Privacy policy

Privacy Policy

Last update date: 03/11/2021

We are SCROBLE. This is our Privacy Policy which aims to explain which data we collect and what we do with this data. By accepting this Privacy Policy you do also accept the Cookie Policy. Please read both documents carefully.

Scroble (“Scroble”, “we”, “our”, or “us”) attaches the appropriate importance to respecting your privacy and undertakes to process your personal data in accordance with the regulations in force applicable to the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter “R.EU 2016/679”) applicable as of 25 May 2018, and the Act of 1 August 2018 on the organisation of the National Commission for Data Protection and the general data protection regime.

To support our commitment to privacy, we have adopted a set of binding corporate policies.

Table of contents:

    1. Scope of application
    2. Identity of the data controller and data protection officer
    3. Categories of personal data
    4. Legal basis for the processing of personal data
    5. Purposes of the processing of personal data
    6. Recipients of personal data
    7. International transfers of personal data
    8. Retention of data
    9. Protection of personal data
    10. Our Website and User Application
    11. Your rights
    12. Liability
    13. How to contact us
    14. Changes to our privacy statement
  1. 1. Scope of application

This Privacy Policy (“Privacy Policy”) explains how we collect and use personal data.

Personal data means any data relating to an identified or identifiable natural person. Further: an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

We collect personal data in various ways:
– In the execution of contractual obligations to which Scroble is committed,
– In order to answer questions that may have been submitted to Scroble in order to find out about its various services,
– As part of the normal management of Scroble as a commercial enterprise under Luxembourg law (administrative management, personnel management, etc.).

This Privacy Policy applies to all Scroble users, those having login data including unregistered visitors and registered users (collectively, “Users”, “you”, or “your”), and to all Scroble services for Businesses and related services (collectively, the “Services”).

This Privacy Policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

Prior to accessing or using our Services, please read this policy and make sure you fully understand our practices in relation to your Personal Information.

If you read and fully understand this Privacy Policy, and remain opposed to our practices, you must immediately leave and discontinue all use of any of our Services. 

  • 2. Identity of the data controller and data protection officer

The controller is Scroble S.A., a Luxembourg public limited liability company (Société Anonyme), having its registered office at L-1840 LUXEMBOURG, 47, Boulevard Joseph II, registered with the Luxembourg Trade and Companies Register under number B227706, having the VAT number LU 31031258 and Business Authorisation Number N10095778 granted by Ministry of Economy, represented by Mrs Anna Salewski, Founder and CEO.

Scroble has appointed an external data protection officer (DPO). The DPO is responsible for ensuring compliance with the provisions of EU Regulation 2016/679. The Data Protection Officer ensures that the rights of individuals whose data is processed by Scroble are respected.
His contact details are: .

  1. 3. Categories of personal data

When a person creates an Business Account (SCROBLE Platform), uses SCROBLE Website, downloads a software (SCROBLE Application), contacts or interacts with SCROBLE (e.g., Scroble’s support tickets, emails), SCROBLE may collect and process a variety of information, including:
– Identification data of persons (such as Visitors’ and Users’) concerned by the execution of contractual and legal obligations of Scroble.
– Account information. Person’s account ID and related account details, including email address, devices registered, account status, age (if provided)
– Device information. Data that identifies a device, including online identifier like IP addres
– User network information. Data to whom user is sharing his/her profile (other users of the Platform as well as external users)
– Personal Information, such as name, email address, phone number, payment information (for Users with Paid Services), information you include in your communications with us and with other users on our platform, and Personal Information contained in scanned identification documents (such as an ID card, driver’s license, passport, or official company registration documents).
– Language of communication.
– IDs of your different social networks such as Facebook, Twitter, LinkedIn etc…

When you visit, download, and/or use any of our Services, we may collect aggregated usage Personal Information, such as Visitors’ and Users’ browsing and ‘click-stream’ activity on the Services, session heatmaps and scrolls, non-identifying Personal Information regarding the Visitor’s or User’s device, operating system, internet browser, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, etc…

  • photos, and/or videos,
  • curriculum vitae,
  • letter of motivation,
  • any other document that you may have sent us when submitting your unsolicited application or for a published position,
  • any other information necessary for the performance of a contractual obligation, or necessary to comply with a legal obligation as defined by Luxembourg law,
  • any other information that may enable us to keep in touch with you.
  • Fraud prevention information. Data used to prevent fraud on the platform, including behavioural analysis for a specific person on a specific device
  • Platform and App Usage data. Data used to optimise service (E.g. measuring user interface delays)
  • Location information. Data used to provide information linked to a nearest available shop or information that is linked to a specific retailer within a specific region
  • 4. Legal basis for the processing of personal data

More generally, the purposes of the processing of personal data explained above are – in accordance with Articles 6 and 9 of the General Data Protection Regulation (“GDPR”) – all founded on one of the following legal bases: 

  • The processing is necessary for the performance of a contract with Scroble to which the data subject (User) is party or in order to take steps at the request of the data subject prior to entering into a contract,
  • The processing is necessary for compliance with a legal obligation to which the controller (Scroble) is subject,
  • The processing is necessary for the purposes of the legitimate interests pursued by the controller (Scroble), except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child, (for example, to maintain and improve our Services and the effectiveness of Scroble by identifying technical issues),
  • The data subject (User) has given consent to to the processing of his or her personal data for one or more specific purposes
  1. 5. Purposes of the processing of personal data

Scroble uses the data for the following purposes:

  1. For the management and the execution Scroble administrative and technical of the contracts between you and us,
  2. To provide and operate the Services;
  3. To further develop, customize, expand, and improve our Services, based on Users’ common or personal preferences, experiences and difficulties;
  4. To provide our Users with ongoing customer assistance and technical support;
  5. To be able to contact our Users with general or personalized service-related notices and promotional messages;
  6. To help us to update, expand and analyze our records to identify new customers;
  7. To facilitate, sponsor, and offer certain contests, events, and promotions, determine participants’ eligibility, monitor performance, contact winners, and grant prizes and benefits;
  8. To analyze our performance and marketing activities;
  9. To create aggregated statistical data and other aggregated and/or inferred information, which we or our business partners may use to provide and improve our respective services;
  10. To provide you with professional assistance , only upon your request;
  11. To enhance our data security and fraud prevention capabilities; and
  12. To comply with any applicable laws and regulations.
  1. 6. Recipients of personal data

6.1 The main recipient of your data is Scroble.

6.2 However, we may disclose your personal data to (a) public institutions and authorities, (b) subcontractors (e.g. for the management of our website and platform) and (c) other third parties with whom Scroble has an interest in collaborating to ensure the provision and continuity of services. In this case, Scroble ensures that the recipients of personal data respect confidentiality or are subject to an appropriate legal obligation of confidentiality and comply in particular with the conditions of the GDPR. These include hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, billing and payment processing services, domain name registrars, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session recording and remote access services, performance measurement, data optimization and marketing services, content providers, and our legal and financial advisors (collectively, “Third Party Service Provider(s)”).

6.3 In addition, should Scroble or any of its affiliates undergo any change in control, including by means of merger, acquisition or purchase of substantially all of its assets, your Personal Information may be shared with the parties involved in such event.

6.4 The Scroble Services enable you, through different techniques, to engage and procure various third party services, products and tools for enhancing your web or mobile sites, including, without limitation, applications and widgets offered to you by third parties through the Scroble Website (including the Scroble App Market), eCommerce payment providers etc. (collectively, “Third Party Services”). If you choose to engage with such Third Party Services, they may have access to and process Personal Information of your Users-of-Users collected through your web or mobile sites.

6.5 SCROBLE uses Personal Data to provide services, to communicate with users and 3rd parties, for security and fraud prevention, and to comply with law. SCROBLE may use Personal Data for other purposes based on user consent

  1. 7. International transfers of personal data

In principle, we do not transfer your data to entities outside the European Union.
However, if during the execution of performing our contractual obligations your data is transferred outside the European Union, we will make sure that (i) there is a level of protection deemed adequate by the European Commission or (ii) that the relevant Standard Contractual Clauses are in place.

Personal Data is processed by trusted partners (Computing and Storage Services provided by Microsoft Azure platform). The servers for the Geography Europe (used by Scroble) are located in Ireland and Netherlands. More information can be found here
SCROBLE does share user contact information to partners upon user consent is given. SCROBLE does share Anonymised Data.
Scroble may be required to disclose personal data to comply with applicable laws or at the request of an authority, or in the context of legal proceedings, for example to respond to complaints and/or claims, to protect the rights or interests of Scroble, or its customers. 

  1. 8. Retention of data

We will retain your personal data for the purposes for which it was collected, generally for the duration of a contractual relationship, respectively in accordance with the various applicable legal provisions.

More generally, personal data is deleted within one year unless (a) extended/ longer retention is required on the basis of applicable law, (b) it is considered important or in defence of the legitimate interests of Scroble, the customer or supplier, or (c) there is an agreement on further retention between the customer and Scroble.

Specifically in relation to recruitment
Where Scroble processes your personal data following a job application, this data will be deleted as soon as the recruitment process is complete, i.e. as soon as the position is actually filled. However, if Scroble believes that there is a particular interest (such as a similar position opening in the near future within Scroble) in retaining your personal data for a longer period not exceeding one year, Scroble will seek your consent to such retention.
When Scroble processes your personal data following an unsolicited application, Scroble informs you that this data will be kept for a maximum period of one year.

  1. 9. Protection of personal data

We take appropriate technical, physical, and organisational measures reasonably designed to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access and from any other form of unlawful processing. Access to personal data is restricted to authorised recipients on a need-to-know basis. We operate a comprehensive data security programme commensurate with the risks associated with the processing. This programme is constantly adapted to mitigate operational risks and to ensure the protection of personal data, considering accepted industry practices. We will also use enhanced security measures when processing any sensitive personal information. We take the following measures to safeguard data at SCROBLE (including Personal Data) measures:
– Administrative – by use of information security management program;
– Technical – data in transit protected by TLS protocol; data at rest by data is encrypted on all media;
– Physical by managing access to SCROBLE premises.
Among other things, we offer HTTPS secure access to most areas on our Services; the transmission of sensitive payment information (such as a credit card number) through our designated purchase forms is protected by an industry standard SSL/TLS encrypted connection; and we regularly maintain a PCI DSS (Payment Card Industry Data Security Standards) certification. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways and Third-Party Services for further enhancing the security of our Services and protection of our Visitors’ and Users’ privacy.

Regardless of the measures and efforts taken by Scroble, we cannot and do not guarantee the absolute protection and security of your Personal Information, your Users-of-Users’ Personal Information or any other information you upload, publish or otherwise share with Scroble or anyone else. We encourage you to set strong passwords for your User Account, and avoid providing us or anyone with any sensitive Personal Information of which you believe its disclosure could cause you substantial or irreparable harm. Furthermore, because certain areas on our Services are less secure than others (for example, if you set your Support forum ticket to be “Public” instead of “Private”, or if you browse to a non-SSL page), and since e-mail and instant messaging are not recognized as secure forms of communications, we request and encourage you not to share any Personal Information on any of these areas or via any of these methods. 

  1. 10. Our Website and User Application

10.1 Use of cookies and other third-party technologies

We and our Third-Party Service Providers use cookies and other similar technologies (“Cookies”) for us to provide our Service and ensure that it performs properly, to analyse our performance and marketing activities, and to personalize your experience. You can learn more about how we use cookies and similar technologies and how you can exercise control over them in our Cookie & Similar Technologies Policy. Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.

10.2 Communications from Scroble

Promotional messages: We may use your Personal Information to send you promotional content and messages by e-mail, text messages, notifications within our platform, marketing calls and similar forms of communication from Scroble or our partners (acting on Scroble’s behalf) through such means. If you do not wish to receive such promotional messages or calls, you may notify Scroble at any time or follow the “unsubscribe” or STOP instructions contained in the promotional communications you receive.

Service and billing messages: Scroble may also contact you with important information regarding our Services, or your use thereof. For example, we may send you a notice (through any of the means available to us) if a certain Service is suspended for maintenance; reply to your support ticket or e-mail; send you reminders or warnings regarding upcoming or late payments for your current or upcoming subscriptions; forward abuse complaints regarding your User Website; or notify you of material changes in our Services. It is important that you are always able to receive such messages. For this reason, you are not able to opt-out of receiving such Service and Billing Messages unless you are no longer a Scroble User (which can be done by deactivating your account). We may also contact you with service and billing-related messages and content. You will not be able to opt-out of receiving such messages. 

Third-party websites: Our Services may contain links to other websites or services. We are not responsible for such websites’ or services’ privacy practices. We encourage you to be aware when you leave our Services and to read the privacy statements of each and every website and service you visit before providing your Personal Information. This Privacy Policy does not apply to such linked third party websites and services.

About children: Our websites are not intended for children. In any event, we do not use our sites to knowingly solicit personal data from children. If we become aware that a child has provided personal data through one of our websites, we will remove that data from our systems.

Partial or complete refusal of statistical and/or technical cookies will limit the availability of the content and functionality of the site. By continuing to browse our site without any special settings on your web browser, you authorise us to use any cookies. 

  1. 11. Your rights

Scroble believes that it is imperative that all Scroble users have control over their Personal Information. Therefore, depending on the way you use the Scroble Services, you may have the right to request access to, receive a copy of, update, amend or delete, port certain Personal Information to another service, restrict, or object to certain uses of your Personal Information (for example, for direct marketing purposes). Further, when we rely on your consent for processing of your Personal Information (for instance, for direct marketing) you can withdraw your consent at any time, and such withdrawal will take affect from thereon. Scroble will not charge you more if you exercise any of these rights and will continue to provide you with the same level of service.

If you are a Scroble user, you can access and correct a lot of your Personal Information directly through your account, or via online forms Scroble makes available to you (as detailed below).

You can also exercise your rights by sending your request to, mailing it to Scroble S.A., 47 Bvd Joseph II., 1830 Luxembourg.

When we receive your right request, we may take steps to verify your identity before complying with the request to protect your privacy and security. Before fulfilling your request, we may ask you for additional information in order to confirm your identity and for security purposes. 

We reserve the right to charge a fee where permitted by law (e.g. if your request is unfounded or excessive).

In case of difficulties in exercising these rights, you also have the right to lodge a complaint with the National Commission for Data Protection ( the “CNPD”).

Please note that permanently deleting your Scroble account erases all your Personal Information from Scroble’s databases. After completing this process, you can no longer use any of your Scroble Services, your account and all its data will be removed permanently, and Scroble will not be able to restore your account or retrieve your data in the future. If you contact our support channels in the future, the system will not recognize your account and support agents will not be able to locate the deleted account.
If you have any questions or concerns about our collection, use or disclosure of Personal Information, or if you believe that we have not complied with this Privacy Policy or applicable data protection laws, please contact us – our details are set out at the end of this Privacy Policy. Our Data Protection Officer team will investigate the complaint and determine whether a breach has occurred and what action, if any, to take. We take every privacy complaint seriously and will make all reasonable efforts to resolve your complaint promptly and in accordance with applicable law. 

  1. 12. Liability

12.1 Scroble declines all responsibility for the accuracy and updating of the data made available to any person consulting our website accessible to the public, as well as the data made available to Scroble clients on our website accessible only to Scroble clients.

12.2 Scroble reminds you that the information made available on our website accessible to the public is available to any person who is not only in a country of the European Union subject to the applicable legislation on the protection of personal data, but also in a country outside the European Union which does not necessarily guarantee the same level of protection of personal data. Even if Scroble implements appropriate technical and organisational measures to ensure data protection, including against unauthorised access or inappropriate use by third parties, Scroble shall not be held liable for the use of data communicated to Scroble by third parties for purposes other than those initially intended. Consequently, Scroble invites users transmitting information as a client of Scroble, or as a user for the purposes of communicating information via our website, not to communicate so-called sensitive data, and more generally any data that is not intended to be made public.

12.3 Scroble may collect, store and process certain Personal Information of Users-of-Users (“Users-of-Users Information”), solely on our Users’ behalf and at their direction.
For example, each of our Users can import their e-mail contacts from third-party services like Gmail, or otherwise collect and manage contacts via their User Website. Such contacts are then stored with Scroble, on the User’s behalf. For such purposes, Scroble serves and shall be considered as a “Processor” and not as the “Controller” (as both such capitalized terms are defined in the GDPR of such Users-of-Users Information.
The Users controlling and operating such User Websites shall be considered as the “Controllers” of such Users-of-Users Information and are responsible for complying with all laws and regulations that may apply to the collection and control of such Users-of-Users Information, including all privacy and data protection laws of all relevant jurisdictions.
The Processing of the Users-of-users’ Personal Information shall take place within the territory of the European Union or a third country, territory or one or more specified sectors within that third country of which the European Commission has decided that it ensures an adequate level of protection, and such processing and transfer will be in accordance to the Data Processing Addendum – Users (“DPA”). Any transfer to and Processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be conducted under an approved transfer mechanism, as detailed in the DPA.

12.4 Users-of-users’‘Personal Information’

Scroble may collect, store and process certain Personal Information of Users-of-Users (“Users-of-Users Information”), solely on our Users’ behalf and at their direction.
For example, each of our Users is able to import their e-mail contacts from third-party services like Gmail, or otherwise collect and manage contacts via their User Website. Such contacts are then stored with Scroble, on the User’s behalf. For such purposes, Scroble serves and shall be considered as a “Processor” and not as the “Controller” (as both such capitalized terms are defined in the GDPR of such Users-of-Users Information.

The Users who control and operate such User Websites shall be deemed the “Controllers” of such User Information and are responsible for compliance with all laws and regulations that may apply to the collection and control of such User Information, including all privacy and data protection laws of all relevant jurisdictions.
Scroble accepts no responsibility for the processing of User Information within the European Union or any third country, territory, or specific sector(s) of that third country. Any transfer and processing in a third country outside the European Union that does not provide an adequate level of protection according to the European Commission will be carried out under an approved transfer mechanism as detailed in the DPA.

Scroble accepts no responsibility for the processing of data by users of users, including with respect to the security, integrity and authorized use of personal information, as well as for obtaining consents, authorizations and providing all necessary data subject rights and fair processing notices required for the collection and use of such personal information. Scroble cannot provide legal advice to Users or their Users-of-Users, however we do recommend that all Users publish and maintain clear and comprehensive privacy policies on their User Websites in accordance with any applicable laws and regulations, and that all Users-of-Users carefully read those policies and make sure that they understand and, to the extent required by applicable law, consent to them.
If you are a visitor, user or customer of any of our Users, please read the following: Scroble has no direct relationship with Users-of-Users whose Personal Information it processes. If you are a visitor, user or customer of any of our Users, and would like to make any requests or queries regarding your Personal Information, please contact such User(s) directly. For example, if you wish to request to access, correct, amend, or delete inaccurate Personal Information processed by Scroble on behalf of its Users, please direct your query to the relevant User (who is the “Controller” of such data). If Scroble is requested by our Users to remove any Users-of-Users’ Personal Information, we will respond to such requests in a timely manner upon verification and in accordance with applicable law (for example, thirty (30) days under the GDPR). 

  1. 13. How to contact us

If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us at We will attempt to resolve any complaints regarding the use of your Personal Information in accordance with this Privacy Policy.
You may also contact us by mail at Scroble S.A., 47 Bvd Joseph II, 1830 Luxembourg. 

  1. 14. Changes to our privacy statement

We reserve the right to correct, amend and update this privacy statement at any time.
We may update this Privacy Policy as required by applicable law, and to reflect changes to our Personal Information collection, usage and storage practices. If we make any changes that we deem as “material” (in our sole good faith discretion), we will notify you prior to the change becoming effective. In relation to any updated Privacy Policy, we will, as required by applicable law, notify you, seek your consent and/or take any other measures. We encourage you to periodically review this page for the latest Information on our privacy practices. This Privacy Policy was written in English and may be translated into other languages for your convenience. You may access and view other language versions by changing your Scroble Website language settings. If a translated (non-English) version of this Privacy Policy conflicts in any way with its English version, the provisions of the English version shall prevail. 



We would like to update you about all news, releases and open positions. Be with us, stay with us, follow SCROBLE.

Thank you!

By clicking “Subscribe” you confirm that you accept the Terms of Service & Privacy Policy


Download the SCROBLE APP and enjoy the NEW SHOPPING REALITY! We have released our application in Luxembourg, please fill in the form below to be notified as soon as we launch in new countries.

Download SCROBLE from the App Store Get SCROBLE on Play Store

By clicking "Subscribe" you confirm that you accept the Terms of Service & Privacy Policy