What SpyGlow monitors, what it does not access, and what is still rolling out.
This report gives customers, legal teams, and security reviewers a plain status view of SpyGlow trust boundaries. It separates shipped controls from planned controls.
Public-source monitoring boundary
SpyGlow is built to monitor publicly accessible competitor pages selected by customers or discovered from public website surfaces.
No private access
SpyGlow is not built to access password-protected pages, internal systems, private portals, private social accounts, private files, or content behind access controls.
Private URL protection
Backend scraping paths block local, private, and unsupported URL targets before page capture begins.
Account-scoped intelligence
Competitor lists, snapshots, reports, battle cards, and AI-generated insights are scoped to the customer account or workspace that created them.
Public pages only.
SpyGlow monitors public website surfaces such as pricing pages, product pages, blogs, changelogs, help centers, documentation, press pages, and public job boards. Customers are responsible for choosing lawful targets they have the right to monitor.
For the full methodology, read How SpyGlow Monitors.
Observe first, enforce after review.
SpyGlow now records crawler policy outcomes before moving to enforcement. This avoids silently breaking customer monitoring while giving the team data needed for a safer enforcement rollout.
Evidence stays close to the insight.
SpyGlow is designed to keep source URLs, capture timing, and supporting evidence close to competitive insights where the product feature supports it. AI-generated analysis should be reviewed against evidence before high-stakes decisions.
Competitive intelligence data is scoped to the customer account or workspace that created it. SpyGlow does not sell customer data and does not use customer competitor lists or generated insights to train public AI models.
Retention and subprocessors are documented in the Privacy Policy. Infrastructure and authentication details are documented on Security and Trust.
The next trust controls.
These are roadmap items, not current compliance claims. They will be moved into shipped controls only after deployment and verification.
Security and legal reviewers can contact Click to show email. We can walk through monitoring boundaries, data handling, and current crawler policy status.