The short version: We only collect what we need to run the service. We never sell your data. Content you submit is used solely to analyse whether it's a scam, then discarded. You can delete your account and all associated data at any time.
1. Who we are
GotAScam ("we", "us", "our") is operated at gotascam.com. We provide a scam-detection service that analyses suspicious messages, screenshots, and emails. You can reach us at [email protected].
2. What we collect
If you use GotAScam without an account:
- The text or screenshot you submit for analysis
- Your IP address (used for rate-limiting, not stored long-term)
- A one-time session identifier to return your result
If you create an account:
- Your email address and a hashed password
- A history of your submissions and their verdicts
- Billing information (processed by our payment provider — we never see your full card number)
If you use email forwarding ([email protected]):
- The full email you forward, including headers, body, and any attachments
- Your email address (used only to send the verdict reply)
3. How we use your data
- To provide the service — running scam detection checks and returning a verdict
- To improve detection — aggregated, anonymised patterns help us improve our models. We do not use your personally identifiable content for training AI without your explicit consent
- To send verdict replies — for email-forwarding users only
- To manage your account — authentication, billing, and subscription management
We never use your data for advertising, and we never sell it to third parties.
4. AI processing
When you submit content for analysis, it may be sent to Anthropic's Claude API for AI-powered detection. Anthropic processes this data under their own privacy policy. We use this solely to return a scam verdict — we do not enable training on your data via Anthropic's API.
URLs in your submitted content may be checked against third-party blocklists (URLhaus, Spamhaus). Only the URL itself is sent — no personal information is included.
5. Data retention
- Anonymous submissions — stored for up to 7 days to allow you to retrieve your result, then permanently deleted
- Uploaded screenshots — deleted within 30 days
- Account submission history — retained while your account is active
- Email-forwarded content — deleted within 7 days of processing
6. Your rights
You have the right to:
- Access the personal data we hold about you
- Correct any inaccurate data
- Delete your account and all associated data
- Export your submission history
- Withdraw consent for any optional data processing
To exercise any of these rights, email us at [email protected] or use the settings in your account dashboard.
7. Cookies
We use only essential cookies — specifically, a session token stored in localStorage to keep you signed in. We do not use advertising, tracking, or analytics cookies from third parties.
8. Security
All data is transmitted over HTTPS. Passwords are hashed with bcrypt and never stored in plaintext. We use industry-standard security practices to protect data at rest and in transit.
9. Children
GotAScam is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If you believe we have inadvertently done so, contact us and we will delete it promptly.
10. Changes to this policy
We may update this Privacy Policy from time to time. We'll update the "Last updated" date at the top of this page. For material changes, we'll notify account holders by email.
11. Contact
Questions or concerns about your privacy? Email us at [email protected].