GDPR Compliance for Scrubby OÜ

1. Introduction

This document outlines the practices of Scrubby OÜ (hereinafter referred to as “Scrubby”) regarding the collection, use, storage, and protection of personal data. Scrubby is committed to ensuring the privacy and security of all data processed and to complying with the General Data Protection Regulation (GDPR).

2. Company Information

  • Name: Scrubby OÜ
  • Address: Viru väljak 2, 10111, Tallinn, Estonia
  • Email Address: info@scrubby.io
  • Webpage: http://scrubby.io
  • Reg. Code: 16031675
  • VAT Payer Number: EE102376195

3. Data Collection and Purpose

Scrubby collects various data to facilitate user account creation, email marketing, and identity validation. This includes data from Google Analytics, IP addresses, and information provided by users during the signup process. Our integrations with Stripe and Pipedrive are designed to enhance our service offerings without sharing personal data.

4. Data Storage and Security Measures

Data is securely stored using advanced cloud services, with access restricted to authorized personnel only. Security measures in place include encryption, firewalls, and regular security audits.

  • AWS Services: Our use of AWS Cognito, AWS RDS, and AWS S3 ensures that both customer and end-user data are managed with state-of-the-art security measures. This includes encryption, stringent access controls, and the use of pre-signed URLs for secure file access.
  • Stripe Integration: We leverage Stripe for secure payment processing, adhering to their rigorous security standards. Note that Scrubby does not store any payment method information on our servers.
  • Data Security Protocols: We employ multi-layered security measures, including access keys, certificates, and passwords, to safeguard the user-uploaded data against unauthorized access or breaches.

5. Data Retention Policy

Scrubby retains personal data only until a user requests its deletion, empowering our users to have control over their personal information in accordance with GDPR mandates.

6. Data Protection Officer (DPO)

The CEO of Scrubby, Erik Paulson acts as the DPO, overseeing data protection strategies and ensuring GDPR compliance. Contact: info@scrubby.io.

7. Procedure for Data Breaches

Scrubby has established protocols for monitoring and responding to data breaches, including the notification of affected individuals and authorities within 72 hours of discovering the breach.

8. Third-Country Data Transfers

User data is stored in AWS RDS server region: US West (Northern California). Scrubby ensures that all data transfers comply with GDPR’s stringent standards for data protection and cross-border security. 

9. User Rights and Data Management

In compliance with GDPR, Scrubby recognizes and respects the following user rights:

  • Access to Data: Users can access their data through our user dashboard.
  • Correction/Deletion/Restriction: Users can request data correction, deletion, or restriction through Gleap inquiry, email, or Pipedrive.
  • Data Portability: Users’ files are securely stored in AWS S3, ensuring easy data portability.
  • Transparency in Data Processing: Scrubby is committed to transparency, not using user-uploaded data for internal purposes such as direct marketing or profiling.
  • Communication Preferences: Users are informed about the use of their email for file-related information and marketing campaigns, ensuring clarity and consent.

If you need any additional information, contacting us via email at info@scrubby.io.

10. Consent Mechanism

Consent for data collection and processing is obtained explicitly at user signup. Users have the ability to withdraw their consent at any time directly within the application.

11. Additional Information

  • Cookies Policy: Available at https://scrubby.io/cookie-policy/
  • Global Operations: Scrubby operates globally, adhering to GDPR standards for international data protection.
  • Market Focus: Scrubby is tailored for B2B interactions, specifically targeting agencies and enterprises.

For any further inquiries or to exercise your GDPR rights, please contact our Data Protection Officer Erik Paulson at info@scrubby.io.