Privacy Policy

BidScout — Classic FPDS Search, Restored · v2.0

Last updated: May 2026

BidScout is a Chrome extension built by PixelForgeHub (Yogesh Nichal). This document is the full, plain-English privacy statement covering v2.0 features — including SAM.gov + USAspending.gov queries, BYOK AI inference, Firestore team-pipeline sync, Slack/Teams/Salesforce/HubSpot webhooks, the enterprise audit log, white-label mode, and PII redaction.

30-second summary

• We have no servers for this extension. Nothing you do in BidScout ever passes through a PixelForgeHub server. The only PixelForgeHub URL the extension contacts is a static JSON manifest at pixelforgehub.pro/bidscout/manifest-2026.json — and that fetch is anonymous.
• All federal contracting data comes from public US government APIs: SAM.gov for contract awards + opportunities + vendor entity lookups, and USAspending.gov for SLED awards + grants. PixelForgeHub never sees your queries.
• Your SAM.gov API key, AI provider API keys, Pro license, capability statement, audit log, and pipeline data all live on YOUR device in chrome.storage.local.
• BYOK AI is opt-in and gated. AI features (opportunity summarization, Go/No-Go scoring, proposal outline drafting) only activate when you paste your own OpenAI / Gemini / Anthropic API key. Your query goes directly browser-to-provider — never through PixelForgeHub.
• Team licensing + Firestore sync is opt-in and self-hosted. A PFH-TEAM-XXXX-XXXX license enables shared pipeline + audit log across your team — but your team's data lives in YOUR Firebase project (or PixelForgeHub-managed), never in ours by default.
• No telemetry, no analytics, no tracking by BidScout at any point.

Data Categories & Where Each Goes

Information We Collect

BidScout collects and handles the following categories of data, all of which are stored locally on your device in chrome.storage.local unless you explicitly enable an opt-in feature (team sync, AI, webhooks) that sends specific data to a service you choose:

• Authentication credentials you enter: your SAM.gov API key, your AI provider API key(s) (OpenAI / Gemini / Anthropic), your Firebase project config, and webhook URLs (Slack / Teams / Salesforce / HubSpot).
• Your license key (PFH-XXXX-XXXX-XXXX or PFH-TEAM-XXXX-XXXX).
• Content you create or save: saved searches, your capture pipeline, your capability statement, per-item notes, branding/white-label config, and the audit log of your actions.
• Search inputs you submit to public government APIs (NAICS codes, agency names, vendor names/UEIs, date ranges, set-aside types, dollar amounts).
• We do NOT collect: your name, email, browsing history, location, device identifiers, or any analytics/telemetry. We have no account system and no server that receives your data.

How We Use Your Information

• API keys and the SAM.gov key are used solely to authenticate the requests you initiate to the corresponding service (SAM.gov, your chosen LLM provider, your Firebase, your webhook endpoints).
• Saved searches, pipeline, capability statement, notes, and audit log are used only to provide the extension's features on your device.
• The license key is used to determine your tier (free / Pro Solo / Pro Team) via local validation.
• We do not use any of your data for advertising, profiling, model training, or resale. PixelForgeHub never receives this data, so we cannot and do not use it for any purpose.

How Your Information Is Shared

PixelForgeHub does not receive or share your data. Data leaves your device only to the third-party services you direct it to, each governed by that service's own privacy policy:

• SAM.gov (api.sam.gov) and USAspending.gov (api.usaspending.gov) — receive the searches you run. (U.S. government public APIs.)
• Your chosen AI provider (OpenAI, Google Gemini, or Anthropic) — receives an opportunity description + your capability statement, only when you click an AI action.
• Your own Firebase/Firestore project — receives team pipeline + audit entries, only if you configure team sync.
• Your configured webhook endpoints (Slack, Microsoft Teams, Salesforce, HubSpot) — receive alert/pipeline data, only if you configure them.
• We never sell, rent, or share your data with data brokers, advertisers, or any other third party.

Data Storage & Security

All BidScout data is stored locally in your browser via chrome.storage.local, protected by Chrome's extension sandbox and your operating-system user account. Data sent to the opt-in services above travels over HTTPS/TLS directly from your browser to that service. PixelForgeHub operates no database or server that stores your extension data. If you enable team sync, that data resides in your Firebase project, secured by your Firestore security rules.

Data Retention & Deletion

• Local data persists in chrome.storage.local until you delete it. The audit log is capped at 500 entries locally (oldest auto-pruned).
• To delete everything: use Settings → Reset / Clear Data inside BidScout, or remove the extension from Chrome (Manage Extensions → Remove), which erases all chrome.storage.local data including all stored keys.
• Team/Firestore data is controlled by you in your own Firebase project; delete it there at any time.
• Because PixelForgeHub stores none of your data, there is nothing for us to retain or delete on our side. For any question, email us (see Contact).

BYOK AI — How It Works & Why It's Private

The AI tab features (summarization, Go/No-Go scoring, proposal outline drafting) are opt-in. To use them you provide your OWN API key for one of three LLM providers. The flow:

1. You paste your API key into Settings → AI Provider. The key is stored in chrome.storage.local only.
2. When you click "Summarize" or "Go/No-Go" on an opportunity, BidScout sends the opportunity description (and your capability statement, if you've saved one) DIRECTLY from your browser to the provider you chose.
3. The response comes back to your browser. PixelForgeHub never sees it.

Note on sensitive opportunity content: federal solicitations are public documents, but your capability statement may contain proprietary past-performance details, clearances, or teaming relationships. If you're sending content that's sensitive to your business, ensure you have the appropriate enterprise agreement with your LLM provider. OpenAI, Anthropic, and Google all offer enterprise-tier data-handling agreements; consult their documentation.

Team Tier & Firestore Pipeline Sync

A PFH-TEAM-XXXX-XXXX license enables shared pipeline + audit log across your team's members. To use it, you configure BidScout with your own Firebase project's public API config (Settings → Team Management → Firebase project config). Every time a team member adds an item to the pipeline or runs an action, BidScout writes an entry to your Firestore database at the path teams/{teamId}/pipeline/{entryId} and (separately) teams/{teamId}/audit_log/{entryId}.

The pipeline entry contains:

• The PIID / Notice ID / Solicitation Number (already a public identifier — not PII)
• The vendor name and UEI (public SAM.gov data)
• The awarding agency, NAICS, set-aside, period end, total value
• The member slot ID and timestamp
• The member's note text (if any)

It does NOT contain: clearance details from your capability statement, AI-generated content, your API keys, your pricing strategy, or any free-text BD intel beyond the per-item note field. The pipeline data captures what your team is working on, not the privileged content of bid strategies. Firestore data is held under YOUR Firebase project — PixelForgeHub has no access.

PII Redaction (Team Tier)

Some teams (legal, IRAD, NDA-bound capture teams) can't share competitor vendor names internally. Settings → PII Redaction enables a toggle that hashes vendorName and vendorUei in pipeline entries before they sync to Firestore. Your local device still shows full names; the synced copy stores SHA-256-derived placeholders. The unhashed name never leaves your device.

White-Label / Co-Branded Mode (Team Owner)

Team owners can rebrand BidScout for their agency / reseller clients by setting product name, colors, logo URL, and footer credit. Branding config lives in chrome.storage.local on the owner's device. To distribute the same look to team members, the owner exports the branding config as JSON and shares it with members, who import it into their own BidScout install. No branding data flows through PixelForgeHub.

Audit Log

BidScout maintains an append-only audit log of every action you (or your team) take in the extension. Events captured include: pipeline add / move / remove, search runs, AI inferences, CRM pushes, calendar exports, data exports, bulk imports, and role changes. The log stores:

• The event type (e.g. pipeline.add, ai.go_no_go)
• Your member slot ID and role
• A timestamp
• A short payload (typically the PIID or notice ID, never the full clinical / proprietary content)

The log lives in chrome.storage.local and (when team mode + Firestore are configured) also under your team's Firestore document. The log is capped at 500 entries locally. Owners and admins can export the audit log as CSV from Settings → Data Export.

Permissions Justification

External Endpoints Whitelist (CSP)

BidScout's Content Security Policy whitelists exactly these connect-src hosts. Every external HTTPS connection BidScout can make is on this list:

• api.sam.gov — Contract awards, opportunities, vendor entity lookups (required core function)
• api.usaspending.gov — SLED + federal grants search
• api.openai.com — BYOK AI (OpenAI), opt-in only
• generativelanguage.googleapis.com — BYOK AI (Gemini), opt-in only
• api.anthropic.com — BYOK AI (Anthropic Claude), opt-in only
• hooks.slack.com — Slack alert webhooks, opt-in only
• *.webhook.office.com — Microsoft Teams alert webhooks, opt-in only
• firestore.googleapis.com — Team Firestore sync (your own Firebase project), opt-in only
• *.salesforce.com, *.force.com — Salesforce CRM webhook push, opt-in only
• api.hubapi.com — HubSpot CRM webhook push, opt-in only
• pixelforgehub.pro — Quarterly dataset patch (anonymous static JSON GET only). The only PixelForgeHub URL.

What BidScout Does NOT Do

• No analytics, no telemetry, no crash reporting.
• No A/B testing, no remote feature flags, no remote config.
• No third-party SDKs, no ads, no tracking pixels.
• No remote code execution — no eval, no new Function(), no remote script fetches.
• No upload of your searches, pipeline data, AI inferences, or capability statement to PixelForgeHub.
• No transmission of API keys (SAM.gov, OpenAI, Gemini, Anthropic, Firebase, Slack, Teams, Salesforce, HubSpot) anywhere except the corresponding service.
• No access to other tabs, other extensions' data, or your browsing history.

Pricing & License Key

Free tier: 5 searches per day with a small "Made with BidScout" watermark. Pro Solo: $49/month or $249 lifetime via Lemon Squeezy — unlimited searches, full AI features, capture pipeline, audit log, quarterly dashboard, bulk import, data exports. Pro Team: $99/month for 5 seats or $399/year unlimited — adds shared Firestore pipeline, team roles, PII redaction, white-label, and CRM push.

License keys (PFH-XXXX-XXXX-XXXX for solo or PFH-TEAM-XXXX-XXXX for team) are validated by local regex; team licenses additionally verify against Firestore if you've configured it. No license data is transmitted from your browser to PixelForgeHub.

Children's Privacy

BidScout is intended for professional use by federal contractors, capture managers, BD consultants, and procurement professionals. It is not directed to children under 13 and does not knowingly collect personal information from anyone.

Changes to This Policy

If BidScout ever adds a feature that changes the data-handling story above, this page will be updated and the version number raised before the new build ships to the Chrome Web Store. The current published version of the extension and the version covered by this page should always match.

Contact

Questions, concerns, or data-deletion requests: pixelforgehub.pro/support