Security & Trust

GSCPilot uses a GitHub App for repository access, not personal access tokens. The App follows the Principle of Least Privilege: it requests only the permissions needed to read files and create pull requests.

For Google Search Console, we request webmasters.readonly Read-only access. We never modify your Google properties, analytics, or any other Google service.

You control which repositories the GitHub App can access at any time via your GitHub settings.

By default, every code change GSCPilot generates is delivered as a pull request on a new branch. You review the full diff before merging. For teams that prefer it, a direct push mode is available in site settings, but PR mode is the default.

Whether you use PR mode or direct push, every change is scoped to the specific SEO fix and nothing else.

All OAuth tokens (Google, GitHub) are encrypted at rest with AES-256-GCM before storage. HTTPS with TLS 1.2+ is enforced on every endpoint. There is no unencrypted path to our servers.

Secrets and API keys are stored in Vercel's encrypted vault, isolated from application code and never committed to source control. Database connections use encrypted channels with managed credentials.

GSCPilot runs on boring, trusted infrastructure:

• ✓Vercel: SOC 2 Type II compliant hosting and serverless functions
• ✓Supabase: SOC 2 Type II, HIPAA eligible database and authentication
• ✓Vercel AI Gateway: Managed AI routing, no direct API key exposure

No data is stored on self-managed servers. All infrastructure runs on audited cloud platforms with automated security patching.

AI models process your page content to generate SEO recommendations. Only the minimum data needed is sent to AI providers during active scans:

• ✓ Page titles, meta descriptions, headings, and schema markup
• ✓ Public Google Search Console metrics (clicks, impressions, CTR)

AI providers: Google (Gemini), Anthropic (Claude), and OpenAI (GPT), all via inference-only API calls through Vercel AI Gateway.

We retain only what's needed to operate the service:

• ✓OAuth tokens: encrypted in database, revoked when you disconnect or delete your account
• ✓GSC snapshots: aggregated performance data, retained while your site is connected
• ✓Recommendations: stored until acted upon or your account is deleted
• ✓Logs: server logs retained for 14 days maximum

You can delete your account and all associated data at any time from your dashboard settings. Deletion is immediate and permanent. All sites, recommendations, changes, tokens, and usage data are removed.