Privacy

Security and privacy for ScamSpot Business

Invoice, vendor, and payment data can be sensitive. ScamSpot Business is designed to keep the first MVP simple and cautious.

The structured InvoiceScamCheck and Vendor Bank-Change Check run a rules-based analysis in the browser. Do not paste full account numbers, tax IDs, private customer details, or secrets.

Run invoice check Read FAQ

Quick answer

No upload is a product decision

The MVP intentionally avoids file upload and saved checks. It gives fast operational risk indicators without storing invoices or creating an account.

Free AP Fraud SOP Kit

Turn this check into an AP policy

Get the vendor bank-change policy, callback script, approval note, incident checklist, and hold triggers for your finance team.

Get the SOP kit Future paid: saved checks, audit log, PDF reports, team templates - $19/mo teaser.

Current MVP boundaries

These choices reduce privacy and security risk while the product is early.

  • No PDF upload in v1.
  • No saved checks or audit log in the free MVP.
  • Structured rules checker runs client-side.
  • Optional email text should be redacted before use.
  • Output is risk indicators only, not legal, forensic, or compliance advice.

Future paid features

Paid features should add security before storage.

  • Saved checks and audit logs.
  • PDF reports.
  • Team templates and AP fraud SOP kit.
  • Access controls, retention settings, and export history.

Security and Privacy FAQ

Does ScamSpot verify bank account ownership?

No. It does not validate account ownership, vendor identity, or invoice authenticity.

Can I paste confidential invoice data?

You should redact account numbers, tax IDs, private customer details, and secrets before pasting optional text.