PRIVACY POLICY
Last Updated: October 6, 2025
Thank you for choosing SCRL. We're Appostrophe AB ("we," "us," or "our"), and we're committed to protecting your personal information and your right to privacy. If you have questions or concerns about this policy or our practices, please contact us at scrl@appostrophe.com.
Company Details:
Name: Appostrophe AB
Organization Number: 559065-5048
Address: Stadsgården 6, 116 45 Stockholm, Sweden
Email: scrl@appostrophe.com
Data Protection Officer (DPO):
Appostrophe AB is not required to appoint a Data Protection Officer under Article 37 of the GDPR, as our core activities do not involve large-scale monitoring of individuals or processing of sensitive data. For all privacy-related inquiries, please contact us at scrl@appostrophe.com.
When you use our mobile applications (iOS and Android) and web application, you trust us with your personal information. We take your privacy seriously. This privacy policy explains what information we collect, how we use it, and what rights you have.
This policy applies to all information collected through our Services. Please read it carefully. If you don't agree with this policy, please discontinue use of SCRL.
This policy complies with the EU General Data Protection Regulation (GDPR) and applicable data protection laws.
1. WHAT INFORMATION DO WE COLLECT?
In Short: We collect information you provide to us, information collected automatically when you use SCRL, and information from third parties.
Information You Provide
Account Information:
Email address
One-time password (OTP) codes sent via email
Display name (optional)
Your Content:
Images and photos you upload
Carousels and templates you create
AI prompts you enter
Templates you share publicly
Communications:
Support messages and feedback
Survey responses
Payment Information:
Processed by Apple App Store, Google Play, or Paddle
We receive subscription status and transaction details
We don't see your full payment card details
Information Collected Automatically
In Short: Some information (such as IP address and device characteristics) is collected automatically when you use SCRL.
We automatically collect certain information when you use SCRL:
Device Information:
Device type, model, and manufacturer
Operating system and version
Device identifiers
IP address
Language preferences
Usage Information:
Features you use
Time spent in the app
Actions you take
Crash reports and error logs
Location Information:
General location (country, region) from IP address
We don't collect precise GPS location
Platform-Specific Information:
iOS: Apple ID (subscriptions), IDFA (with ATT consent), push tokens
Android: Google Advertising ID (with consent), push tokens
Web: Browser type, cookies
Advertising Data: When you interact with our ads or install SCRL from an ad:
Click IDs and campaign identifiers
Conversion events (install, trial, subscription)
Attribution data
Device identifiers (IDFA/GAID with consent)
2. HOW DO WE USE YOUR INFORMATION?
In Short: We use your information to provide the Service, improve it, keep it secure, communicate with you, and measure our advertising (with your consent where required).
We use your personal information for the following purposes based on these legal bases under GDPR:
To Provide and Manage the Service (Legal Basis: Contract - Article 6(1)(b))
Create and manage your account
Enable carousel creation and editing
Process your subscription
Provide customer support
Deliver app features
Data used: Email, content, device info, usage data, payment status
Retention: 3 years from last use
To Improve the Service (Legal Basis: Legitimate Interest - Article 6(1)(f))
Understand how people use SCRL
Fix bugs and technical issues
Develop new features
Analyze usage trends
Optimize performance
Data used: Usage data, device info, crash reports (anonymized where possible)
Retention: 3 years, then deleted or anonymized
Your rights: You can object to this processing
To Keep the Service Safe (Legal Basis: Legitimate Interest - Article 6(1)(f))
Detect and prevent fraud
Protect against security threats
Enforce our Terms of Service
Data used: Device info, IP addresses, usage patterns
Retention: Up to 5 years for security records
With Your Consent (Legal Basis: Consent - Article 6(1)(a))
We only do these with your explicit consent:
Marketing Communications:
Send you emails about new features and offers
You can unsubscribe anytime
Personalized Advertising:
Show you relevant ads
Measure ad effectiveness
You can opt out in Settings
Advertising Campaign Measurement:
Measure which ads lead to app installs and trials
Share conversion data with ad platforms (TikTok, Meta, Google, Apple Search Ads)
Optimize our advertising spend
You can opt out via iOS ATT or Android/Web settings
AI Feature Improvement:
Use your prompts to improve AI (opt-in only)
Completely optional
Retention: Until you withdraw consent or 2 years after last interaction
You can withdraw consent anytime in Settings or by contacting us
AI Prompts
When you use AI features, we log your prompts for analytics and improvements. Prompts are associated with a non-identifiable installation ID. Your prompts are NOT used to train our AI unless you explicitly opt in.
Retention: 3 years for analytics
To Comply with Laws (Legal Basis: Legal Obligation - Article 6(1)(c))
Tax and accounting requirements
Respond to legal requests
Comply with court orders
Data used: Whatever is required by law
Retention: As required (typically 7 years for financial records)
3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
In Short: We only share information with your consent, to comply with laws, to provide you with services, or to protect our rights.
We don't sell your personal information. We share data only when necessary:
Service Providers
We share data with trusted third parties who process it on our behalf:
Cloud hosting (AWS, Google Cloud)
Analytics (Firebase Analytics)
Payment processing (Apple, Google, Paddle)
Customer support tools
AI services (process images temporarily, not retained)
All service providers are contractually obligated to protect your data and comply with GDPR.
Advertising Platforms
We work with advertising platforms to measure campaign effectiveness:
TikTok Ads
Meta/Facebook Ads
Google Ads
Apple Search Ads
What we share: Conversion events (install, trial, subscription), click IDs, device identifiers (with your consent), approximate location
Purpose: Understand which advertising campaigns are effective
When You Share Publicly
Template Sharing:
When you share a template publicly, anyone with the link can view it
It may appear in SCRL's template library
You can delete it anytime
You're responsible for ensuring you have rights to share content
Legal Requirements
We may share your data to:
Comply with laws or court orders
Respond to government requests
Protect our rights or safety
Prevent fraud
Business Transfers
If Appostrophe is acquired or merged, your data may be transferred to the new owner. We'll notify you before this happens.
International Transfers
Some service providers are outside the EU. We use Standard Contractual Clauses (SCCs) approved by the EU to ensure adequate protection.
4. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
In Short: We use cookies and similar technologies to make SCRL work and understand how you use it.
Types of Tracking Technologies
Essential (No Consent Needed):
Keep you logged in
Remember settings
Provide security
Enable basic features
Analytics:
Understand app usage
Measure performance
Identify bugs
Used with consent or legitimate interest
Advertising (Consent Required):
Show relevant ads
Measure ad effectiveness
Track conversions
Only active if you consent
Tracking Technologies We Use
| Service | Purpose | Privacy Policy | | ------------------------ | ------------------- | ------------------------------------------------------- | | Firebase Analytics | Usage analytics | Link | | Firebase Crashlytics | Crash reporting | Link | | TikTok Ads | Ad measurement | Link | | Meta Pixel | Ad measurement | Link | | Google Ads | Ad measurement | Link | | Apple Search Ads | Ad measurement | Link |
Managing Tracking
iOS:
Settings > Privacy & Security > Tracking
Or manage per-app
Android:
Settings > Privacy > Ads
Toggle "Opt out of Ads Personalization"
Web:
Use our cookie banner
Or adjust browser settings
In-App:
Settings > Privacy to manage preferences
5. HOW LONG DO WE KEEP YOUR INFORMATION?
In Short: We keep your information only as long as necessary, then delete or anonymize it.
| Data Type | Retention Period | | ---------------------- | ---------------------------------- | | Account data | 3 years after last use | | Content you create | Until you delete it + 30 days | | Backups | Up to 90 days | | Usage analytics | 3 years | | Marketing data | Until opt-out + 2 years | | Payment records | 7 years (legal requirement) | | Support tickets | 3 years | | Public templates | Until you delete them |
When retention periods expire, data is permanently deleted or anonymized.
6. HOW DO WE KEEP YOUR INFORMATION SAFE?
In Short: We protect your information through technical and organizational security measures.
We implement appropriate security measures:
Technical:
Encryption in transit (TLS/SSL) and at rest
Secure authentication
Regular security testing
Firewalls and monitoring
Organizational:
Access controls
Employee training
Confidentiality agreements
Incident response procedures
However, no system is 100% secure. You should:
Use a strong password
Keep your device updated
Use secure connections
Report suspicious activity
7. DO WE COLLECT INFORMATION FROM MINORS?
In Short: We don't knowingly collect data from anyone under 16 years of age.
SCRL is not intended for children under 16. We don't knowingly collect data from children. If we learn we've collected data from someone under 16, we'll delete it promptly.
If you're under 16, don't use SCRL. Parents: if you believe your child has provided us with data, contact us at scrl@appostrophe.com.
8. WHAT ARE YOUR PRIVACY RIGHTS?
In Short: In regions like the EU, you have rights that give you greater access to and control over your personal information.
Under GDPR, you have the following rights:
Right to Access: Get a copy of your data
Right to Rectification: Correct inaccurate data
Right to Erasure: Request deletion of your data
Right to Restriction: Limit how we use your data
Right to Data Portability: Receive your data in a portable format
Right to Object: Object to certain types of processing
Right to Withdraw Consent: Take back consent anytime
Right to Complain: File a complaint with a supervisory authority
How to Exercise Your Rights
Email us: scrl@appostrophe.com
Include: Your name, email, which right you want to exercise
Response time: Within 1 month
It's free unless your request is excessive
To Access or Delete Your Data
Access: Email scrl@appostrophe.com with "Access Request"
Delete: Delete account in app settings OR email scrl@appostrophe.com
To Complain
Swedish Authority:
Name: Integritetsskyddsmyndigheten (IMY)
Website: www.imy.se
Email: imy@imy.se
You can also contact the authority in your EU country.
9. CONTROLS FOR DO-NOT-TRACK FEATURES
We don't currently respond to Do-Not-Track (DNT) browser signals. No uniform standard for DNT has been finalized. If a standard is adopted that we must follow, we'll inform you in an updated policy.
10. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
In Short: Yes, California residents have specific rights under CCPA.
If you're a California resident, you have rights under the California Consumer Privacy Act (CCPA):
Right to know what data is collected
Right to know if data is sold or disclosed
Right to opt-out of sale (we don't sell data)
Right to deletion
Right to non-discrimination
To exercise CCPA rights: Email scrl@appostrophe.com with "California Privacy Rights"
11. DO WE MAKE UPDATES TO THIS POLICY?
In Short: Yes, we'll update this policy as necessary to stay compliant with laws.
We may update this policy from time to time. Changes will be indicated by an updated "Last Updated" date.
For material changes, we'll notify you by:
Email
In-app notification
Prominent notice