About ScopeGrid

Built for UK MSPs. Secure, compliant, and transparent.

ScopeGrid is a UK-based company. Data stays in the UK; authentication is in the EU. We follow GDPR and least-privilege best practices, including Microsoft GDAP.

Our story

ScopeGrid was born out of frustration. As a technician at a managed service provider, I spent hours every week hopping between portals — checking backup statuses in one tool, agent health in another, licence counts in a third — just to get a picture of where each client stood.

There was no single pane of glass. The data existed, scattered across a dozen vendor dashboards, but nobody had stitched it together in a way that was actually useful for the people running the MSP day to day.

So I built one. ScopeGrid reads your PSA agreements to build a product catalogue per client, then layers on live data from your security, backup, networking, and RMM tools. The result is custom dashboards, smart alerts, and scheduled reports — all from one place, with no agents to deploy.

Security & Compliance

Your data, protected

UK Data Residency

Hosted on Vercel (UK region) with Postgres on Neon (London). All data encrypted in transit and at rest.

  • UK data centres
  • TLS everywhere, AES-256 at rest

GDPR (UK/EU)

We operate as a data processor with a clear DPA, minimal retention, and rapid breach-notification commitments.

Least-Privilege & GDAP

Microsoft Granular Delegated Admin Privileges (GDAP) ready. Explicit consent, minimum permissions.

  • Zero-trust principles
  • You remain in control

UK Company & Standards

Founded by a former MSP technician turned software developer. ISO 27001 on our roadmap.

  • Built in the UK, for UK MSPs

How we handle your data

Data Processor role

ScopeGrid acts as a data processor on behalf of your organisation (the controller). We only process data as instructed — to power dashboards, alerts, and reports — and never sell or share it with third parties.

Encryption

All integration credentials are encrypted at rest with AES-256-GCM. All network traffic uses TLS 1.2+. Database connections are encrypted end-to-end.

Minimal retention

We fetch data from your integrations on demand or via scheduled syncs. We only persist what's needed to power alerting and reporting. You can disconnect an integration at any time to stop data flow.

FAQ

Common questions

Where is my data stored?

UK regions for the application and database (Vercel UK, Neon London). Authentication runs in the EU via Azure AD. Other regions are planned.

Are you PSA-agnostic?

Yes — ConnectWise Manage and HaloPSA today. We detect products and services with minimal setup. More PSAs are on the roadmap.

Do you help with onboarding?

Absolutely. We'll integrate your PSA, tune product matchings, and get you live quickly.

What security certifications do you have?

ISO 27001 is on our roadmap. Today we follow GDPR and least-privilege best practices, encrypt all data at rest with AES-256-GCM, and enforce TLS everywhere.

Can I export my data?

Yes. You can export all data at any time. If you cancel, we retain data for 30 days before permanent deletion, giving you time to request an export.

Ready to see it in action?