Privacy Policy

for ScrollSky

Your privacy is very important to us. This Privacy Policy explains how we collect, use, communicate, and share information when you install or use ScrollSky in connection with your Shopify store. We have developed this Privacy Policy in order for you to understand how Softerra (“Company”, “we”, “us”) handles your information.

Last updated: November 19, 2025

1. Who We Are

This app (ScrollSky) is provided by Softerra(“we”, “us”, or “our”).

Registered address: Islamabad, Pakistan
Contact email: support@softerra.org

2. Scope of This Policy

This Privacy Policy applies to information we process about:

  • Shopify merchants who install or use the app; and
  • Data from the merchant’s Shopify store that our app accesses or processes on their behalf.

We act as a data processor/service provider for the data we handle on behalf of merchants, and as a data controller/business for information we collect directly about merchants (for example, billing information or support communications).

3. How Do We Collect Information From You?

Softerra collects information from you when you send it to us directly by filling out forms on our website (including any application you may make for products or services), corresponding with us by e-mail, live chat, or speaking to us by telephone. We also collect information when you install and use ScrollSky in your Shopify store, as set out in detail below. Some of the methods we use to collect data are automated and will take effect automatically as you navigate our website and/or use our services.

4. What Information Do We Collect?

4.1 Personal Information

Personal data relates to a living individual who can be identified from that data. Identification can be by the data alone or in conjunction with any other data in our possession or likely to come into such possession. The processing of your personal data is governed by applicable privacy laws.

When you place an order, register for a new account, or install ScrollSky on your Shopify store, as appropriate, you may be asked to enter your name, e-mail address, mailing address, phone number, or credit card information.

4.2 Information from Your Shopify Store

When you install ScrollSky, Shopify automatically provides us with access to certain types of data from your store via the Shopify API. The actual data we access depends on the permissions you approve during installation. This may include:

  • Store information— store name, URL, email address, time zone, currency, plan type.
  • Merchant contact details— name, email address, phone number, billing address.
  • Customer data(if required by the app’s features) — customer names, email addresses, shipping/billing addresses, and purchase history.
  • Theme or content data— theme identifiers and configuration we need in order to render widgets or scripts in your store.

4.3 Payment Information

When you add your financial account information to your account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems. All payment transactions are processed through secure payment gateways that comply with PCI DSS standards.

4.4 User Communications

If you contact us via email or through our live chat facility, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

4.5 Non-Personal Information

We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. General information is collected when you access our website. We use your IP address to identify your location/country when you use our website. We also record information such as the pages you visit most, the time you spend on our website, the number of visits you make, and if you are referred from any other websites or links.

4.6 Information We Receive from Third Parties

We may receive information about you from third-party services, including Shopify, payment processors, and analytics providers, in accordance with their privacy policies and our agreements with them.

5. How Do We Use and Store Your Data?

As a general matter, Softerra may use the Personal Information you disclose to us to improve and provide the website, the services, and for the specific purpose that you gave us your Personal Information. More specific details on how we use your information follows below.

  • To create and authenticate your account— We may use your Personal Information to create and authenticate your account when you install ScrollSky.
  • To improve customer service— Your information helps us to more effectively respond to your customer service requests and support needs.
  • To process transactions— Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
  • To provide, operate and maintain the app— We use information to configure ScrollSky for your Shopify store and ensure it functions properly.
  • To send important notices— From time to time, we may use the email address you provided when you signed up to send important notices, such as important product updates and communications about your service agreements with us, as well as changes to our terms, conditions, and policies.
  • To analyze and improve— We analyze app usage and performance to improve functionality and user experience.
  • Marketing communications— We may use Personal Information to offer, market or advertise to you our products and services. While such products and services may reference, incorporate or include third-party products and services, we will not use your Personal Information to independently offer, market or advertise third-party products and services unless we first obtain your consent to do so. If you do not want to receive such information, you can opt out at any time by changing your settings or by clicking on the “Unsubscribe” link in the email message.
  • User Communications— We may use User Communications in the same way as we use Personal Information. If you communicate with us for a particular purpose, we may use your User Communications for that purpose. For example, if you contact us for technical support, we may use your communications to provide technical support to you.
  • To comply with legal obligations— We use information to comply with our legal obligations and enforce our terms of service.

6. What Is Our Lawful Basis for Processing Your Personal Data?

In general, the lawful bases for us to process your personal data for the various types of processing performed on your data (please refer to “How Do We Use and Store Your Data?” section of this Policy) is, as applicable, processing based on your consent, as necessary for us to enter into and to perform our contract with you, to comply with our obligations under the applicable employment, social security or social protection laws, or as necessary to pursue the legitimate interest of our Company or of third parties.

If you are located in the European Economic Area or the United Kingdom, we process your personal data under the following legal bases:

  • To perform our contract with you (for example, to provide the app);
  • To pursue our legitimate interests (such as improving and securing the app), where those interests are not overridden by your rights;
  • To comply with legal obligations; and
  • With your consent, where applicable. You may withdraw consent at any time by contacting us.

We will collect, process and use the personal information supplied by you only for the purposes communicated to you and will not disclose it to third parties except under the circumstances of data disclosure to third parties in the section “How Do We Disclose Your Information?” below.

7. How Do We Disclose Your Information?

Except as disclosed in this Privacy Policy, Softerra does not share your Personal Information with unaffiliated third parties other than as set out in this Privacy Policy. We do not sell your personal information. We will never disclose your Personal Information to an unaffiliated third party for the purposes of e-mail or other marketing unless we first obtain your consent to do so.

We may share information in the following limited circumstances:

  • Service providers— with trusted third-party vendors who help us operate the app (for example: hosting, data storage, analytics, customer support). These providers are bound by contractual obligations to protect your data.
  • Shopify— as necessary to provide the app and comply with Shopify’s requirements and policies.
  • Business transfers— In the event that Softerra is purchased by another company, merges with another company or has a substantial portion of its assets purchased by another company, we may share your Personal Information with that company. In such an event, we will notify you in advance.
  • Legal and safety— We may also share information to (i) satisfy any applicable law, regulation, legal process, or governmental request; (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof; (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to your requests; or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.

8. Data Retention

Softerra limits the use of Personal Information to the purposes identified in this Privacy Policy and for which you have provided explicit consent. In accordance with established policies and procedures, we retain Personal Information only for as long as necessary to fulfil the stated purposes, unless it is required by law for a different period or we have the consent of the individual.

In general:

  • Store and app configuration data are retained while the app is installed and for a reasonable period afterward.
  • Log and analytics data may be retained for a limited period for security, troubleshooting, and reporting.
  • Transactional and billing information may be retained as required by law for tax and accounting purposes.

When you uninstall the app, we will remove or anonymize personal data that we no longer need, subject to any legal retention requirements. In accordance with established policies and procedures, we will periodically destroy or erase any Personal Information that is no longer needed.

9. How Do We Protect Your Information?

We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. We protect your data using technical measures to minimize the risks of misuse, unauthorized access, unauthorized disclosure, loss or theft, and loss of access.

Some of the safeguards we use are data pseudonymization, data encryption, firewalls, and data access authorization controls. We take our data security very seriously. Therefore, the security mechanisms used to protect your data are checked and updated regularly to provide effective protection against abuse.

We offer the use of a secure server. All supplied information is transmitted via Secure Socket Layer (SSL) technology using best-practice encryption techniques. Transactional information such as payment details are encrypted before they are processed by our Payment gateway provider only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

However, no method of transmission over the internet or method of electronic storage is 100% secure, so we cannot guarantee absolute security.

10. Use of Cookies

We use cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may use session cookies to make it easier for you to navigate our site. The cookie itself does not contain Personal Information although it will enable us to relate your use of this site to information that you have specifically and knowingly provided.

You can refuse cookies by turning them off in your browser. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following the instructions provided in your internet browser. If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers’ respective websites.

11. International Data Transfers

We may process and store information in countries other than the country where you are located. Where required by law, we implement appropriate safeguards (such as standard contractual clauses) to ensure that any transferred personal data remains protected.

12. Access to Your Personal Information

Based on what you have told us, we will try to ensure that your contact information and preferences are accurate, complete, and up to date. You have the right to request access to and rectification or erasure of Personal Information or restriction of processing concerning your Personal Information or to object to processing as well as the right to data portability.

We will comply with erasure requests as long as we are not required to retain the Personal Information by law and do not need to retain it for our legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardise the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction, or deletion requests can be made by emailing us using the contact information provided in the Contact Us section below.

13. Your Data Protection Rights Under the General Data Protection Regulation (GDPR)

As a Data Subject you have the following data protection rights:

  • The right to request a copy of your personal data which we hold about you.
  • The right to request that we correct any personal data if it is found to be inaccurate or out of date.
  • The right to request to erase your personal data where it is no longer necessary for us to retain such data, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
  • The right to withdraw your consent to the processing at any time, where we rely on your consent to process your data. This includes cases where you wish to opt out from marketing communications that you receive from us.
  • The right to request that we provide you with your data and where possible, to transmit that data directly to another data controller, where the processing is based on your consent or is necessary for the performance of a contract with you, and in either case we process the data by automated means.
  • The right to restrict our processing of your personal data where you believe such data to be inaccurate, our processing is unlawful; or that we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it.
  • The right to object to us using your personal data, where the legal justification for our processing of your personal data is our legitimate interest. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of legal claims.
  • The right to lodge a complaint regarding our processing of your data, with the competent authority where you reside or in which your data is processed.

Should you ever wish to exercise one or more of these rights, please contact us using the details in the Contact Us section below. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may need to verify your identity before responding.

14. Children’s Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act). We do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older. The app is intended for use by businesses and is not directed to children under the age of 13. We do not knowingly collect personal data from children. If you believe that a child has provided personal data to us, please contact us and we will take steps to delete such data.

15. California Online Privacy Protection Act Compliance

Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent. All users of our site may make any changes to their information at any time by logging into their control panel and going to the ‘Edit Account Details’ page or by contacting us directly.

16. Third Party Websites

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Information to these websites.

17. Your Consent

By using our site and installing ScrollSky, you consent to our website privacy policy.

18. Changes to Our Privacy Policy

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). If we make material changes, we will notify you by updating the “Last updated” date at the top of this page and, where appropriate, through the app or by email.

19. Contact Us

If you have any questions about this Privacy Policy or our data practices, you can contact us at:

Softerra
Islamabad, Pakistan
Email: support@softerra.org

This template is provided for informational purposes only and does not constitute legal advice. You are responsible for ensuring that your use of this policy complies with all applicable laws and Shopify’s terms.