Status Scout — Privacy Policy
Effective date: July 6, 2026
Status Scout (“the App”, “we”, “us”) is an application for monday.com that analyzes project boards and generates written status reports. This policy describes what data the App accesses, how it is used, stored, and deleted. The App is operated by Gal Buzaglo, a registered business in Israel. Contact: support@galapps.dev.
Data we access
When you install Status Scout and select boards to watch, the App reads the following from your monday.com account via monday's API, using the OAuth permissions you grant at installation (read access to boards, users, and workspaces; write access to documents):
- Board structure and items: item names, group names, status values, assignees (display names), due dates, timelines, dependencies, and last-activity timestamps — only for boards you explicitly configure.
- Basic account and user profile information needed to operate the App (account ID, user ID, name).
The App does not access items on boards you have not selected, private messages, files/attachments, or passwords.
How we use data
Board data is used solely to (a) compute project risk signals (e.g., overdue or blocked items) and (b) generate written status reports. We do not sell data, use it for advertising, or use it to train machine-learning models.
Subprocessors
To generate report narratives, computed signals and related board item context (item names, board names, assignee display names, dates, and status information) are sent to Anthropic, PBC (San Francisco, USA), the provider of the Claude language model API. Anthropic processes this data to produce the report text and, per its commercial API terms, does not use it to train its models. No monday.com credentials or OAuth tokens are ever shared with Anthropic.
If email delivery is enabled by you, report content and your chosen recipient address are processed by Resend, Inc. (USA) to send the email.
Infrastructure: the App is hosted on monday code, monday.com's own application hosting platform; stored data resides within that infrastructure.
Data we store
- OAuth access tokens (encrypted at rest via monday code SecureStorage)
- Your App configuration (selected boards, thresholds, delivery settings)
- Generated reports (report history shown in the App)
- Subscription/plan status received from monday.com billing webhooks
We do not store copies of your boards; board data is fetched at report time.
Data retention & deletion
- You can delete individual reports from the App at any time.
- Uninstalling the App permanently deletes all stored data — tokens, configuration, report history, and subscription records — automatically and within monday.com's required deletion window (10 days).
- You may also request deletion at any time by emailing support@galapps.dev.
Security
Data in transit is encrypted (TLS/HSTS). OAuth tokens are stored encrypted. All API endpoints require authenticated, signed monday.com session tokens or signed webhooks. Access to production systems is limited to the operator.
Your rights
Depending on your jurisdiction (e.g., GDPR), you may have rights to access, correct, export, or erase personal data processed by the App. Contact support@galapps.dev and we will respond within 30 days.
Changes
We will post any changes to this policy at this URL and update the effective date. Material changes will be noted in the App's release notes.
Contact
support@galapps.dev
Gal Buzaglo, Israel