WhopScanWhopscan
Back to home

Privacy Policy

Last updated: February 14, 2026

This Privacy Policy describes how WhopScan ("Service", "we", "us", "our"), operated at whopscan.com, collects, uses, and protects your personal information. By using the Service, you consent to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

  • Account information: When you sign up via Google OAuth, we receive your name, email address, and Google profile picture from your Google account through our authentication provider (Supabase).
  • Payment information: When you subscribe, Stripe collects and processes your payment card details. We do not store, see, or have access to your full card number. We receive only a confirmation of payment status, subscription plan, and billing period from Stripe.
  • Communications: If you contact us for support, we may retain the content of your messages.

1.2 Information Collected Automatically

  • Usage data: We may collect information about how you interact with the Service, including pages visited, features used, and time spent on the platform.
  • Device and browser data: We may collect your IP address, browser type, operating system, and device identifiers for security and analytics purposes.
  • Cookies: We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

1.3 Information We Do Not Collect

We do not collect sensitive personal information such as government IDs, health data, biometric data, or financial account numbers beyond what is necessary for payment processing through Stripe.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the Service: Authenticate your account, manage your subscription, and deliver dashboard access.
  • Process payments: Manage billing, renewals, and cancellations through Stripe.
  • Send communications: Account-related emails such as subscription confirmations, renewal notices, and digest alerts (if subscribed). We do not send marketing emails unless you opt in.
  • Improve the Service: Analyze usage patterns to fix bugs, improve features, and optimize performance.
  • Security: Detect, prevent, and respond to fraud, abuse, or security incidents.
  • Legal compliance: Comply with applicable laws, regulations, or legal processes.

3. Third-Party Services & Data Sharing

We do not sell, rent, or trade your personal information to any third party.

We share your data only with the following service providers, solely to operate the Service:

  • Supabase — Authentication, user management, and database hosting. Stores your account data (name, email, subscription status).
  • Stripe — Payment processing. Receives your payment card details directly — we never see or store them.
  • Resend — Email delivery for account notifications and digest alerts.
  • OpenAI — AI-generated insights and analysis. We may send anonymized or aggregated marketplace data (not your personal information) to generate analytics content.
  • Hosting providers — Infrastructure providers that host the Service and may process data as part of normal operations.

Each provider is bound by their own privacy policies and data processing agreements. We are not responsible for their practices beyond what is required to deliver the Service.

4. Publicly Scraped Marketplace Data

WhopScan collects and displays publicly available data from the Whop marketplace, including product names, descriptions, pricing, user counts, company names, creator profiles, and reviews. This data is publicly accessible on the Whop platform and is collected for analytical purposes.

If you are a Whop marketplace seller or creator and your publicly available product or company information appears on WhopScan, this data was collected from public sources. We do not collect private or non-public information from Whop accounts. If you wish to request removal of your public data from our platform, you may contact us — however, we are not obligated to remove publicly available information.

5. Data Retention

  • Account data: Retained for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g. billing records).
  • Payment records: Stripe retains payment records according to their own retention policies and legal requirements.
  • Marketplace data: Publicly scraped product, company, and review data is retained indefinitely for historical analytics purposes.

6. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encrypted connections (HTTPS/TLS) for all data in transit.
  • Secure authentication via JWT tokens and OAuth 2.0.
  • Row Level Security (RLS) on our database to ensure users can only access their own account data.
  • Server-side secret keys for privileged operations, never exposed to the client.

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and are not liable for any breach, unauthorized access, or data loss despite our security measures.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing of your personal data.

To exercise any of these rights, contact us using the email associated with your account. We will respond within 30 days.

8. Children's Privacy

WhopScan is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

9. International Data Transfers

Your data may be stored and processed in jurisdictions outside your country of residence, including the United States, where our service providers operate. By using the Service, you consent to the transfer of your information to these jurisdictions, which may have different data protection laws than your own.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes take effect immediately upon posting to this page. Your continued use of the Service after any changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

11. Contact

If you have any questions or concerns about this Privacy Policy or our data practices, you may contact us through the email address associated with your WhopScan account.

See also: Terms of Service