Go Camp Scout
Get started

Privacy Notice

Last updated: June 11, 2026

How we protect your family's data

Your children's profiles, schedules, and messages are private to your family by default. Here's what's in place:

  • Database-enforced accessRow-level security on every table means another family literally cannot query your data — it's blocked at the database, not just the app.
  • Encryption in transitAll traffic uses TLS. Passwords are hashed with bcrypt and checked against the Have I Been Pwned database to block compromised passwords at signup.
  • You control who sees whatCo-parents, nannies, and cohort members only get access after you invite them. You can revoke access any time in Account settings.
  • Private file storagePhotos, safety documents, and chat attachments live in private buckets — accessible only via short-lived signed links to people you've granted access.
  • No payment data on our serversCard details go directly to Paddle (our Merchant of Record). We never see or store them.
  • Regular security scansAutomated scanners check our database and code for misconfigurations. Last review: June 2026.

1. Who We Are

Natalia Schlauch ("we", "us", or "our") operates the Go Camp Scout website and services. We act as the data controller for the personal data collected through the Service.

2. What Data We Collect

We collect the following categories of personal data:

  • Account data: Name, email address, password (hashed), and profile information.
  • Family data: Children's names, ages, interests, and schedule preferences (provided by you).
  • Usage data: IP address, browser type, device information, pages visited, and feature usage.
  • Communication data: Messages sent through cohorts, support inquiries, and feedback.
  • Location data: ZIP code or general location provided for camp matching.
  • Payment data: We do not store payment card details. Payment information is collected and processed by our Merchant of Record, Paddle.

3. Why We Collect It

We use your personal data for the following purposes:

  • Account creation & management — to provide and maintain your account.
  • Service delivery — to match camps, manage schedules, and enable cohort features.
  • Communication — to send you reminders, updates, and support responses.
  • Security & fraud prevention — to protect your account and the Service.
  • Product improvement — to understand usage patterns and improve features.
  • Legal compliance — to comply with applicable laws and regulations.

4. Legal Basis

We process personal data based on the following legal grounds:

  • Contract performance — processing necessary to provide the Service you signed up for.
  • Legitimate interests — improving the Service, ensuring security, and preventing fraud.
  • Consent — for optional features like marketing emails and SMS notifications.
  • Legal obligation — where required by law.

5. Who We Share Data With

We do not sell your personal data. We share it only with:

  • Service providers: Hosting, analytics, email delivery, and customer support tooling.
  • Paddle.com (Merchant of Record): For payment processing, subscription management, tax compliance, and invoicing. Paddle acts as an independent data controller for the payment data it collects.
  • Professional advisers: Legal and accounting professionals, when necessary.
  • Authorities: When required by law or to protect our rights.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal, tax, or accounting purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data.
  • Restriction: Request limitation of processing in certain circumstances.
  • Portability: Request transfer of your data to another service.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent at any time for consent-based processing.

To exercise any of these rights, contact us at Natalia.schlauch@gmail.com. We will respond within one month.

8. Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), access controls, and regular security reviews. No method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

9. Cookies & Tracking

We use cookies and similar technologies to operate the Service, analyze usage, and improve your experience. Essential cookies are required for the Service to function. Analytics cookies help us understand how the Service is used. You can manage your cookie preferences through your browser settings.

10. International Transfers

Your personal data may be transferred to and processed in countries other than your own, including the United States. Where required, we use appropriate safeguards such as Standard Contractual Clauses to ensure an adequate level of protection.

11. Changes to This Notice

We may update this Privacy Notice from time to time. We will post the updated version on this page with a revised "Last updated" date. We encourage you to review this Notice periodically.

12. Contact Us

If you have any questions about this Privacy Notice or how we handle your data, please contact us at Natalia.schlauch@gmail.com.