Privacy Policy

Last updated: November 23, 2025

Introduction

Welcome to Scrollo ("we," "our," or "us"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Chrome extension and related services.

By using Scrollo, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Personally Identifiable Information

When you sign in with your account, we collect:

Name and email address (via Clerk authentication)
User ID for account management
Device ID to manage extension sessions across devices

2. Authentication Information

To maintain your session and authenticate API requests, we store:

Session tokens (stored securely in your browser's local storage)
Token expiration dates
OpenAI API keys (if you choose to use your own API key - stored locally only, never transmitted to our servers)

3. Website Content

We collect and process:

Social media post text content (sent to our API for AI-powered reply generation)
User-provided prompts for tweet ideas and content generation
Twitter/X profile information (only when you enable "Use Profile Context")

4. User Activity

We monitor the following activities to provide the extension's core functionality:

Auto-scroll behavior and timing (processed locally on your device)
Post interaction patterns for reading time calculation
Feature usage statistics (e.g., number of AI generations, reply creations)
Daily usage counts for rate limiting

5. Current Tab Information

The extension checks the URL of your currently active tab to:

Verify you're on a supported social media platform (Twitter/X, Instagram, Reddit, Threads, TikTok)
Enable platform-specific features

Note: We do NOT track your browsing history across multiple websites. We only access the current tab's URL when you actively use the extension.

We do not collect: Health information, financial data, personal communications (emails/texts/chats), precise location data (GPS), or complete browsing history.

How We Use Your Information

We use the collected information for the following purposes:

Authentication: To verify your identity and maintain your session across devices
AI Content Generation: To provide AI-powered tweet ideas, reply suggestions, and content rewriting
Auto-Scroll Functionality: To calculate appropriate scroll timing based on post content length
Rate Limiting: To track daily usage and enforce fair use policies based on your subscription plan
Feature Personalization: To customize AI outputs based on your preferences and profile context (when enabled)
Service Improvement: To analyze usage patterns and improve the extension's performance
Customer Support: To respond to your inquiries and provide technical assistance

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

However, we share data with the following trusted third-party service providers to deliver our services:

OpenAI: Social media post content and your prompts are sent to OpenAI's API for AI-powered content generation. OpenAI processes this data according to their privacy policy and data usage policies.
Clerk: Authentication services are provided by Clerk, which handles your name, email, and user ID securely according to their privacy policy.

Note: If you use your own OpenAI API key, your data is sent directly to OpenAI and bypasses our servers entirely.

We may disclose your information if required by law, legal process, or to protect our rights, property, or safety.

Data Security

We implement industry-standard security measures to protect your data:

Secure Transmission: All data transmitted between the extension and our servers uses HTTPS encryption (TLS/SSL)
Local Storage: Authentication tokens and settings are stored securely in your browser's encrypted local storage
API Key Protection: If you provide your own OpenAI API key, it is stored locally on your device only and never transmitted to our servers
Access Controls: We implement strict access controls to limit who can access user data on our servers

While we strive to protect your personal information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

Data Retention

We retain your data for the following periods:

Account Information: Retained while your account is active and for 30 days after account deletion
Usage Statistics: Daily usage counts reset every 24 hours at 00:00 UTC
Generated Content: AI-generated content (tweets, replies, ideas) is not stored on our servers after delivery to the extension
Session Tokens: Automatically expire and are deleted based on the expiration date set during authentication

Your Rights and Choices

You have the following rights regarding your personal information:

Access: You can request a copy of your personal data by contacting us
Correction: You can update your name and email through your account settings
Deletion: You can request deletion of your account and all associated data by contacting us at kumar.ankit.101012@gmail.com
Opt-Out: You can disable specific features (like "Use Profile Context") in the extension settings
Uninstall: You can disable or uninstall the extension at any time to immediately stop all data collection
API Key Control: If using your own OpenAI API key, you can remove it at any time from the extension settings

To exercise any of these rights, please contact us at kumar.ankit.101012@gmail.com. We will respond to your request within 30 days.

Third-Party Links

The extension may interact with third-party websites (Twitter/X, Instagram, Reddit, Threads, TikTok). We are not responsible for the privacy practices of these third-party services. Please review their respective privacy policies.

Children's Privacy

Scrollo is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at kumar.ankit.101012@gmail.com, and we will delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using Scrollo, you consent to the transfer of your information to our servers and third-party service providers.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information we collect, use, and disclose
Right to request deletion of your personal information
Right to opt-out of the sale of personal information (Note: We do not sell your personal information)
Right to non-discrimination for exercising your CCPA rights

To exercise these rights, contact us at kumar.ankit.101012@gmail.com.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

Right of access to your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restriction of processing
Right to data portability
Right to object to processing
Right to withdraw consent at any time

To exercise these rights, contact us at kumar.ankit.101012@gmail.com.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this policy.

If we make material changes, we will provide notice through the extension or via email. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: kumar.ankit.101012@gmail.com
Website: https://www.scrollo.me

We will respond to your inquiry within 30 days.