Privacy Policy

Last updated: December 15, 2025

1. Introduction

We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use ScrollShots (the “App”). We comply with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

2. Data Controller

The data controller is SM SEAMLESS DIGITAL LTD, operating from the European Union (Cyprus).
Contact: [email protected]

3. Data We Collect

We collect the following data:

• Account data: Email address and name (if provided) when you sign in with Apple, Google, or email/password. Stored securely via Supabase.
• Guest usage: Anonymous identifier (via RevenueCat) if you use the App without signing in.
• Purchase data: Processed through Apple App Store or Google Play Billing (we receive only anonymized transaction info via RevenueCat).
• Analytics: Optional Firebase Analytics (device model, OS version, app events — no personal identifiers).
• Push notifications: Device token for sending notifications.
• Feedback: Name, email, message, platform, and app version when you send feedback.
• Media access: Camera, photo library, and file storage access only when you use features to import/export images or files.
• Local data: Generated content is stored locally on your device. Pro users’ data is synced to our secure database.

4. Legal Basis for Processing (GDPR)

• Contract: To provide the App and its features (purchases, sync).
• Consent: Push notifications, analytics, camera/gallery access.
• Legitimate interest: Improving the App, fraud prevention, feedback processing.

5. Data Sharing

We share data only with trusted processors:

• Apple and Google (authentication and in-app purchases)
• RevenueCat (purchase validation)
• Supabase (authentication and database)
• Firebase (push notifications and optional analytics)

All are GDPR-compliant.

6. Your Rights (GDPR)

You have the right to:

• Access, rectify, or delete your personal data (use “Delete Account” in Settings)
• Withdraw consent (e.g., disable push notifications)
• Object to processing or request restriction
• Data portability
• Lodge a complaint with a supervisory authority

Contact us at [email protected] to exercise these rights.

7. Data Retention

We retain data only as long as necessary:

• Account data: Until you delete your account
• Purchase records: As required by law (typically 7 years)
• Local data: Remains on your device until deleted

8. Security

We use encryption, secure servers, and regular reviews to protect your data.

9. Changes to This Policy

We may update this policy. Significant changes will be notified in-app or via email.

10. Contact Us

For questions: [email protected]