Data Policy

Many of our customers operate in multiple jurisdictions around the world. To ensure a consistent user experience, Skrapp has adopted the GDPR requirements to our entire Website and supports it worldwide. We believe that use of uniform rules will greatly enhance all our customers' ability to comply with the GDPR’s requirements.

1. Identity of the controller

Skrapp PTE. LTD having its registered offices at 160 Robinson Road, #14-04 Singapore Business Federation Centre, Singapore, Singapore 068914.

2. Nature of personal data

We collect the following data:

2.1. Information you give us

For the proper execution of the services we offer through the Website, we collect the following data:

  • Information that allows you to identify when you open your account: name, first name, email address.

  • Information about billing: name, first name, billing date, billing address.

  • Any information you choose to share with us.

2.2. Information we automatically collect when using the Website

When using the Website and for the proper execution of services, we are also likely to collect personal data about you, automatically through the tools and services offered on the Website.

In this context, we are required to collect the following data:

  • Information about how the Website's tools and features are used: We collect information about your interactions with the Website, including the pages or content viewed on the Website, the links you clicked on.

  • Connection information and the devices and devices you use to connect to the Website: We collect device login data when you access and use the Website, including if you haven't opened an account on our Website, including your IP address, login dates and times, unique identifiers, crash data, pages viewed or displayed before or after you logged in.

2.3. Information that our payment service provider collects from you, on our behalf

Financial transactions relating to the payment of product orders are entrusted to a payment service provider who ensures its smooth running and security.

For the needs of payment services, this provider collects the following data, on our behalf:

  • Payment transaction information: credit card numbers, payment date and time, expiration date of payment method, payment amount.

We do have access to data solely relating to payment date and time, expiration date of payment method, payment amount. However, we do not have access to credit card numbers.

3. Purposes of processing personal data

Your personal data is collected and processed to meet one or more of the following purposes:

  1. Manage your access to the Website and services accessible on the Website and their use, as well as respond to any requests regarding your use of the services.

  2. Conduct operations related to the management and monitoring of our relationships with users during the use of our services.

  3. Build a file of registered members and users.

  4. Send newsletters or any informative messages about our news and/or any evolution of our services. In case you do not wish to do so, we give you the right to express your refusal to do so when collecting your data.

  5. Address advertisements, including targeted ads. In case you do not wish to do so, we give you the right to express your refusal to do so when collecting your data.

  6. Develop statistics on the use and attendance of our services.

  7. Optimize the operation and efficiency of the services we offer you.

  8. Respect our legal and regulatory obligations, especially in the fight against bank fraud. As such, we have an obligation to transmit, verify or authenticate your collected information during payment transactions.

We inform you, when collecting your personal data, whether certain data must be required or if it is optional. We will also inform you the possible consequences of a default of response.

The data are collected on the basis of either:

  • Your express consent in order to provide you our services.

  • Our business legitimate interests for suggesting you to use our services or improve our products and services.

  • Legal obligations that we are to comply with.

4. Recipients of data collected and processed

Our company's staff, the supervisory services (including the auditor) and our subcontractors will have access to your personal data.

Public bodies may also receive your personal data, exclusively to meet our legal obligations, court assistants, departmental officers and debt collection agencies.

5. Transfer of personal data

Your personal data will not be subject to transfers, rentals or exchanges for the benefit of third parties, except in the context of the execution of the relations services.

However, you are informed that we reserve the ability to communicate to third parties your fully anonymized and aggregated data, i.e. in a form that does not identify you in any way.

6. Time to store personal data

  1. Regarding data on managing and tracking relationships with users of our services:

    Your personal data will not be kept beyond the time strictly necessary to manage our relationship with you. However, the data to establish proof of a right or contract, which must be retained under a legal obligation, will be retained for the duration provided by the current law.

    We keep your data for up to three years from your data collection or last contact from the user or the closure of your account on the Website.

    At the end of this three-year period, we will be able to contact you again to find out if you would like to continue to receive information about our services.

  2. Your credit card details are kept by our payment service provider, on our name and on our behalf, for the time it takes to complete the transaction.

    Your credit card details are kept by our payment service provider, on our name and on our behalf, for the time it takes to complete the transaction. We do not keep that data.

  3. Regarding the management of opposition lists to be received from prospecting:

    Information to take into account your right of objection is kept for at least three (3) years from the exercise of the right of objection.

  4. Regarding audience measurement statistics:

    Information stored in the users' terminal or any other items used to identify users and allowing their traceability or attendance will not be stored beyond thirteen (13) months.

7. Security

We inform you to take any useful precautions, organizational and technical measures appropriate to preserve the security, integrity and confidentiality of your personal data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorized third parties.

8. Hosting

We inform you that your data is stored for the duration of its retention on the company's servers AWS, located in the USA.

Your data may be transferred outside the European Union as part of the use of the services we offer, in compliance with GDPR’ requirements.

9. Cookies

Cookies are text files, often encrypted, stored in your browser. They are created when a user's browser loads a particular website: the site sends information to the browser, which then creates a

text file. Each time the user returns to the same site, the browser retrieves the file and sends it to the website server.

There are three types of cookies that do not have the same purposes: technical cookies, social media cookies and advertising cookies:

  • Technical cookies are used throughout your browsing, to make it easier and to perform certain functions. For example, a technical cookie can be used to memorize the answers in a form or the user's preferences for the language or presentation of a website, when such options are available.

  • Social media cookies can be created by social Websites to allow website designers to share the content of their site on those Websites. These cookies can be used by social Websites to trace the navigation of Internet users on the website concerned, whether or not they use these cookies.

  • Advertising cookies can be created not only by the website on which the user browses, but also by other websites that show advertisements, ads, widgets or other items on the page displayed. These cookies can be used for targeted advertising, i.e. advertising based on the user's navigation.

We use technical cookies. These are stored in your browser for a period of thirteen (13) months. You can accept them or refuse them.

We use Google Analytics, which is a statistical audience analytics tool that generates cookies to measure the number of visits to the Website, the number of page views and visitor activity. Your IP address is also collected to determine the city from which you log in. The shelf life of this cookie is mentioned in section 6(iv)of this charter.

We remind you for all intents and purposes that you can object to the filing of technical cookies and cookies generated by Google Analytics, by setting up your browser. Such a refusal could, however, prevent the Website from functioning properly.

10. Consent

When you choose to disclose your personal data for the purposes of performing the services we offer through our Website, you expressly give your consent for the collection and processing of these services in accordance with this charter and existing legislation.

11. Access to your personal data

You have the right to access your data (Article 15 of the GDPR) to obtain its communication and if necessary, obtain it, correct or delete it (articles 16 and 17 of the GDPR), through an online access to your file. You can also contact us at e-mail address: support@skrapp.io.

It is recalled that any person may, for legitimate reasons, request the limitation of the processing of the data concerning him (Article 18 of the GDPR) or object to audit treatment (Articles 21 and 22 of the GDPR).

We will inform you that in the event of a correction or erasure of your personal data, as well as the limitation of treatments, made following a request from you, we will notify us of these changes to the people to whom we have communicated your data, unless such communication proves impossible (Article 19 of the GDPR).

12. Portability of your personal data

You have a right to portability of the personal data you have provided to us, understood as the data you have actively and consciously declared in connection with the access and use of services, as well as data generated by your activity in the context of the use of services (Article 20 of the GDPR). We remind you that this right does not relate to data collected and processed on any legal basis other than the consent or execution of the contract binding us.

This right can be exercised free of charge, at any time, including when your account is closed on the Website, in order to recover and retain your personal data.

In this context, we will send you your personal data, by any means deemed useful, in a standard open format commonly used and readable by machine, in accordance with the state of the art.

13. Communication for a breach of personal data

If we find a security breach in the processing of your data that could lead to a high risk to your rights and freedoms, we will notify you as soon as possible (Article 34 of the GDPR). We will tell you about the nature of the violation and the measures put in place to put an end to it.

14. Modifications

We reserve the right, at our sole discretion, to amend this Data policy at any time, in whole or in part. These changes will come into effect as soon as the new policy is issued. Your use of the Website following the entry into force of these amendments will be deemed as an acceptance of the new policy. Failing that, and if this new policy does not suit you, you will no longer have to access the Website.

15. Entry into force

This policy came into force on February 22, 2022

.