Home
Features
Pricing
Contact

Privacy Policy

Effective Date: June 11, 2025 (Last Updated: June 11, 2025)

Scrambl, LLC ("Scrambl", "we", "us" or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information about you in connection with our website and all related services, including the Scrambl platform (collectively, the "Service"). It also explains your rights and choices regarding your personal information. By using the Service or by otherwise providing us with your personal information, you agree to the collection and use of your information as described in this Privacy Policy. If you do not agree with our practices, please do not use the Service.

1. Scope and Roles

Scope: This Privacy Policy applies to personal information that we collect through the Service (for example, information you provide when signing up on scrambl.com or data collected when you use our web application). It also applies to personal information we collect through other interactions with you, such as when you communicate with us for support.

Controller vs. Processor: Scrambl provides a business platform to customers (businesses and professionals) who may upload or enter personal data into the Service about themselves, their team members, or their own clients ("Customer Data"). In privacy terms, Scrambl is the "data controller" of personal information that we collect directly from our users (like account registration details and website analytics data). However, for much of the Customer Data that our users input into the platform, Scrambl acts as a "data processor" or "service provider" on behalf of our customers, who are the data controllers of that content. This distinction is important:

  • If you are an individual who interacts with a business that uses Scrambl (for example, your employer uses Scrambl to manage projects and stores your information, or a company you work with keeps your contact info in their Scrambl client database), that business is responsible for the personal data it collects and stores in Scrambl. We only process that data on the business's instructions. Any questions or requests regarding that data should be directed to the respective business (our customer).
  • For account holders and direct users of Scrambl: we act as the controller of the personal data you provide to create an account and the data we collect about your usage of the Service. This Policy describes how we handle that information. (For Customer Data you upload, we handle it per our contract with you and as described here, but you are responsible for ensuring you have any necessary rights or consents to include personal data of others in the Service.)

2. Information We Collect

LAST UPDATED: June 11, 2025

We collect several types of information, including personal information, when you use our Service or communicate with us.

a. Information You Provide to Us:

Account Registration Data: When you sign up for Scrambl, we collect information such as your name, email address, and password. If you register on behalf of a company, we may also collect your company/organization name, your role or title, and similar details.

Profile and Contact Information: You may provide additional profile information after registration (like a profile photo, phone number, or department). If you invite team members or colleagues, you will provide their email addresses or other contact details (please ensure you have their permission to do so).

Billing Information: If you subscribe to a paid plan, we (via our payment processor) collect billing details. This includes your payment card information (cardholder name, card number, expiration, etc.), billing address, and possibly tax identification (e.g., VAT number for business customers in certain countries). Note: We use Stripe to process payments, so your sensitive payment details (like full credit card number) are provided directly to Stripe and not stored on our systems. We may receive limited billing information from Stripe (such as the last four digits of your card, the card's expiration, and confirmation that payment was made).

Customer Data You Input: When using Scrambl, you might input or upload various data that may contain personal information. This can include:

  • Project and Task Data: e.g. descriptions of projects, task assignments, deadlines, which might include names or initials of people involved.
  • Time Tracking and Invoicing Data: e.g. timesheet entries, hourly rates, invoices that include client contact info or billing details.
  • Client and Lead Information: If you use the CRM features, you may input personal information about your clients or leads (names, contact info, company, notes on interactions, etc.).
  • Files and Attachments: You may upload files which could contain personal data (for example, an image of a receipt with a person' name, or a document listing employee details).
  • Team Workspace Content: Comments, messages, calendar events, or forms that may include personal info of you or others.

Please note that any personal information contained in Customer Data is generally under your control. You should avoid uploading or sharing any personal data that is highly sensitive or not necessary for your use of the Service, and ensure you have the right to use any personal data in this manner.

Communications and Support: If you contact us directly (via email to hello@scrambl.com or through support channels), we will collect the information you provide in the inquiry. This may include your contact information, the content of messages, screenshots or files you send us, and other information helpful to resolving your request. We will also keep records of our communications with you (such as support tickets or email correspondence).

Surveys and Feedback: We may occasionally offer surveys, request feedback, or run promotions. If you choose to participate, you may provide us with certain information as part of those activities (for example, feedback comments or survey responses, which might be anonymous or might be linked to your account). Participation in these is voluntary.

b. Information We Collect Automatically:

When you use our Service (including just visiting our website), certain information is collected automatically about your device and usage of the Service. This includes:

Usage and Log Data: We collect information about your interactions with the Service, such as the features you use, pages you view, links you click, files you upload, and the time, frequency and duration of your activities. For example, we might log when you last logged in, which projects you access, or any error messages or crashes you encounter.

Device and Technical Data: We collect information about the device and software you use to access the Service. This may include your IP address, browser type and version, device type (e.g., desktop or mobile), operating system, device identifiers, and general region/location (e.g., city or country). We also log information like the website you came from or referer (if any), and the website you visit next (if you click an external link on our Service).

Cookies and Similar Technologies: We and our service providers use cookies, beacons, and other tracking technologies to collect information on our website and application. Cookies are small text files placed on your device to remember your preferences and activity. For example:

  • We use authentication cookies to keep you logged in as you navigate through the app.
  • We use preferences cookies to remember your settings (like language or time zone).
  • We use analytics cookies (like those from Google Analytics or similar tools) to understand how users arrive at and use our website, so we can improve the user experience and performance. These cookies collect information such as which pages you visited and how long you spent on them.
  • We do not currently use cookies for third-party advertising on Scrambl (we do not run third-party ads), but if we ever do, we will update our cookie practices accordingly.

You can control or delete cookies through your browser settings. However, be aware that if you disable certain cookies, the Service may not function properly (for instance, you may not be able to stay logged in). For more details, please see our Cookies notice (if provided) or contact us.

Do Not Track: Our Service does not currently respond to "Do Not Track" signals from browsers. If we develop our services to do so in the future, we will update this policy.

c. Information from Third Parties:

We may receive information about you from third-party sources in certain situations:

Third-Party Integrations: If you choose to integrate or sign in via a third-party service, we may receive information from that service. For example, if in the future we allow "Sign in with Google" or a similar OAuth login, we would receive your name and email from Google to authenticate you. Or if you connect QuickBooks, we might receive data from your QuickBooks account that you authorize us to access (like client or invoice information).

Referrals: If someone (such as a colleague) invites you to use Scrambl, they may provide us with your name and email address to send an invitation. We use that information only to send the invite and will not send further communications unless the invited person engages with us.

Service Providers and Analytics: Our analytics providers (like Google Analytics) may provide us with aggregated demographic or interest data about our website users as part of their service, which we may use to better understand our user base. This information is generally not identifiable to a specific person.

Public Sources and Marketing Partners: We might obtain business contact information from public websites or third-party data providers for potential marketing purposes, but if we do so, we will ensure any outreach is done in compliance with applicable laws and provide an easy opt-out.

3. How We Use Your Information

LAST UPDATED: June 11, 2025

We use the collected information for various purposes in operating our business and providing the Service to you. Specifically:

To Provide and Maintain the Service: We process your information to create and manage your account, authenticate you when you log in, and operate the core functionality of Scrambl. For example, we use the information you input (projects, tasks, clients, etc.) to display it back to you and your authorized users, to generate invoices, to track time entries, and so forth. Essentially, your data is used to perform the features you request.

To Facilitate Payments: We use your billing information and personal details to process subscription payments and any other transactions you authorize. (As noted, sensitive payment info is processed via Stripe, but we use your info to communicate with Stripe and to keep records of your subscriptions or purchases.)

To Communicate with You: We use your contact information (email, phone if provided) to send you service-related communications. These include:

  • Account and Service Messages: confirmations of sign-up, billing receipts, password reset emails, security alerts (like new device login), and important service announcements (such as scheduled maintenance or updates to terms).
  • Customer Support: if you contact us with an issue, we will use your name and email to communicate with you and use any information you gave us to resolve your request.
  • Product Updates and Offers: We may send you occasional emails about new features, tips on using Scrambl, or promotions (if you have opted in or if you are a business contact who hasn't opted out). You can unsubscribe from marketing emails at any time by clicking the "unsubscribe" link in those emails or contacting us. (Note: transactional and account-related emails are not subject to general unsubscribe, as they are necessary for the Service.)

To Provide Team and Collaboration Features: If you are part of an organization on Scrambl, some of your information (like name, email, avatar) may be visible to other users in your organization for collaboration purposes. For example, when you assign a task to a teammate, they see that you (by name) assigned it. Team members can see each other' entered work data by design. This is intrinsic to how the Service works. We may use your information to facilitate these sharing features based on the settings and permissions in your organization's account.

To Personalize and Improve the Service: We analyze usage data and feedback to understand how our Service is used and to make improvements. This helps us troubleshoot issues, optimize the user interface, and develop new features. For instance, we might use your usage logs to detect slow-loading pages and then improve our code. We might also use cookies to remember your preferences (like default project view) to give you a more personalized experience.

To Develop New Features (Including AI Features): We continuously work on new tools and enhancements. Your data (in aggregate or anonymized form where possible) helps us train and refine these features. For example, we might analyze common patterns in task descriptions to improve an AI suggestion feature. If we introduce AI-generated content features using third-party AI services (like OpenAI), we will use your prompts or relevant data strictly to get the output for you, not to train the AI model (unless you explicitly opt-in to such use). Any such processing will be done carefully and with privacy safeguards (see the Third-Party Services section).

For Security and Abuse Prevention: We may use information (especially technical and usage data) to monitor for suspicious or fraudulent activity, to detect violations of our Terms of Service, and to protect the security and integrity of our platform. This can include automated spam detection, verifying logins (e.g., flagging if an account is accessed from an unusual location), and preventing misuse of the Service.

To Comply with Legal Obligations: If we are legally required to retain or disclose certain information (for example, under tax law, we might need to keep billing records; under data protection law, we might need to respond to requests from users exercising their rights), we will use and retain data as necessary to comply. We may also use your information to fulfill reporting or auditing requirements, or to enforce our agreements or protect our legal rights (for instance, using data to investigate a breach of our Terms).

Aggregated and Anonymized Insights: We may combine and anonymize data from many users to generate broad insights. For example, "average number of projects per user" or "percentage of users in each industry". These aggregated statistics do not identify individuals and may be used for research, marketing, or publication. (If we ever publish such statistics or trends, they will not contain personal data.)

4. Legal Bases for Processing (EEA/UK Users)

LAST UPDATED: June 11, 2025

If you are in the European Economic Area or United Kingdom, we are required to inform you of the legal bases on which we process your personal data under the GDPR (General Data Protection Regulation) or UK GDPR. We rely on the following legal grounds:

Performance of a Contract: We process personal data that is necessary to provide the Service as agreed with you. For example, processing your registration information to create your account, or handling your data to provide the platform's functionality, is based on our contract (the Terms of Service) with you.

Legitimate Interests: We process certain data for our legitimate business interests, in a manner that doesn't override your privacy rights. For instance, using cookies for analytics and improvement, sending you product update emails if you're a customer, or preventing fraud and securing our platform – these are activities we undertake for legitimate interests of improving and protecting our Service. We always consider your rights and will not process on this basis if your interests outweigh ours. You have the right to object to processing based on legitimate interests (see "Your Rights" below).

Consent: In some cases, we rely on your consent. For example, if we ever want to use your testimonial or integrate with a new third-party where your data is sent, we might ask for your consent. Also, where required by law (like sending marketing communications to individuals in certain jurisdictions), we will only do so with your consent. You have the right to withdraw your consent at any time, but this will not affect processing already occurred.

Legal Obligation: When applicable laws require us to collect, use, or retain certain information, we do so under the legal obligation basis. For example, retaining transaction records for tax or financial regulations, or responding to valid legal process (warrants, court orders) to disclose data.

5. How We Share Your Information

LAST UPDATED: June 11, 2025

We understand that your personal information and business data are important, and we are not in the business of selling that information to others. We share information only in the following circumstances:

With Service Providers (Processors): We share your information with third-party companies that provide services to us to help us operate and support the Service. These providers are bound by contractual obligations to process personal data only on our behalf and under our instructions, and to protect it. Key service providers include:

  • Hosting and Infrastructure: As mentioned, we use Amazon Web Services (AWS) to host our platform and data. All your data is stored on AWS servers (for example, in AWS data centers in the United States). AWS acts as our data processor, storing and processing data under strict security measures.
  • Payment Processor: Stripe handles all payment transactions and billing information. Stripe collects and processes your payment details securely. We share minimal information with Stripe as needed (e.g., your email and subscription plan, so they know whom to bill). Stripe is a PCI-DSS compliant payment provider. (See Stripe' privacy policy for details on their practices.)
  • Email and Communication Services: We may use services like Amazon SES or third-party email platforms to send transactional emails (for sign-ups, notifications, etc.) and support communications. These providers would have access to your email address and the content of emails only for the purpose of sending messages on our behalf.
  • Analytics and Crash Reporting: We might use tools such as Google Analytics to collect website usage data, or error/crash reporting services to improve our app's stability. These tools may receive technical information about your device or app usage. We configure such tools to avoid collecting unnecessary personal details (and IP addresses might be anonymized where feasible). You can opt out of Google Analytics with a browser add-on if you wish.
  • Customer Support Tools: If we use a customer support ticketing system or live chat (like Zendesk, Intercom, etc.), those platforms will process whatever contact info and communications you send through them when interacting with support.
  • Other Vendors: We could use additional vendors for specific services (e.g., a service to help us with data backups, or a marketing email platform for newsletters). We will ensure any such vendors are subject to appropriate privacy and security obligations.

With Integration Partners (At Your Direction): When you choose to integrate Scrambl with third-party services, we will share information with those services only as needed to fulfill the integration and only at your explicit direction or authorization. For example: if you connect a QuickBooks integration, we will send relevant financial data (like invoices or client details) to your QuickBooks account as you direct; or if you enable an OpenAI-powered task generator, we might send the task prompt or some project context to the AI service to generate a suggestion for you. We do not share your data with third parties for their own purposes – any sharing through integrations is solely to serve the function you have enabled. Also, any third-party that receives data this way will use it according to their own privacy policy (we'll endeavor to inform you what data is shared and provide references to those policies when you activate an integration).

Within a Team or Organization: If you are using Scrambl as part of a team account or organization, certain information is shared with other members of that group. This isn't "third-party" sharing in the traditional sense, but it's important to note: your profile information, and any data or content you contribute within the Service (projects, tasks, comments, etc.), will typically be visible to the other authorized users in your organization's workspace by default. For example, other members of your company's account can see projects and tasks in that company (unless privacy settings are offered and used). Similarly, if you send an invoice to a client via Scrambl' client portal, that client will see the information on the invoice and relevant project details you include. Such sharing is inherent in the collaborative nature of the Service.

Business Transfers: If Scrambl, LLC is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be disclosed to our advisers and any prospective or actual acquiring entity and among the transferred assets. In such an event, we will ensure that the successor entity is bound by similar privacy obligations for your data, and we will notify you (for example, via email and/or a prominent notice on our website) of any change in ownership or new use of your personal information, as well as any choices you may have regarding your personal information.

Legal Compliance and Protection: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (i) comply with a legal obligation, legal process, or court order (for example, in response to a subpoena or government request); (ii) enforce our Terms of Service or other agreements; (iii) protect and defend the rights, property, or safety of Scrambl, our customers, or others; or (iv) investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our Terms (such as suspected fraud or security issues). We will limit the information disclosed to what is reasonably necessary and, when permitted by law, we will attempt to notify you of such disclosure.

With Your Consent: In cases where we want to share information in a way not covered by the above, we will ask for your consent. For example, if we were to post a customer testimonial that includes personal info, we'd get your permission. Or if a third-party partner wanted to offer a special deal to our users, we might ask if you'd like to participate before sharing your contact details.

6. International Data Transfers

LAST UPDATED: June 11, 2025

Scrambl is headquartered in the United States, and as such, data we collect (including personal information) will be processed and stored on servers in the U.S. and potentially other jurisdictions. If you are located outside the United States (for example, in the European Union), this means your personal information will be transferred to and stored in a country with data protection laws that may differ from those of your country of residence.

EU/UK Users: For personal data transferred from the European Economic Area (EEA), United Kingdom, or Switzerland to the U.S. (or other non-EEA jurisdictions) we will ensure appropriate safeguards are in place to comply with EU/UK data protection laws. Typically, this means we will rely on European Commission-approved Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms to legitimize the transfer. Scrambl, LLC commits to protect the privacy and security of personal data in line with this Privacy Policy, regardless of where it is processed. If required, we may also implement additional technical and organizational measures to supplement transfer safeguards.

Your Consent to Transfer: By using our Service or providing us with your information, you consent to the transfer of your personal information to the United States and to other jurisdictions where Scrambl or its service providers operate. We understand that some jurisdictions require a higher level of protection – where we are aware of such requirements, we will take steps to provide an equivalent level of protection for the data.

Data Localization (if applicable): If in the future we offer data localization options or if we establish servers in other regions (e.g., to host EU data within the EU), we will update our documentation and give users choices if relevant. As of the Effective Date of this Policy, we primarily use U.S.-based infrastructure.

7. Data Retention

LAST UPDATED: June 11, 2025

Retention Period: We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In general, this means:

  • For active account holders: we keep your information while your account is active. All your Customer Data and profile information is retained so that the Service functions properly for you and your team.
  • If you delete your account or request deletion: we will initiate deletion of applicable personal data from our active systems. Most of your Customer Data will be deleted or anonymized within a reasonable time after account deletion (typically within 30-60 days). However, some data may be retained in backups or archives for a bit longer until those are cycled out, and we may retain minimal information thereafter as described below.
  • If you stop using the Service but do not formally delete your account: we may contact you after a period of inactivity to ask if you want to maintain the account. If we decide to purge inactive accounts, we will provide notice (e.g., to your email on file) to allow you to log back in or request a backup.

Retention for Legal/Legitimate Purposes: Even after you delete your account, we may retain certain information as necessary for legitimate business purposes or legal obligations. Examples include:

  • Transaction Records: We might retain billing records, invoices, and payment history to comply with accounting and tax regulations (which often require keeping records for a number of years).
  • Legal Compliance: If we are obliged to keep data to comply with laws or regulations (e.g., records of consent, or data relevant to a legal investigation), we will retain the necessary information for the required period.
  • Dispute Resolution: If you have an outstanding issue or dispute with Scrambl, or if we reasonably believe there is a prospect of litigation involving your data or use of our Service, we may retain relevant information until the issue is resolved.
  • Anonymized Data: We may keep data that has been aggregated or anonymized such that it no longer is associated with an identifiable user, for analytics and improvement purposes. This is not personal information anymore and may be retained indefinitely.

Deletion and Anonymization: When we no longer need personal data, we will either delete it from our systems or anonymize it so that it cannot be linked back to an individual. We aim to conduct periodic reviews of the data we hold and purge what is not needed. If deletion is not immediately possible (for example, stored in backups), we will secure and isolate the data and remove it when feasible.

8. Your Rights and Choices

LAST UPDATED: June 11, 2025

Depending on your jurisdiction and the applicable data protection laws, you have certain rights regarding your personal information. We are committed to providing you with access and control over your data. Below is a summary of key rights and how you can exercise them:

Access and Portability: You have the right to request a copy of the personal information we hold about you. This includes information in your account as well as any other data associated with you. In many cases, you can directly access and download your data via the Service (for example, exporting a project or client list). For any additional information, you can contact us to request it. We will provide the data in a commonly used electronic format.

Rectification (Correction): If any of your personal information is incorrect or incomplete, you have the right to ask us to correct it. You can update most of your basic account information (like your name, email, password) through your account settings. For other corrections, contact us and we will make the changes where possible.

Deletion (Right to be Forgotten): You have the right to request deletion of your personal information. You can achieve this largely by deleting your account through the Service interface. This will remove most of your data from our active systems (as described in the Data Retention section). If you want us to delete specific information without deleting your whole account, you can also request that (for example, delete a particular file or client entry that might contain personal data). We will comply with deletion requests to the extent required by law, but please note we may need to retain certain information as explained in our retention policy (e.g., for legal compliance). If we cannot delete something you requested, we will explain why (unless prohibited from doing so by law).

Restriction of Processing: You can request that we temporarily limit the processing of your personal data under certain circumstances – for example, if you contest the accuracy of the data or if you have objected to processing (pending our evaluation of that objection). When processing is restricted, we will still store your information but not use it for the purpose you've objected to.

Objection to Processing: If we are processing your information based on our legitimate interests (or those of a third party), you have the right to object to that processing. If you object, we will evaluate whether our legitimate grounds for processing override your interests, rights, and freedoms. If they do not, we will cease or adjust the processing. Objections to direct marketing will be honored immediately – if you object to marketing emails, we will stop sending them.

Withdraw Consent: If we have asked for your consent to process certain data, you can withdraw that consent at any time. For example, if you gave consent for a beta feature that shares data with a third-party, you can disable that feature or contact us to withdraw consent. Withdrawing consent will not affect the lawfulness of processing before the withdrawal.

Data Portability: In certain cases, you may have the right to receive your personal data in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller. We will assist with such requests by providing your data in a CSV or similar format if applicable.

Automated Decision-Making: Scrambl does not make any legally significant decisions about you using automated algorithms without human involvement. If this changes, you would have the right to not be subject to a decision based solely on automated processing that produces legal or similarly significant effects.

California Privacy Rights (CCPA/CPRA): If you are a California resident, you have specific privacy rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act). These include the right to know what personal information we have collected about you in the past 12 months (including categories of sources, purposes, and third parties with whom we share it), the right to access that information, the right to request deletion of your personal information (with similar limitations as above), the right to correct inaccurate personal information, and the right to opt-out of the "sale" or "sharing" of personal information. Scrambl does not sell personal information (we don't provide your data to third parties for money or other valuable consideration aside from necessary service providers). We also do not share personal information for cross-context behavioral advertising. If you have any specific request to exercise California rights, you can contact us as described below. We will not discriminate against you for exercising any privacy rights.

Exercising Your Rights: To exercise any of your rights, please contact us at privacy@scrambl.com or hello@scrambl.com with your request. We may need to verify your identity before fulfilling certain requests (to ensure the security of your data). Verification might include confirming ownership of the email associated with your account or other information. We will respond to your request within the timeframes required by law (typically within 30 days for GDPR, and 45 days for CCPA, with possible extensions). There is generally no fee for making a request, though if requests become excessive or repetitive, we reserve the right to charge a reasonable fee or refuse, as allowed by law.

Authorized Agents: If you are a California resident, you may designate an authorized agent to make requests on your behalf. We will require proof of the agent's authority and verification of your identity directly from you, unless the agent has a valid power of attorney.

Complaints: If you have concerns about our data practices, we encourage you to contact us so we can address them. However, you also have the right to file a complaint with a supervisory authority. If you are in the EU/EEA, you can contact your country's data protection authority. If you are in the UK, you can contact the Information Commissioner' Office (ICO). In California, you can contact the California Attorney General' office. We would appreciate the chance to deal with your concerns before you approach a regulator, so please consider reaching out to us first.

9. Security Measures

LAST UPDATED: June 11, 2025

We take the security of your personal information seriously. We implement a variety of technical and organizational measures designed to protect your data from unauthorized access, disclosure, alteration, or destruction. Some of the key security practices include:

Encryption: We use encryption to protect data. All network communication with the Scrambl Service (web or API) is encrypted using Transport Layer Security (TLS). This means that data in transit between your device and our servers is encrypted. Additionally, as noted earlier, we encrypt data at rest in our databases and storage systems (using strong encryption methods like AES-256).

Access Controls: Access to production databases and systems is strictly limited to a few authorized personnel at Scrambl who require it for their job (for example, to perform system maintenance or support tasks). We use authentication, access control lists, and monitoring to ensure that any access to personal data is logged and only done when necessary. Employee access to data is also governed by confidentiality agreements and internal policies.

Network Security: Our servers are protected by firewalls, security groups, and network monitoring to guard against external attacks. We keep systems updated with security patches and employ anti-malware protections. We regularly review our infrastructure for potential vulnerabilities (and use third-party security testing or audits as we grow).

Account Security: We store account passwords using secure hashing algorithms – no one at Scrambl can read your password. We encourage you to use a strong, unique password. In the future, we may offer additional security features like two-factor authentication (2FA) for accounts; when available, we will recommend you enable them.

Testing and Training: We periodically test our systems and response plans for security incidents. Our team is trained to follow security best practices and to be vigilant about potential social engineering or phishing attempts.

Incident Response: In the event of a data breach or security incident that affects your personal information, we have a response plan to contain the incident and notify affected users and relevant authorities as required by law. We will communicate with you promptly with information about the nature of the breach and any steps you should take to protect yourself.

No Guarantee: Despite our efforts, no security measures are infallible. The internet is not 100% secure, and we cannot guarantee absolute security of data, especially data transmitted to our Service. You should also take care with how you handle and disclose your personal information and login credentials. If you have reason to believe that your interaction with us or the Service is no longer secure (for example, if you feel your account has been compromised), please contact us immediately. We will work with you to address the issue.

10. Children' Privacy

LAST UPDATED: June 11, 2025

Scrambl is not directed to children under the age of 13 (or under 16 in certain jurisdictions), and we do not knowingly collect personal information from children. Our Service is intended for businesses and professional use by adults. If you are under the age of 13, you are not permitted to use Scrambl or provide any personal information to us. If we become aware that we have inadvertently collected personal information from a child under 13 (or under 16, where applicable) without proper consent, we will take steps to delete that information as soon as possible. If you believe that a child under the relevant age may have provided us personal data, please contact us at privacy@scrambl.com, and we will promptly investigate and address the issue.

11. Third-Party Links and Services

LAST UPDATED: June 11, 2025

As noted, our Service may contain links to third-party websites or allow you to interface with third-party services. This Privacy Policy does not cover how those third parties process personal information. We encourage you to read the privacy policies of any third-party services you visit or integrate with. Examples: if you follow a link from our marketing website to a blog hosted on another platform, or if you use a feature that opens an external site (like a payment checkout page hosted by Stripe), the privacy practices of those external sites or services will govern any data collected there.

12. Changes to this Privacy Policy

LAST UPDATED: June 11, 2025

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we update the policy, we will change the "Last Updated" date at the top. If we make any material changes, we will provide prominent notice, such as by posting a notice on our website or emailing you (if you are a registered user) to inform you of the update. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after any changes to this Policy signifies your acceptance of the updated terms, to the extent permitted by law.

13. Contact Us

LAST UPDATED: June 11, 2025

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us as follows:

Email: You can reach our privacy team via privacy@scrambl.com or hello@scrambl.com. This is the fastest way to get a response on privacy-related inquiries.

EU/UK Representative: [If applicable] For individuals in the EU or UK, if you wish to contact our designated EU/UK representative or Data Protection Officer (if we appoint one), please include that in your request to us and we will direct you accordingly. (As of now, Scrambl is small and may not be legally required to appoint an EU representative or DPO; we handle requests directly.)

We will be happy to answer your questions and address any issues to the best of our ability. Your trust is important to us, and we are committed to safeguarding your data and privacy. Thank you for entrusting Scrambl with your business. We value your privacy and work hard to protect it.