How ScaledOS protects your data - infrastructure, encryption, AI data handling, access controls and our breach response commitments.
| Component | Detail |
|---|---|
| Hosting provider | Google Cloud Platform (GCP) |
| Data residency | United Kingdom and European Economic Area (EEA) |
| Framework | Next.js 14, Firebase, hosted on GCP infrastructure |
| Database | Firebase / Firestore with encryption at rest |
| Authentication | Secure login with encrypted session management |
ScaledOS uses AI in one optional feature: automated extraction of figures from an uploaded P&L document.
| Question | Answer |
|---|---|
| Which AI service is used? | Google Gemini API - paid tier only |
| Does Google train on our data? | No. The paid Gemini API does not use submitted data to train models. This is confirmed by Google's enterprise terms. |
| What is sent to the AI? | Only the contents of your uploaded P&L document |
| Is your name, email or account data sent? | Never. Only the document is transmitted, without any identifying metadata |
| Can I avoid AI entirely? | Yes. Manual entry is always available and sends nothing to any AI service |
| Does the Buyer's Verdict use my financials? | No. It receives only your EV score and domain sub-scores - never your raw figures or identity |
We do not use any free AI tiers, consumer AI products or AI services that train on submitted data.
We retain your data for as long as your account is active. Full retention schedules are in our Privacy Policy. Key points:
In the event of a personal data breach that is likely to affect your rights and freedoms, we will:
Our development partner Polyphrōn is contractually required to notify us of any breach within 24 hours of discovery during the development period.
Security is a shared responsibility. To keep your account secure:
If you discover a security vulnerability or have a concern about how we handle data, please contact us promptly. We take all reports seriously and will acknowledge receipt within 2 business days.
Email: privacy@scaled.co.uk
Subject line: Security concern - ScaledOS
Please do not publicly disclose any vulnerability until we have had a reasonable opportunity to investigate and address it.
Scaled Consulting Limited · Company no. 13828419
Old Warden, St. Anns Fort, King's Lynn, England, PE30 1QS