Privacy Policy

Last updated: April 29, 2026

This Privacy Policy explains how Arkleaf LLC (“Arkleaf,” “we,” “us,” or “our”) collects, uses, discloses, and retains information when you:

  • visit arkleaf.com;
  • join the Scout waitlist or start checkout from our website;
  • use Scout at scout.arkleaf.app; or
  • otherwise communicate with us.

This is Arkleaf’s umbrella privacy policy for both our public website and Scout. Some sections apply primarily to website visitors, while others apply primarily to Scout users and customer workspaces.

Scout is a procurement intelligence product focused on Florida transportation opportunities. It combines public-source procurement data with account, billing, and workspace data provided by customers and users.

Information We Collect

Information you provide to us or create in Scout

  • Communications: If you use our contact form, email us, or otherwise contact us, we collect the contact details and message content you provide. Contact form submissions are processed through our website infrastructure, screened for abuse-prevention purposes, and delivered to our team inboxes.
  • Waitlist information: If you join the Scout waitlist, we collect your email address. Our current waitlist flow stores that email in Stripe so we can identify launch-interest records and avoid duplicates.
  • Account and identity information: If you sign in to Scout through Microsoft Entra External ID, we receive identity and profile information such as your external user identifier, email address, and display name. If you are invited to a Scout workspace before your first sign-in, we may store your name and email address in advance so we can link your account when you authenticate.
  • Organization and subscription information: We collect or generate organization name, workspace membership, user role, plan status, billing status, seat limits, and related subscription metadata. Stripe may provide us with limited billing data such as customer IDs, subscription IDs, invoice/payment status, and plan metadata. We do not store full payment card numbers on our servers.
  • Workspace content and preferences: We collect data you choose to create or save in Scout, including favorites, notes, notification subscriptions, saved views, and similar account or workspace settings.
  • Personnel and location data: If you use personnel or travel-analysis features, we collect the information you enter for team members, such as names, optional email addresses, home coordinates, and display addresses.

Public-source data we process in Scout

  • Scout collects and processes public procurement and related source data from the Florida Department of Transportation and other public sources. That data may include project details, procurement timelines, firm information, and public contact or participant information published as part of those opportunities.

Information we collect automatically

  • Log, device, and usage data: We may collect technical information such as IP address, browser and device information, timestamps, referring URLs, pages or routes visited, and general usage patterns.
  • Diagnostic and reliability telemetry: Scout uses Microsoft Application Insights and related Azure monitoring tooling to collect application telemetry such as page views, request metadata, performance data, and error reports so we can operate, secure, and improve the product.
  • Browser-stored preferences: Our website and Scout store limited information in your browser, including theme preferences and Scout UI state such as saved filters, grid settings, navigation state, and recent-visit markers. Authentication and sign-in flows may also use browser storage managed by Microsoft identity libraries.

How We Use Information

We use information we collect to:

  • provide, operate, and maintain the website and Scout;
  • authenticate users and provision or link Scout accounts and workspaces;
  • deliver Scout features, including favorites, notes, notifications, and travel analysis;
  • manage the waitlist, subscriptions, billing, and customer support;
  • send invitations, transactional emails, service notifications, and other operational communications;
  • monitor performance, investigate issues, prevent abuse, and protect the security of our Services; and
  • comply with legal obligations and enforce our agreements.

How We Share Information

We do not sell personal information, and we do not use personal information for targeted advertising.

We may disclose information in the following circumstances:

  • Service providers and infrastructure partners: We use providers that help us run the Services, including Microsoft for identity, hosting, telemetry, and email delivery services, Cloudflare for bot protection on website forms, Resend for contact-form email delivery, and Stripe for waitlist processing, checkout, billing portal access, and subscription-related events.
  • At your direction: We may disclose information when you ask us to do so or when disclosure is necessary to complete a request you initiate.
  • Legal, security, and compliance reasons: We may disclose information if we believe it is reasonably necessary to comply with law, regulation, legal process, or a valid government request, or to protect our rights, users, or the public.
  • Business transfers: We may disclose information in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction.

Cookies and Similar Technologies

We use cookies, local storage, and similar browser technologies for core functionality and reliability, including sign-in flows, remembering preferences, and maintaining Scout interface state.

We do not describe the Services as using advertising cookies. If we materially change our use of optional analytics, advertising, or similar tracking technologies, we will update this Privacy Policy and provide any notices required by law.

If you block cookies or browser storage, some parts of the website or Scout may not function properly.

Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, maintain workspace records, operate subscriptions, respond to support or legal issues, and protect the security and integrity of our systems. Contact form submissions that are not stored in Scout application data may still be retained in our email systems and provider logs for operational and abuse-prevention purposes.

Retention periods vary by data type. For example:

  • account, organization, and workspace records may be retained while the relevant Scout workspace remains active;
  • billing and transaction records may be retained for accounting, tax, audit, and dispute-resolution purposes;
  • logs, backups, and telemetry may persist for a limited period after deletion or deactivation; and
  • public-source procurement data may remain in Scout’s historical dataset even after a user account is removed.

Certain product-state data may also age out automatically. For example, some notification subscriptions may be removed after an opportunity reaches a terminal state and is no longer eligible for notifications.

Children and Minors

The Services are not directed to children, and you must be at least 18 years old to use them. We do not knowingly collect personal information directly from anyone under 18. If you believe that someone under 18 has provided personal information to us, contact us and we will take appropriate steps to review and address the issue.

Your Choices and Rights

Depending on where you live, you may have rights to request access to, correction of, deletion of, or a copy of certain personal information we hold about you. You may also have the right to object to or restrict certain processing.

You can also take some actions directly:

  • manage saved settings and notification subscriptions inside Scout;
  • remove browser-stored preferences through your browser settings; and
  • use Stripe’s customer tools where applicable for billing-related actions.

If your Scout account is managed through an employer, client, or other organization, we may need to work with that organization on certain requests.

To make a privacy request, email support@arkleaf.com with “Privacy Request” in the subject line.

International Users and Region-Specific Rights

Arkleaf operates from the United States. If you access the Services from outside the United States, you understand that your information may be collected, transferred to, processed in, and stored in the United States and other places where Arkleaf or its service providers operate.

Depending on where you live, you may have additional rights under applicable privacy laws. Those rights may include the right to know what personal information we hold about you, request access to or correction of that information, request deletion, object to or restrict certain processing, or appeal the denial of a request where local law provides that right.

If a law in your jurisdiction requires additional disclosures, notices, or handling practices, those requirements supplement this Privacy Policy to the extent they apply.

Data Security

We use administrative, technical, and organizational measures designed to protect information appropriate to the nature of the data and the Services we provide. No system is completely secure, and we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice through the Services or by other reasonable means.

Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at support@arkleaf.com.