Overview
Scopture is built by Ducflair with data security and privacy at its core. This page summarizes how we protect your data. For full details on data collection and processing, see our Privacy Policy.
GDPR Compliance
Scopture is fully GDPR-compliant. We process your data only as described in our Privacy Policy, under lawful bases such as contract performance, consent, or legitimate interest. All third-party services we use are bound by Data Processing Agreements (DPAs).
For details on your data rights (access, correction, erasure, portability, restriction, objection), please refer to our Privacy Policy.
Enterprise customers requiring a signed Data Processing Addendum can contact us at [email protected].
Infrastructure
Scopture runs on Amazon Web Services (AWS) with data hosted in EU data centers. Key measures include:
- Encryption – TLS 1.3 in transit, AES-256 at rest
- Access controls – Role-based access control (RBAC) for all internal systems
- Authentication – Multi-factor authentication (MFA) support
- Backups – Automated backups with redundancy across availability zones
- Monitoring – Infrastructure and application monitoring via Grafana Cloud
Application Security
- Security patches and dependency updates are applied promptly
- Audit logging for data access and modifications is available for enterprise customers
- Cookieless, privacy-friendly analytics via self-hosted Umami (no personal data collected)
Contact
For security or privacy inquiries:
- Email: [email protected]
For general legal matters, see our Legal Hub.
Last updated: March 18, 2025