Privacy Policy | ScripTreeApps

---
title: "Privacy Policy"
slug: "privacy"
---

**Effective Date:** May 2026
**Last Updated:** 2026-05-08

ScripTreeApps ("ScripTreeApps", "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, mobile application, and use our services.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.

---

## 1. Information We Collect

We collect information about you in the following ways:

### 1.1 Information You Provide Directly

- **Account Information:** Email address, password, display name, profile information, billing address, and payment details
- **Communication:** When you contact us for support, submit a refund request, or communicate with other users
- **Transaction Information:** Purchase history, refund requests, disputes, and payment method details
- **User-Generated Content:** Reviews, ratings, comments, and feedback you submit

### 1.2 Information Collected Automatically

- **Device Information:** Device type, operating system, browser type, IP address, and unique device identifiers
- **Usage Information:** Pages visited, time spent on pages, links clicked, search queries, and app downloads
- **Cookies and Similar Technologies:** We use cookies to track sessions and improve your experience

### 1.3 Fraud Detection Information

To protect ScripTreeApps and our community from fraud and abuse, we collect and analyze:

- **Account Creation Velocity:** The speed and pattern at which accounts are created from your IP address or location. Rapid account creation from a single IP may indicate coordinated fraud.
- **Review Behavior Analysis:** Similarities between reviews you write and reviews from other accounts (e.g., identical phrasing, suspicious timing). This helps us detect sock-puppet accounts and coordinated review manipulation.
- **IP Address and Location Data:** Used to detect unusual account activity, account takeover attempts, and coordinated fraud campaigns.

These fraud signals are used solely to identify and prevent platform abuse. We retain this data for up to 90 days for fraud detection and investigation purposes.

---

## 2. How We Use Your Information

We use the information we collect for the following purposes:

- **Service Delivery:** Providing, maintaining, and improving our services
- **Account Management:** Creating and managing your account, processing logins and password resets
- **Transaction Processing:** Processing purchases, refunds, and payouts
- **Communications:** Sending transactional emails (order confirmations, refunds, account notifications) and, if you opt in, marketing communications
- **Fraud Detection:** Analyzing account creation velocity, review text similarity, and IP patterns to detect and prevent fraud and abuse (see Section 1.3)
- **Customer Support:** Responding to your inquiries and resolving disputes
- **Legal Compliance:** Complying with laws, regulations, and legal requests
- **Analytics:** Understanding how our services are used to improve them

---

## 3. Account Deletion

### 3.1 How to Request Deletion

You can request to permanently delete your ScripTreeApps account in your Account Settings under **Security > Delete Account**. You will be asked to enter your password to confirm.

### 3.2 The 30-Day Grace Period

When you request deletion, your account is scheduled for permanent deletion 30 days after your request. During this grace period:

- Your account remains fully active and accessible
- You can log in and use all services normally
- You can cancel the deletion request at any time without re-authentication

After the 30-day grace period, your account will be **permanently deleted** and cannot be recovered.

### 3.3 What Data is Deleted

When your account is permanently deleted:

- Your email address is removed
- Your name and personal information are removed
- Your login credentials are removed
- Your billing and payment information is deleted
- Your session tokens and authentication records are purged
- Your two-factor authentication settings (if enabled) are removed

### 3.4 What Data is Retained

Some data is retained after account deletion for legal and operational reasons:

- **Purchase History:** A de-identified record of your orders is retained for tax compliance and legal record-keeping (you cannot be personally identified from this record)
- **Reviews:** Your reviews remain published on the platform, but your name is removed (reviews become anonymized)
- **Producer Profile:** If you have published apps on ScripTreeApps, your producer profile information is retained so buyers can download apps you have created

---

## 4. Email and Communication Preferences

### 4.1 Transactional Emails

We send transactional emails based on your account activity (e.g., order confirmations, password resets, refund notifications). These emails are sent regardless of your marketing preferences because they relate to your account security and purchased services.

### 4.2 Marketing Emails

We may send marketing emails (e.g., promotions, newsletter, app update digests) if you have opted in. You can opt out of marketing emails at any time by:

- Clicking the unsubscribe link in any email, OR
- Going to **Account > Preferences > Email** and adjusting your preferences

### 4.3 App Update Notifications

If you opt in to app update notifications, we will send you a weekly email digest listing updates available for apps you own. You can turn this off in your email preferences at any time.

---

## 5. Data Retention

We retain personal information for as long as necessary to provide our services and comply with legal obligations. Specific retention periods include:

- **Account Data:** Retained while your account is active; deleted after the 30-day grace period following account deletion
- **Transaction Data:** Retained for 7 years (required for tax and legal compliance)
- **Fraud Detection Data:** Retained for up to 90 days
- **Email Communications:** Retained for up to 2 years for compliance and dispute resolution
- **Cookies:** Session cookies are deleted when you log out; persistent cookies are deleted after 30 days of inactivity

---

## 6. Sharing Your Information

We do **not** sell your personal information. We may share your information in the following limited circumstances:

- **Payment Processing:** With payment processors (Stripe) to process your purchases
- **Service Providers:** With third-party vendors who perform services on our behalf (e.g., email delivery, analytics)
- **Legal Compliance:** When required by law, court order, or government request
- **Fraud Prevention:** With other platforms or law enforcement when investigating fraud or abuse
- **Business Transfer:** In the event of a merger, acquisition, or sale of assets, your information may be transferred

---

## 7. Your Privacy Rights

Depending on your location, you may have certain privacy rights, including:

### 7.1 Data Subject Access Requests (DSAR)

You have the right to request a copy of the personal information we hold about you. To submit a DSAR:

1. Go to **Account > Privacy > Request My Data**, OR
2. Email us at support@scriptreeapps.com

We will respond within 30 days (or as required by law).

### 7.2 Right to Correction

If your personal information is inaccurate, you can correct it by logging into your account and updating your profile.

### 7.3 Right to Deletion

Subject to legal and operational requirements, you can request deletion of your account (see Section 3).

### 7.4 Right to Opt-Out of Marketing

You can opt out of marketing emails at any time using the unsubscribe link or your email preferences.

---

## 8. Children&apos;s Privacy

ScripTreeApps services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete it immediately and notify the parent or guardian.

---

## 9. Security

We implement industry-standard security measures to protect your personal information, including:

- Encryption of sensitive data in transit (HTTPS/TLS)
- Secure password hashing (Argon2id)
- Role-based access controls
- Regular security audits and penetration testing
- Two-factor authentication (2FA) option for account protection

However, no security system is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

---

## 10. Third-Party Links and Services

Our website and services may contain links to third-party websites and services that are not operated by ScripTreeApps. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We recommend reviewing the privacy policies of any third-party services you use.

---

## 11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, laws, or other factors. We will notify you of material changes by email or by posting the updated policy on our website with an updated "Last Updated" date.

---

## 12. Contact Us

If you have questions about this Privacy Policy or your privacy rights, please contact us:

**Email:** support@scriptreeapps.com

**Mailing Address:**
PO Box 4297, Lively STN Main, ON P3Y 1N3, Canada

**Legal Entity:** ScripTreeApps

---

## See also

- **Terms of Service** at `/legal/terms` — the buyer-facing contract that incorporates this Privacy Policy by reference (§16 of the Terms).
- **Producer Agreement** at `/legal/producer-agreement` — privacy obligations applicable to producers (§§ 11 audit, 12 confidentiality, 13 termination).
- **Refund Policy** at `/legal/refund` — data retention specific to refund records.
- **License Disclosure Policy** at `/legal/license-disclosure-policy` — disclosure-related audit-trail retention.

---

## Appendix A: Data Processing and GDPR Compliance

### A.1 Legal Basis for Processing

We process your personal information on the following legal bases:

- **Contract:** To fulfill our obligations to you (provide services, process purchases)
- **Legitimate Interest:** To protect our platform from fraud and abuse, improve services, and comply with legal obligations
- **Consent:** When you provide consent (e.g., opt-in to marketing emails)
- **Legal Obligation:** To comply with tax laws, payment processing requirements, and other legal obligations

### A.2 Data Transfers

If you are located outside Canada, your information may be transferred to and processed in Canada. By using ScripTreeApps, you consent to the transfer of your information to Canada and other countries where we operate.

### A.3 Your GDPR Rights (EU/EEA Users)

If you are located in the EU/EEA, you have additional rights under the General Data Protection Regulation (GDPR), including:

- Right to access your data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to object to processing
- Right to data portability
- Right to lodge a complaint with a supervisory authority

To exercise these rights, submit a request to support@scriptreeapps.com.

---

**Last Updated: May 8, 2026**

--- title: "Privacy Policy" slug: "privacy" --- **Effective Date:** May 2026 **Last Updated:** 2026-05-08 ScripTreeApps ("ScripTreeApps", "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, mobile application, and use our services. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services. --- ## 1. Information We Collect We collect information about you in the following ways: ### 1.1 Information You Provide Directly - **Account Information:** Email address, password, display name, profile information, billing address, and payment details - **Communication:** When you contact us for support, submit a refund request, or communicate with other users - **Transaction Information:** Purchase history, refund requests, disputes, and payment method details - **User-Generated Content:** Reviews, ratings, comments, and feedback you submit ### 1.2 Information Collected Automatically - **Device Information:** Device type, operating system, browser type, IP address, and unique device identifiers - **Usage Information:** Pages visited, time spent on pages, links clicked, search queries, and app downloads - **Cookies and Similar Technologies:** We use cookies to track sessions and improve your experience ### 1.3 Fraud Detection Information To protect ScripTreeApps and our community from fraud and abuse, we collect and analyze: - **Account Creation Velocity:** The speed and pattern at which accounts are created from your IP address or location. Rapid account creation from a single IP may indicate coordinated fraud. - **Review Behavior Analysis:** Similarities between reviews you write and reviews from other accounts (e.g., identical phrasing, suspicious timing). This helps us detect sock-puppet accounts and coordinated review manipulation. - **IP Address and Location Data:** Used to detect unusual account activity, account takeover attempts, and coordinated fraud campaigns. These fraud signals are used solely to identify and prevent platform abuse. We retain this data for up to 90 days for fraud detection and investigation purposes. --- ## 2. How We Use Your Information We use the information we collect for the following purposes: - **Service Delivery:** Providing, maintaining, and improving our services - **Account Management:** Creating and managing your account, processing logins and password resets - **Transaction Processing:** Processing purchases, refunds, and payouts - **Communications:** Sending transactional emails (order confirmations, refunds, account notifications) and, if you opt in, marketing communications - **Fraud Detection:** Analyzing account creation velocity, review text similarity, and IP patterns to detect and prevent fraud and abuse (see Section 1.3) - **Customer Support:** Responding to your inquiries and resolving disputes - **Legal Compliance:** Complying with laws, regulations, and legal requests - **Analytics:** Understanding how our services are used to improve them --- ## 3. Account Deletion ### 3.1 How to Request Deletion You can request to permanently delete your ScripTreeApps account in your Account Settings under **Security > Delete Account**. You will be asked to enter your password to confirm. ### 3.2 The 30-Day Grace Period When you request deletion, your account is scheduled for permanent deletion 30 days after your request. During this grace period: - Your account remains fully active and accessible - You can log in and use all services normally - You can cancel the deletion request at any time without re-authentication After the 30-day grace period, your account will be **permanently deleted** and cannot be recovered. ### 3.3 What Data is Deleted When your account is permanently deleted: - Your email address is removed - Your name and personal information are removed - Your login credentials are removed - Your billing and payment information is deleted - Your session tokens and authentication records are purged - Your two-factor authentication settings (if enabled) are removed ### 3.4 What Data is Retained Some data is retained after account deletion for legal and operational reasons: - **Purchase History:** A de-identified record of your orders is retained for tax compliance and legal record-keeping (you cannot be personally identified from this record) - **Reviews:** Your reviews remain published on the platform, but your name is removed (reviews become anonymized) - **Producer Profile:** If you have published apps on ScripTreeApps, your producer profile information is retained so buyers can download apps you have created --- ## 4. Email and Communication Preferences ### 4.1 Transactional Emails We send transactional emails based on your account activity (e.g., order confirmations, password resets, refund notifications). These emails are sent regardless of your marketing preferences because they relate to your account security and purchased services. ### 4.2 Marketing Emails We may send marketing emails (e.g., promotions, newsletter, app update digests) if you have opted in. You can opt out of marketing emails at any time by: - Clicking the unsubscribe link in any email, OR - Going to **Account > Preferences > Email** and adjusting your preferences ### 4.3 App Update Notifications If you opt in to app update notifications, we will send you a weekly email digest listing updates available for apps you own. You can turn this off in your email preferences at any time. --- ## 5. Data Retention We retain personal information for as long as necessary to provide our services and comply with legal obligations. Specific retention periods include: - **Account Data:** Retained while your account is active; deleted after the 30-day grace period following account deletion - **Transaction Data:** Retained for 7 years (required for tax and legal compliance) - **Fraud Detection Data:** Retained for up to 90 days - **Email Communications:** Retained for up to 2 years for compliance and dispute resolution - **Cookies:** Session cookies are deleted when you log out; persistent cookies are deleted after 30 days of inactivity --- ## 6. Sharing Your Information We do **not** sell your personal information. We may share your information in the following limited circumstances: - **Payment Processing:** With payment processors (Stripe) to process your purchases - **Service Providers:** With third-party vendors who perform services on our behalf (e.g., email delivery, analytics) - **Legal Compliance:** When required by law, court order, or government request - **Fraud Prevention:** With other platforms or law enforcement when investigating fraud or abuse - **Business Transfer:** In the event of a merger, acquisition, or sale of assets, your information may be transferred --- ## 7. Your Privacy Rights Depending on your location, you may have certain privacy rights, including: ### 7.1 Data Subject Access Requests (DSAR) You have the right to request a copy of the personal information we hold about you. To submit a DSAR: 1. Go to **Account > Privacy > Request My Data**, OR 2. Email us at support@scriptreeapps.com We will respond within 30 days (or as required by law). ### 7.2 Right to Correction If your personal information is inaccurate, you can correct it by logging into your account and updating your profile. ### 7.3 Right to Deletion Subject to legal and operational requirements, you can request deletion of your account (see Section 3). ### 7.4 Right to Opt-Out of Marketing You can opt out of marketing emails at any time using the unsubscribe link or your email preferences. --- ## 8. Children's Privacy ScripTreeApps services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete it immediately and notify the parent or guardian. --- ## 9. Security We implement industry-standard security measures to protect your personal information, including: - Encryption of sensitive data in transit (HTTPS/TLS) - Secure password hashing (Argon2id) - Role-based access controls - Regular security audits and penetration testing - Two-factor authentication (2FA) option for account protection However, no security system is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. --- ## 10. Third-Party Links and Services Our website and services may contain links to third-party websites and services that are not operated by ScripTreeApps. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We recommend reviewing the privacy policies of any third-party services you use. --- ## 11. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices, technology, laws, or other factors. We will notify you of material changes by email or by posting the updated policy on our website with an updated "Last Updated" date. --- ## 12. Contact Us If you have questions about this Privacy Policy or your privacy rights, please contact us: **Email:** support@scriptreeapps.com **Mailing Address:** PO Box 4297, Lively STN Main, ON P3Y 1N3, Canada **Legal Entity:** ScripTreeApps --- ## See also - **Terms of Service** at `/legal/terms` — the buyer-facing contract that incorporates this Privacy Policy by reference (§16 of the Terms). - **Producer Agreement** at `/legal/producer-agreement` — privacy obligations applicable to producers (§§ 11 audit, 12 confidentiality, 13 termination). - **Refund Policy** at `/legal/refund` — data retention specific to refund records. - **License Disclosure Policy** at `/legal/license-disclosure-policy` — disclosure-related audit-trail retention. --- ## Appendix A: Data Processing and GDPR Compliance ### A.1 Legal Basis for Processing We process your personal information on the following legal bases: - **Contract:** To fulfill our obligations to you (provide services, process purchases) - **Legitimate Interest:** To protect our platform from fraud and abuse, improve services, and comply with legal obligations - **Consent:** When you provide consent (e.g., opt-in to marketing emails) - **Legal Obligation:** To comply with tax laws, payment processing requirements, and other legal obligations ### A.2 Data Transfers If you are located outside Canada, your information may be transferred to and processed in Canada. By using ScripTreeApps, you consent to the transfer of your information to Canada and other countries where we operate. ### A.3 Your GDPR Rights (EU/EEA Users) If you are located in the EU/EEA, you have additional rights under the General Data Protection Regulation (GDPR), including: - Right to access your data - Right to rectification of inaccurate data - Right to erasure ("right to be forgotten") - Right to restrict processing - Right to object to processing - Right to data portability - Right to lodge a complaint with a supervisory authority To exercise these rights, submit a request to support@scriptreeapps.com. --- **Last Updated: May 8, 2026**