Privacy Policy for ScrollRoam.com
1. Introduction
ScrollRoam.com (“we,” “us,” or “our”) is firmly committed to protecting and respecting your privacy. As a privacy-first organization, we adhere to the highest standards of data protection, including the requirements outlined in the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA,” as amended by the CPRA). This Privacy Policy sets forth how we collect, use, disclose, and protect your information when you interact with our website, products, and associated services.
We recognize the importance of safeguarding your personal data and are committed to processing it lawfully, fairly, and transparently.
2. Scope of This Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data processed via https://scrollroam.com and through our affiliated services. For the purposes of applicable data protection laws, ScrollRoam.com acts as the Data Controller of the personal information submitted through our website or otherwise collected during the course of providing our services.
This policy governs data collected from users located both inside and outside of the European Economic Area (EEA), in accordance with applicable laws.
3. Categories of Data Processed
We collect and process various categories of personal data, including but not limited to:
a. Usage Data
Information about how you interact with the site, including your browser type, IP address, referral URL, pages accessed, session duration, and geolocation data. This enables us to analyze trends and optimize functionality.
b. Account Data
Information you provide when creating an account, such as your full name, email address, mailing address, and telephone number.
c. Profile Data
Details that help personalize your user experience, including purchase history, interests, saved preferences, and account behavior.
d. Communication Data
Records of all communications with us, including support tickets, contact form submissions, email correspondences, and live chat transcripts.
e. Technical Data
Device information such as the device model, operating system, browser settings, time zone settings, and mobile network data.
f. Transaction Data
Details related to purchases or paid services, including payment method data (processed securely via third parties), delivery addresses, and invoicing records.
g. Preference Data
Marketing and communication preferences as set by you, including whether you have opted into promotional materials and your expressed interests in certain services or products.
4. Legal Bases for Processing
We process your personal data only where legally permitted under GDPR Article 6 and CCPA provisions. These bases may include:
– Legitimate Interest: For improving our service, conducting analytics, preventing fraud, and ensuring network security.
– Performance of a Contract: When necessitated by user-initiated transactions or service agreements.
– Consent: Where you have affirmatively agreed (e.g., subscribing to newsletters or accepting cookies).
– Legal Obligation: Where required to comply with laws, regulations, or lawful governmental requests.
5. Your Rights
Depending on your jurisdiction, you may be entitled to the following rights regarding your personal data:
– Access: Request information about the categories and specific pieces of personal data we hold about you.
– Rectification: Request corrections of inaccurate or incomplete personal data.
– Erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to applicable legal retention obligations.
– Restriction: Request limited processing of your data under certain conditions.
– Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
– Objection: Object to processing where we rely on legitimate interests or for direct marketing purposes.
To exercise any of the above rights, please contact us at [email protected]. Verification of identity may be required to process your request.
6. Security Measures
We implement robust administrative, technical, and physical security measures to protect your data, including:
– TLS encryption of data in transit
– Role-based access control and system authentication
– Secure data backups and failover systems
– Periodic staff training on data security and privacy principles
– Auditing procedures and vulnerability assessments
While we strive to use commercially acceptable means to protect your information, no method is 100% secure and we cannot guarantee absolute security.
7. International Transfers
Your personal data may be transferred to and processed outside of your country of residence, including to locations that may not provide the same level of data protection as your jurisdiction. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, and we comply with all regional regulatory requirements.
8. Data Retention
We retain your personal data only as long as necessary for the purposes for which it was collected, including to meet legal, regulatory, tax, accounting, or reporting requirements. Retention periods vary depending on data category:
– Account and Profile Data: Retained for the duration of your active account and up to 2 years following account closure.
– Transaction Data: Retained for a minimum of 7 years in line with applicable financial laws.
– Communication Records: Retained for 3 years following the last interaction.
– Usage and Technical Data: Retained for up to 12 months for analytics and security assessments.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance functionality and deliver a more personalized experience. These include:
– Essential Cookies: Required for core site functions and security.
– Functional Cookies: Enable personalization and remembered settings.
– Analytics Cookies: Help us understand site performance and user behavior through aggregated data (e.g., Google Analytics).
– Performance Cookies: Optimize content delivery and load times.
10. Cookie Management and Compliance with GDPR & CCPA
We offer you full control over your cookie preferences when you first visit scrollroam.com. You may:
– Accept or reject non-essential cookies via the cookie consent banner.
– Change your preferences at any time through our Cookie Settings tool.
– Use browser settings to block or delete cookies.
Under GDPR and CCPA, you have the right to opt out of cookie-based tracking and targeted advertising. We honor “Do Not Track” signals and Global Privacy Control frameworks where available.
11. Children’s Privacy
Our services are not directed to, and we do not knowingly collect personal information from, children under the age of 13. If we learn that we have collected such data without verifiable parental consent, we will take appropriate steps to delete it without delay. Parents or legal guardians who believe their child may have submitted personal data should contact us via [email protected].
12. Policy Updates and Notifications
We reserve the right to make changes to this Privacy Policy at our discretion and in accordance with relevant legal obligations. When modifications occur, we will update the content on this page and, where appropriate, provide you with direct notification (e.g., via email or on-site notice).
We encourage you to review this policy periodically to stay informed on how your personal information is being protected.
13. Contact Us
If you have any questions, concerns, or wish to exercise your data protection rights, please contact:
Data Privacy Team
ScrollRoam
Email: [email protected]
We are committed to resolving any privacy concerns you may have in an efficient and lawful manner.
—
ScrollRoam.com is fully committed to ensuring compliance with global data protection standards, including GDPR, CCPA, and similar frameworks. We encourage users with privacy-related inquiries to reach out to us directly for clarification or further support at [email protected].