Where your data lives, how it's protected, and what credentials we store. No vague promises, just the facts.
Everything runs on established, audited infrastructure. We don't run our own servers for data storage.
All application data (your sites, plans, reports, settings) is stored on Convex, a cloud-hosted backend platform. Convex runs on AWS infrastructure and handles database storage, real-time queries, and server-side logic.
Convex Cloud (AWS)We use Google OAuth for sign-in. We never see or store your Google password. Google handles the authentication flow, and we receive an identity token that confirms who you are.
Google OAuth 2.0The web application is hosted on Netlify. It's a static site that talks to the Convex backend. No user data is stored on the frontend side.
Netlify CDNDaily site improvements run on a Railway-hosted worker. The worker processes jobs and sends results back to Convex. It doesn't store any data locally.
Railway (stateless)Every credential we store is encrypted before it hits the database. Here's what we store and how.
| Credential | What it does | Storage |
|---|---|---|
| Google OAuth tokens | Read your Search Console data, submit pages to Google's index | AES-256-GCM encrypted |
| WordPress app password | Push content changes to your WordPress site | AES-256-GCM encrypted |
| WooCommerce API keys | Access product data on WooCommerce stores | AES-256-GCM encrypted |
| GitHub connection | Push content changes to your GitHub repository | OAuth via GitHub App (no token stored) |
This is the same encryption standard used by banks and governments. Each credential gets its own random initialization vector (IV), so even identical passwords produce different encrypted values. The encryption key is stored as an environment variable, separate from the database.
Google OAuth access tokens expire after one hour. We automatically refresh them using the stored (encrypted) refresh token. If refresh fails, we ask you to reconnect rather than failing silently.
Every piece of data is tied to the user who owns it. There are no shortcuts around this.
Every request to our backend re-verifies your identity from the authentication session. We never trust a user ID passed from the browser. If the session is invalid, the request is rejected.
Before returning any data or allowing any change, the backend verifies you own the resource. Your sites, plans, reports, and settings are only accessible to you (and collaborators you explicitly invite).
Database queries always filter by the authenticated user first. There is no API endpoint that returns data across multiple users. Even our internal admin tools re-verify admin permissions on every request.
You can add collaborators to your sites. They get read and limited write access, but they can't change billing, delete sites, or access your stored credentials. Access is revocable at any time.
When you connect Scaup, here's exactly what we can and can't do.
We can read: search queries, clicks, impressions, page performance, indexing status.
We can do: submit individual URLs for re-indexing.
We can't: delete your Search Console property, change settings, or access anything outside your verified sites.
We can: read and update posts, pages, and their metadata (titles, descriptions, content).
We can't: install plugins, change themes, modify settings, access your admin panel, or do anything outside the WordPress REST API scope you granted.
We can: read files, create branches, and open pull requests on the connected repository.
We can't: merge to your main branch without your approval, access other repositories, or modify repository settings.
We crawl your public pages to analyze content, the same way Google does. We don't access anything behind login walls, password-protected pages, or private areas unless they're part of your connected CMS.
We use AI (Anthropic's Claude) to analyze your content and write improvements. Here's what that means for your data.
Page content (text, headings, metadata), search performance data from Google Search Console, and competitor analysis data. This is the information Claude needs to write better content for your site.
Your credentials, login tokens, personal information, email address, or any data from other users. The AI only sees the content it needs to do its job for that specific task.
We use Anthropic's API (not the consumer product). Per Anthropic's API terms, data sent through the API is not used to train their models and is not retained beyond the request processing window.
How we protect communication between our systems.
The background worker communicates with our backend using a shared secret verified with timing-safe comparison. This prevents timing attacks that could guess the secret by measuring response times.
Every connection between our systems (frontend to backend, worker to backend, backend to third-party APIs) uses TLS encryption in transit. No exceptions.
The background worker doesn't store any data locally. It fetches what it needs, processes the job, sends results back to the database, and moves on. If the worker restarts, nothing is lost.
All API keys, encryption keys, and service credentials are stored as environment variables in each platform's secret management (Convex, Railway, Netlify). Nothing is hardcoded or committed to source control.
In preview mode (the default), every change goes through you before it touches your site. You see a before/after diff and approve or reject each one. For GitHub-connected sites, changes come as pull requests that you merge yourself. The worst case is a content change you don't like, and you can always undo.
We stop accessing your site immediately. Your data stays in our database for 30 days (in case you reconnect), then it's deleted. Any changes already applied to your site stay as they are since they're now your content.
Admin access is restricted to specific email addresses configured at the infrastructure level. Admins can see site metadata for support purposes (site URL, connection status, error states). We don't have a way to view your decrypted credentials since the decryption only happens during automated job execution.
No. Your data is used only to run Scaup for your sites. We don't sell it, share it with other users, or use it for any purpose other than delivering the service you signed up for.
Scaup is a product of Seolift Ltd., an Israeli company. Data is processed on US-based infrastructure (AWS via Convex, Railway, and Netlify).
Not yet. We're an early-stage product. Our infrastructure providers (AWS, Convex, Railway, Netlify) maintain their own compliance certifications. As we grow, we'll pursue relevant certifications. We'd rather be honest about this than pretend.