Privacy Policy

Last updated: April 14, 2026

1. Introduction

Woscout ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, web application, and related services (collectively, the "Service").

Woscout is a product operated by Granlead LLC.

Please read this Privacy Policy carefully. By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

  • Register for an account (name, email address, password)
  • Subscribe to our services (billing information, payment method)
  • Contact us through our support channels
  • Participate in surveys, promotions, or marketing communications
  • Use features that require you to provide shop or marketplace information

2.2 Automatically Collected Information

When you access our Service, we automatically collect certain information, including:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on the Service
  • Log Data: Access times and referring URLs. IP addresses are processed transiently for security and rate limiting — raw IP addresses are never stored or logged.
  • Cookies: Session and persistent cookies required for authentication and your preferences. We do not use tracking pixels or third-party advertising cookies.

2.3 Third-Party Data Sources

Our Service aggregates and analyzes publicly available data from third-party marketplace platforms, including Etsy. This data is obtained through official APIs in accordance with each platform's terms of use and developer agreements. We do not collect private seller account data or buyer information through these integrations.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To provide, maintain, and improve our Service
  • Account Management: To create and manage your account, process payments, and communicate with you
  • Analytics: To generate market research insights and reports based on aggregated data
  • Customer Support: To respond to your inquiries and provide technical assistance
  • Security: To detect, prevent, and address fraud, security breaches, and technical issues
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Marketing: To send you promotional communications — only with your explicit prior consent, which you can withdraw at any time

4. How We Share Your Information

We do not sell your personal identifying information. We may share anonymized, aggregated market insights, or share your information only in the following limited circumstances:

  • Service Providers: Third-party vendors who perform services on our behalf (payment processing, hosting, analytics)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection of Rights: To protect the rights, property, or safety of Woscout, our users, or others
  • With Your Consent: When you have given us explicit permission to share your information

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (SSL/TLS) and at rest
  • Secure authentication mechanisms
  • Regular security assessments and updates
  • Access controls limiting employee access to personal data

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy. Specific retention periods:

  • Account data: Retained while your account is active. Deleted or anonymised within 30 days of account deletion.
  • Analytics snapshots: Automatically deleted after 7 days.
  • Error logs: Automatically deleted after 30 days.
  • Sales history cache: Retained for up to 365 days to power historical trend data, then automatically purged.
  • Billing records: Retained for up to 7 years where required by financial regulations.

Where retention is required by law or for legitimate dispute resolution, we retain only the minimum data necessary for that purpose.

7. Your Rights and Choices

You have the following rights over your personal information. EU, UK, and Brazilian residents have these rights guaranteed under GDPR, UK GDPR, and LGPD respectively. We extend the same rights to all users globally:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (right to be forgotten)
  • Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing for direct marketing at any time, with no justification required
  • Restrict: Request that we limit how we use your data while a dispute is resolved
  • Withdraw Consent: Withdraw consent for any processing based on consent — without affecting the lawfulness of prior processing

To exercise these rights, please contact us at [email​protected].

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your activity on our Service. Cookies are small data files stored on your device. We use:

  • Essential Cookies: Required for the Service to function properly (authentication, session management, security)
  • Analytics Cookies: Help us understand how visitors interact with our Service (e.g. Vercel Speed Insights). Only set with your consent.
  • Preference Cookies: Remember your UI settings and preferences across visits. Only set with your consent.

Server-side analytics: We count unique visitors per hour using an anonymous aggregate counter. Raw IP addresses are never stored — they are immediately converted to an irreversible daily-rotating identifier that resets at midnight and cannot be linked back to you. For authenticated users, we record minimal session activity (page path, country, plan type) strictly for security, rate limiting, and abuse prevention under our Terms of Service.

Your choices: When you first visit Woscout, you are asked for consent before any non-essential cookies are set. You can withdraw or update your consent at any time via the "Cookie Settings" link in the footer of any page.

You can also control cookies through your browser settings. Note that disabling essential cookies may limit your ability to use some features of our Service.

9. Third-Party APIs and Data Sources

Important Notice: Woscout uses the Etsy Open API and other third-party APIs to provide market research data. Our use of the Etsy API is governed by Etsy's API Terms of Use and Etsy's Privacy Policy. Our use of other third-party APIs is subject to their respective terms and policies. We only access publicly available data as permitted by these agreements. Woscout is not affiliated with, endorsed by, or certified by Etsy, Inc. or any other third-party platform.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

11. International Data Transfers

Your information may be processed in countries other than your own. We ensure all international transfers are protected through appropriate legal safeguards:

  • Supabase (database and authentication): operates under Standard Contractual Clauses (SCCs) approved by the European Commission
  • Vercel (hosting and performance): operates under SCCs and serves EU traffic from EU infrastructure where possible
  • Stripe (payments): certified under applicable international data transfer frameworks

These safeguards ensure your data receives the same level of protection regardless of where it is processed.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For minor changes, we will update the "Last updated" date on this page. For material changes — changes that significantly affect how we use your data — we will notify you directly by email at least 14 days before they take effect, giving you time to review and, if needed, delete your account before the changes apply. Continued use of the Service after that notice period does not override your rights under applicable privacy law.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: [email​protected]
General Inquiries: [email​protected]