Last update date: 03/11/2021
Scroble (“Scroble”, “we”, “our”, or “us”) attaches the appropriate importance to respecting your privacy and undertakes to process your personal data in accordance with the regulations in force applicable to the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter “R.EU 2016/679”) applicable as of 25 May 2018, and the Act of 1 August 2018 on the organisation of the National Commission for Data Protection and the general data protection regime.
To support our commitment to privacy, we have adopted a set of binding corporate policies.
Table of contents:
Personal data means any data relating to an identified or identifiable natural person. Further: an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
We collect personal data in various ways:
– In the execution of contractual obligations to which Scroble is committed,
– In order to answer questions that may have been submitted to Scroble in order to find out about its various services,
– As part of the normal management of Scroble as a commercial enterprise under Luxembourg law (administrative management, personnel management, etc.).
Prior to accessing or using our Services, please read this policy and make sure you fully understand our practices in relation to your Personal Information.
The controller is Scroble S.A., a Luxembourg public limited liability company (Société Anonyme), having its registered office at L-1840 LUXEMBOURG, 47, Boulevard Joseph II, registered with the Luxembourg Trade and Companies Register under number B227706, having the VAT number LU 31031258 and Business Authorisation Number N10095778 granted by Ministry of Economy, represented by Mrs Anna Salewski, Founder and CEO.
Scroble has appointed an external data protection officer (DPO). The DPO is responsible for ensuring compliance with the provisions of EU Regulation 2016/679. The Data Protection Officer ensures that the rights of individuals whose data is processed by Scroble are respected.
His contact details are: firstname.lastname@example.org .
When a person creates an Business Account (SCROBLE Platform), uses SCROBLE Website, downloads a software (SCROBLE Application), contacts or interacts with SCROBLE (e.g., Scroble’s support tickets, emails), SCROBLE may collect and process a variety of information, including:
– Identification data of persons (such as Visitors’ and Users’) concerned by the execution of contractual and legal obligations of Scroble.
– Account information. Person’s account ID and related account details, including email address, devices registered, account status, age (if provided)
– Device information. Data that identifies a device, including online identifier like IP addres
– User network information. Data to whom user is sharing his/her profile (other users of the Platform as well as external users)
– Personal Information, such as name, email address, phone number, payment information (for Users with Paid Services), information you include in your communications with us and with other users on our platform, and Personal Information contained in scanned identification documents (such as an ID card, driver’s license, passport, or official company registration documents).
– Language of communication.
– IDs of your different social networks such as Facebook, Twitter, LinkedIn etc…
When you visit, download, and/or use any of our Services, we may collect aggregated usage Personal Information, such as Visitors’ and Users’ browsing and ‘click-stream’ activity on the Services, session heatmaps and scrolls, non-identifying Personal Information regarding the Visitor’s or User’s device, operating system, internet browser, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, etc…
More generally, the purposes of the processing of personal data explained above are – in accordance with Articles 6 and 9 of the General Data Protection Regulation (“GDPR”) – all founded on one of the following legal bases:
Scroble uses the data for the following purposes:
6.1 The main recipient of your data is Scroble.
6.2 However, we may disclose your personal data to (a) public institutions and authorities, (b) subcontractors (e.g. for the management of our website and platform) and (c) other third parties with whom Scroble has an interest in collaborating to ensure the provision and continuity of services. In this case, Scroble ensures that the recipients of personal data respect confidentiality or are subject to an appropriate legal obligation of confidentiality and comply in particular with the conditions of the GDPR. These include hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, billing and payment processing services, domain name registrars, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session recording and remote access services, performance measurement, data optimization and marketing services, content providers, and our legal and financial advisors (collectively, “Third Party Service Provider(s)”).
6.3 In addition, should Scroble or any of its affiliates undergo any change in control, including by means of merger, acquisition or purchase of substantially all of its assets, your Personal Information may be shared with the parties involved in such event.
6.4 The Scroble Services enable you, through different techniques, to engage and procure various third party services, products and tools for enhancing your web or mobile sites, including, without limitation, applications and widgets offered to you by third parties through the Scroble Website (including the Scroble App Market), eCommerce payment providers etc. (collectively, “Third Party Services”). If you choose to engage with such Third Party Services, they may have access to and process Personal Information of your Users-of-Users collected through your web or mobile sites.
6.5 SCROBLE uses Personal Data to provide services, to communicate with users and 3rd parties, for security and fraud prevention, and to comply with law. SCROBLE may use Personal Data for other purposes based on user consent
In principle, we do not transfer your data to entities outside the European Union.
However, if during the execution of performing our contractual obligations your data is transferred outside the European Union, we will make sure that (i) there is a level of protection deemed adequate by the European Commission or (ii) that the relevant Standard Contractual Clauses are in place.
Personal Data is processed by trusted partners (Computing and Storage Services provided by Microsoft Azure platform). The servers for the Geography Europe (used by Scroble) are located in Ireland and Netherlands. More information can be found here https://azure.microsoft.com/en-us/global-infrastructure/data-residency/#overview
SCROBLE does share user contact information to partners upon user consent is given. SCROBLE does share Anonymised Data.
Scroble may be required to disclose personal data to comply with applicable laws or at the request of an authority, or in the context of legal proceedings, for example to respond to complaints and/or claims, to protect the rights or interests of Scroble, or its customers.
We will retain your personal data for the purposes for which it was collected, generally for the duration of a contractual relationship, respectively in accordance with the various applicable legal provisions.
More generally, personal data is deleted within one year unless (a) extended/ longer retention is required on the basis of applicable law, (b) it is considered important or in defence of the legitimate interests of Scroble, the customer or supplier, or (c) there is an agreement on further retention between the customer and Scroble.
Specifically in relation to recruitment
Where Scroble processes your personal data following a job application, this data will be deleted as soon as the recruitment process is complete, i.e. as soon as the position is actually filled. However, if Scroble believes that there is a particular interest (such as a similar position opening in the near future within Scroble) in retaining your personal data for a longer period not exceeding one year, Scroble will seek your consent to such retention.
When Scroble processes your personal data following an unsolicited application, Scroble informs you that this data will be kept for a maximum period of one year.
We take appropriate technical, physical, and organisational measures reasonably designed to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access and from any other form of unlawful processing. Access to personal data is restricted to authorised recipients on a need-to-know basis. We operate a comprehensive data security programme commensurate with the risks associated with the processing. This programme is constantly adapted to mitigate operational risks and to ensure the protection of personal data, considering accepted industry practices. We will also use enhanced security measures when processing any sensitive personal information. We take the following measures to safeguard data at SCROBLE (including Personal Data) measures:
– Administrative – by use of information security management program;
– Technical – data in transit protected by TLS protocol; data at rest by data is encrypted on all media;
– Physical by managing access to SCROBLE premises.
Among other things, we offer HTTPS secure access to most areas on our Services; the transmission of sensitive payment information (such as a credit card number) through our designated purchase forms is protected by an industry standard SSL/TLS encrypted connection; and we regularly maintain a PCI DSS (Payment Card Industry Data Security Standards) certification. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways and Third-Party Services for further enhancing the security of our Services and protection of our Visitors’ and Users’ privacy.
Regardless of the measures and efforts taken by Scroble, we cannot and do not guarantee the absolute protection and security of your Personal Information, your Users-of-Users’ Personal Information or any other information you upload, publish or otherwise share with Scroble or anyone else. We encourage you to set strong passwords for your User Account, and avoid providing us or anyone with any sensitive Personal Information of which you believe its disclosure could cause you substantial or irreparable harm. Furthermore, because certain areas on our Services are less secure than others (for example, if you set your Support forum ticket to be “Public” instead of “Private”, or if you browse to a non-SSL page), and since e-mail and instant messaging are not recognized as secure forms of communications, we request and encourage you not to share any Personal Information on any of these areas or via any of these methods.
10.2 Communications from Scroble
Promotional messages: We may use your Personal Information to send you promotional content and messages by e-mail, text messages, notifications within our platform, marketing calls and similar forms of communication from Scroble or our partners (acting on Scroble’s behalf) through such means. If you do not wish to receive such promotional messages or calls, you may notify Scroble at any time or follow the “unsubscribe” or STOP instructions contained in the promotional communications you receive.
Service and billing messages: Scroble may also contact you with important information regarding our Services, or your use thereof. For example, we may send you a notice (through any of the means available to us) if a certain Service is suspended for maintenance; reply to your support ticket or e-mail; send you reminders or warnings regarding upcoming or late payments for your current or upcoming subscriptions; forward abuse complaints regarding your User Website; or notify you of material changes in our Services. It is important that you are always able to receive such messages. For this reason, you are not able to opt-out of receiving such Service and Billing Messages unless you are no longer a Scroble User (which can be done by deactivating your account). We may also contact you with service and billing-related messages and content. You will not be able to opt-out of receiving such messages.
About children: Our websites are not intended for children. In any event, we do not use our sites to knowingly solicit personal data from children. If we become aware that a child has provided personal data through one of our websites, we will remove that data from our systems.
Partial or complete refusal of statistical and/or technical cookies will limit the availability of the content and functionality of the site. By continuing to browse our site without any special settings on your web browser, you authorise us to use any cookies.
Scroble believes that it is imperative that all Scroble users have control over their Personal Information. Therefore, depending on the way you use the Scroble Services, you may have the right to request access to, receive a copy of, update, amend or delete, port certain Personal Information to another service, restrict, or object to certain uses of your Personal Information (for example, for direct marketing purposes). Further, when we rely on your consent for processing of your Personal Information (for instance, for direct marketing) you can withdraw your consent at any time, and such withdrawal will take affect from thereon. Scroble will not charge you more if you exercise any of these rights and will continue to provide you with the same level of service.
If you are a Scroble user, you can access and correct a lot of your Personal Information directly through your account, or via online forms Scroble makes available to you (as detailed below).
You can also exercise your rights by sending your request to support@Scroble.com, mailing it to Scroble S.A., 47 Bvd Joseph II., 1830 Luxembourg.
When we receive your right request, we may take steps to verify your identity before complying with the request to protect your privacy and security. Before fulfilling your request, we may ask you for additional information in order to confirm your identity and for security purposes.
We reserve the right to charge a fee where permitted by law (e.g. if your request is unfounded or excessive).
In case of difficulties in exercising these rights, you also have the right to lodge a complaint with the National Commission for Data Protection ( the “CNPD”).
Please note that permanently deleting your Scroble account erases all your Personal Information from Scroble’s databases. After completing this process, you can no longer use any of your Scroble Services, your account and all its data will be removed permanently, and Scroble will not be able to restore your account or retrieve your data in the future. If you contact our support channels in the future, the system will not recognize your account and support agents will not be able to locate the deleted account.
12.1 Scroble declines all responsibility for the accuracy and updating of the data made available to any person consulting our website accessible to the public, as well as the data made available to Scroble clients on our website accessible only to Scroble clients.
12.2 Scroble reminds you that the information made available on our website accessible to the public is available to any person who is not only in a country of the European Union subject to the applicable legislation on the protection of personal data, but also in a country outside the European Union which does not necessarily guarantee the same level of protection of personal data. Even if Scroble implements appropriate technical and organisational measures to ensure data protection, including against unauthorised access or inappropriate use by third parties, Scroble shall not be held liable for the use of data communicated to Scroble by third parties for purposes other than those initially intended. Consequently, Scroble invites users transmitting information as a client of Scroble, or as a user for the purposes of communicating information via our website, not to communicate so-called sensitive data, and more generally any data that is not intended to be made public.
12.3 Scroble may collect, store and process certain Personal Information of Users-of-Users (“Users-of-Users Information”), solely on our Users’ behalf and at their direction.
For example, each of our Users can import their e-mail contacts from third-party services like Gmail, or otherwise collect and manage contacts via their User Website. Such contacts are then stored with Scroble, on the User’s behalf. For such purposes, Scroble serves and shall be considered as a “Processor” and not as the “Controller” (as both such capitalized terms are defined in the GDPR of such Users-of-Users Information.
The Users controlling and operating such User Websites shall be considered as the “Controllers” of such Users-of-Users Information and are responsible for complying with all laws and regulations that may apply to the collection and control of such Users-of-Users Information, including all privacy and data protection laws of all relevant jurisdictions.
The Processing of the Users-of-users’ Personal Information shall take place within the territory of the European Union or a third country, territory or one or more specified sectors within that third country of which the European Commission has decided that it ensures an adequate level of protection, and such processing and transfer will be in accordance to the Data Processing Addendum – Users (“DPA”). Any transfer to and Processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be conducted under an approved transfer mechanism, as detailed in the DPA.
12.4 Users-of-users’‘Personal Information’
Scroble may collect, store and process certain Personal Information of Users-of-Users (“Users-of-Users Information”), solely on our Users’ behalf and at their direction.
For example, each of our Users is able to import their e-mail contacts from third-party services like Gmail, or otherwise collect and manage contacts via their User Website. Such contacts are then stored with Scroble, on the User’s behalf. For such purposes, Scroble serves and shall be considered as a “Processor” and not as the “Controller” (as both such capitalized terms are defined in the GDPR of such Users-of-Users Information.
The Users who control and operate such User Websites shall be deemed the “Controllers” of such User Information and are responsible for compliance with all laws and regulations that may apply to the collection and control of such User Information, including all privacy and data protection laws of all relevant jurisdictions.
Scroble accepts no responsibility for the processing of User Information within the European Union or any third country, territory, or specific sector(s) of that third country. Any transfer and processing in a third country outside the European Union that does not provide an adequate level of protection according to the European Commission will be carried out under an approved transfer mechanism as detailed in the DPA.
Scroble accepts no responsibility for the processing of data by users of users, including with respect to the security, integrity and authorized use of personal information, as well as for obtaining consents, authorizations and providing all necessary data subject rights and fair processing notices required for the collection and use of such personal information. Scroble cannot provide legal advice to Users or their Users-of-Users, however we do recommend that all Users publish and maintain clear and comprehensive privacy policies on their User Websites in accordance with any applicable laws and regulations, and that all Users-of-Users carefully read those policies and make sure that they understand and, to the extent required by applicable law, consent to them.
If you are a visitor, user or customer of any of our Users, please read the following: Scroble has no direct relationship with Users-of-Users whose Personal Information it processes. If you are a visitor, user or customer of any of our Users, and would like to make any requests or queries regarding your Personal Information, please contact such User(s) directly. For example, if you wish to request to access, correct, amend, or delete inaccurate Personal Information processed by Scroble on behalf of its Users, please direct your query to the relevant User (who is the “Controller” of such data). If Scroble is requested by our Users to remove any Users-of-Users’ Personal Information, we will respond to such requests in a timely manner upon verification and in accordance with applicable law (for example, thirty (30) days under the GDPR).
You may also contact us by mail at Scroble S.A., 47 Bvd Joseph II, 1830 Luxembourg.
We reserve the right to correct, amend and update this privacy statement at any time.