← Back to Scout

Privacy Policy

Last updated: 10 January 2026

1. Introduction

CODAI Scout ("Scout", "we", "us", or "our") is operated by CODAI Solutions, committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI business consultant service at scout.codai.ai.

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and, where applicable, the General Data Protection Regulation (GDPR) for European visitors.

2. Information We Collect

2.1 Anonymous Session Data

When you visit Scout, we automatically assign you an anonymous session ID stored in your browser. This allows us to maintain conversation continuity without requiring account creation. We collect:

  • Session ID (randomly generated UUID)
  • Timestamp of first visit
  • Browser type and version
  • Device type (desktop, mobile, tablet)
  • IP address (for security and rate limiting)

2.2 Conversation Data

When you interact with Scout's AI consultant, we collect and store:

  • Your questions and messages
  • Scout's responses
  • Conversation metadata (timestamps, message count)
  • Scenario card selections (which business challenges you click)

2.3 Intelligence Extraction (Lead Data)

If you voluntarily provide business information during conversations, our AI may extract and store:

  • Your name
  • Email address
  • Company name
  • Industry sector
  • Business challenges and needs
  • Budget indicators
  • Timeline preferences

Note: We only extract information you explicitly share. We do not scrape external data sources or use tracking pixels.

3. How We Use Your Information

We use the collected information for:

  • Service Delivery: Providing AI-powered business consulting and maintaining conversation context
  • Lead Management: Identifying qualified leads and connecting you with CODAI's consulting team
  • Service Improvement: Analyzing conversation patterns to improve Scout's AI responses
  • Security: Preventing abuse, spam, and malicious activities through rate limiting
  • Communications: Responding to inquiries and providing follow-up information (only if you provide contact details)
  • Legal Compliance: Meeting our obligations under Australian law

4. Third-Party Services

Scout uses the following third-party services:

4.1 Anthropic Claude AI

Your conversations are processed by Anthropic's Claude AI to generate responses. Anthropic does not train AI models on your data. See Anthropic's Privacy Policy for details.

4.2 AWS Lightsail (Hosting)

Scout is hosted on AWS Lightsail servers in Sydney, Australia. All data is stored within Australia in compliance with APP 8 (Cross-border disclosure of personal information). CODAI Solutions operates from Melbourne, Victoria.

5. Data Storage and Security

We implement industry-standard security measures to protect your information:

  • TLS/SSL encryption for all data in transit
  • Encrypted database storage (PostgreSQL with encryption at rest)
  • Rate limiting to prevent abuse
  • Regular security audits and updates
  • Access controls limiting data access to authorized personnel only

All data is stored in Australia and is subject to Australian data protection laws including the Privacy Act 1988 (Cth).

6. Your Rights (Australian Privacy Principles)

Under the Australian Privacy Principles, you have the right to:

  • Access: Request access to your personal information we hold
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)
  • Opt-out: Decline to provide information (note: this may limit Scout's ability to assist you)

For European visitors, you also have GDPR rights including data portability and the right to object to processing.

7. Data Retention

We retain your data for the following periods:

  • Anonymous sessions: 12 months from last activity
  • Conversation data: 24 months (for service improvement)
  • Lead data: 36 months or until you request deletion
  • Security logs: 6 months (for fraud prevention)

After these periods, data is automatically deleted unless legally required to be retained longer.

8. Cookies and Tracking

Scout uses minimal cookies for essential functionality:

  • scout_session_id: Anonymous session tracking (expires after 30 days of inactivity)

We do not use:

  • Google Analytics or other third-party analytics
  • Advertising cookies or tracking pixels
  • Social media tracking (Facebook Pixel, LinkedIn Insight, etc.)

9. Children's Privacy

Scout is intended for business users and is not directed at children under 18. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of Scout after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related inquiries, requests to access or delete your data, or complaints:

CODAI Solutions

Email: privacy@codai.ai

Website: codai.ai/contacts

Location: Melbourne, Victoria, Australia

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Return to Scout