Privacy Policy

Last updated: February 2026

1. Introduction

ScoopPro CRM (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our pet waste removal customer relationship management services, including our website, application, API, and Model Context Protocol (MCP) server.

This policy applies to all users of our services, including pet waste removal operators accessing ScoopPro CRM directly, third-party applications connecting via our API, and AI assistants (such as Anthropic's Claude) accessing data through our MCP server on your behalf.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, service address, and billing information.
  • Service Information: Service history, appointment schedules, payment records, service records, property details, and communication preferences.
  • Operational Data: Treatment documentation, applicator license information, equipment records, and service records collected in the course of pet waste removal operations.
  • Communication Data: SMS messages, email correspondence, and call logs related to your service.
  • Usage Data: Information about how you interact with our services and platform, including login activity and feature usage.
  • Authentication Data: OAuth tokens, API keys, and session information used to authenticate your access to our services, including connections from third-party applications and AI assistants.

3. How We Use Your Information

We use the information we collect to:

  • Provide and manage pet waste removal services
  • Send appointment reminders and service notifications via SMS and email
  • Process payments and send payment reminders
  • Communicate with you about your account and services
  • Maintain regulatory compliance records
  • Respond to authorized API and MCP requests on your behalf
  • Improve our services and customer experience
  • Comply with legal obligations

4. API and MCP Server Access

ScoopPro CRM provides an API and a Model Context Protocol (MCP) server that allow authorized third-party applications and AI assistants to access and interact with your data on your behalf.

4.1 What Data Is Accessible via API and MCP

When you authorize a third-party application or AI assistant to connect to your ScoopPro CRM account, it may access the following data categories based on the permissions you grant:

  • Customer records (names, contact information, service addresses)
  • Appointment and schedule data
  • Service history and treatment records
  • Property information and inspection histories
  • Treatment logs and service data
  • Equipment records
  • Payment status and billing information
  • SMS communication history

4.2 How API and MCP Access Works

  • Authentication: All API and MCP access requires authentication via OAuth 2.0 or API key. No anonymous access is permitted.
  • User-Initiated: Third-party applications and AI assistants can only access your data after you explicitly authorize the connection. You control which applications have access.
  • Scoped Access: API and MCP tools are designed to access only the data necessary to fulfill the specific request. We do not expose bulk data dumps through these interfaces.
  • No Conversation Data Collection: When our MCP server is accessed by an AI assistant (such as Claude), we do not collect, store, or log any conversation content, prompt text, or chat history from the AI assistant's session. We only process the specific tool calls made to our server and the data necessary to respond to them.

4.3 Revoking API and MCP Access

You may revoke access for any connected third-party application or AI assistant at any time through your ScoopPro CRM account settings. Upon revocation:

  • The application's OAuth tokens are immediately invalidated on our systems.
  • API keys can be regenerated or deleted through your settings.
  • Previously accessed data that has been cached or stored by the third-party application is governed by that application's own privacy policy—not ours.

5. SMS Communications (Optional)

SMS messaging is entirely optional and is not required to use ScoopPro CRM or receive pet waste removal services. If you choose to opt in, you may receive text messages regarding:

  • Appointment reminders and confirmations
  • Service notifications and updates
  • Payment reminders and receipts

You may opt in by providing separate, explicit consent to your service provider. Providing your phone number alone does not constitute consent to receive text messages. Message frequency varies based on your service schedule (estimated 1-8 messages per month). Message and data rates may apply. You can opt out at any time by replying STOP to any message. For help, reply HELP or contact us directly. Your consent to receive SMS is not a condition of purchasing any services.

6. Information Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist in providing our services, including:
    • Payment processing (Stripe)
    • SMS and communication services (Twilio)
    • Cloud infrastructure and data storage (Google Firebase/Firestore)
  • Authorized Third-Party Applications: Applications and AI assistants that you have explicitly authorized to connect to your ScoopPro CRM account via API or MCP, as described in Section 4.
  • AI Platform Providers: When you connect ScoopPro CRM to an AI assistant through our MCP server, your data may transit through that AI platform's infrastructure (e.g., Anthropic's servers for Claude). The AI platform's handling of that data is governed by its own privacy policy and terms of service.
  • Legal Requirements: When required by law, regulation, or legal process, or to protect our rights and safety.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, in which case your data would remain subject to the protections in this privacy policy or a successor policy of equivalent protection.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Authentication and access controls for all API and MCP endpoints
  • Rate limiting to prevent abuse of API and MCP interfaces
  • HMAC-SHA256 signed webhooks for outbound data
  • Regular security reviews

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

  • Service records and treatment history: Retained for up to 7 years for legal, tax, and regulatory compliance purposes.
  • Treatment and service logs: Retained in accordance with applicable federal and state regulations governing pet waste removal service records.
  • Authentication tokens (OAuth/API keys): Retained only while the authorization is active. Tokens are deleted upon revocation or account closure.
  • Communication logs (SMS/email): Retained for 3 years unless a longer period is required for legal compliance.
  • Usage and analytics data: Retained in aggregated, de-identified form for service improvement purposes.

Upon account closure, we will delete or anonymize your personal information within 90 days, except where retention is required by law or regulation.

9. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Data Portability: Export your data in CSV or JSON format through your account settings or our API
  • Opt Out: Opt out of certain communications
  • Withdraw Consent: Withdraw consent where processing is based on consent
  • Restrict Processing: Request that we limit how we use your data

To exercise any of these rights, contact us at the information provided in Section 13. We will respond to your request within 30 days. If you have connected third-party applications or AI assistants to your account, please note that we can only fulfill these rights for data within our systems. You must contact those third-party providers separately regarding any data they may have accessed or retained.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

11. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know what personal information we collect, the right to delete your data, and the right to opt out of the sale of your personal information. We do not sell personal information. To exercise your rights, contact us using the information in Section 13.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page, updating the “Last updated” date, and, for significant changes affecting API or MCP data handling, by sending a notification through your account dashboard or email.

13. Contact Us

If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your data protection rights, please contact us at:

ScoopPro CRM

Email: privacy@scoopprocrm.com

Website: https://www.scoopprocrm.com

For security concerns or to report a vulnerability, contact: security@scoopprocrm.com

← Back to Home