifecycle (SDLC) principles throughout the development process.
11. Contact Us
If you have questions about our security practices or wish to report a concern, contact us at security@dealscope.ai or write to: DealScope Inc., Security Team, 123 Innovation Drive, San Francisco, CA 94105.