Your privacy is very important to us. Accordingly, we have developed this Privacy Policy in order for you to understand how Acid Media SRL (“Mobiscroll”, “we”, “us”, “our”) collect, use, communicate, protect and disclose and make use of personal information, when you:
Visit our websites (including mobiscroll.com and subdomains),
Use our products, including Mobiscroll UI and Mobiscroll Connect,
Interact with us for support, sales, or marketing.
We are committed to protecting your privacy and processing personal data fairly, transparently, and securely.
Note on roles:
For our website, accounts, billing, and marketing, we act as a data controller.
For Mobiscroll Connect, we typically act as a data processor on behalf of our customers, who are the data controllers.
For Mobiscroll UI (licensed components), we generally do not process your end-user data; the licensed components run in your environment.
If you have any questions, you can contact us at: support@mobiscroll.com
1. Scope and Who We Are
This Privacy Policy applies to:
Mobiscroll UI – our licensed UI components and frameworks used in your applications.
Mobiscroll Connect – our hosted/API service that processes data on your behalf.
Mobiscroll websites, dashboards, and support channels – including trials, documentation, and online accounts.
This Privacy Policy does not change any rights or obligations under:
The Mobiscroll End User License Agreement (EULA) for Mobiscroll UI,
The Mobiscroll SaaS UI License Agreement (if applicable),
Any Data Processing Agreement (DPA) between you and Mobiscroll,
Any signed commercial agreement or Order Form.
Where there is a conflict about data processing, the DPA prevails over this Privacy Policy.
2. The Services We Provide and Our Roles
2.1 Mobiscroll UI
Mobiscroll UI consists of client-side components that you integrate into your own software.
Trial version:
Uses remote validation againsthttps://trial.mobiscroll.comto unlock functionality. We collect limited technical data (e.g. what components are initialized, configuration needed for license validation) for the purpose of validating the trial and preventing abuse.Licensed version:
Works fully offline in your environment and does not call home to Mobiscroll for regular operation. We do not receive your end-users’ data through the licensed UI components.
For Mobiscroll UI, your application is the one that processes your end-users’ personal data. You are the controller for that data.
2.2 Mobiscroll Connect
Mobiscroll Connect is a hosted API service. It enables functionality such as scheduling or data synchronization by processing data that you send to our APIs.
You (our customer) are usually the controller of data sent to Mobiscroll Connect.
Mobiscroll acts as a processor (or sub-processor) and processes Customer Data only on your documented instructions (for example, via API calls and configuration).
Mobiscroll Connect operates primarily as pass-through plus temporary storage:
Data is processed and may be stored for a short period (e.g. for retries, logs, troubleshooting, and to ensure reliable operation),
We do not store Customer Data longer than necessary for these purposes, unless required by law or as agreed in a DPA.
A separate DPA describes these processing activities in detail.
2.3 Website, Account, Sales, and Support
When you:
Browse our website,
Register for a trial or account,
Purchase a license or subscription,
Interact with our sales or support teams,
we act as a data controller for your personal data in that context.
3. Personal Data We Collect
3.1 Information You Provide to Us
Registration & Account Data
We collect information when you:
Sign up for a Mobiscroll account,
Start a trial,
Purchase Mobiscroll UI or Mobiscroll Connect,
Communicate with us via chat, email, or forms.
This may include:
Name,
Email address,
Company name,
Job title/role,
Billing address,
Phone number,
Login credentials (hashed passwords or SSO identifiers),
Communication preferences.
Payment Data
When you purchase a license or subscription:
Payment details (e.g. card information) are collected and processed by our payment providers (currently Braintree and PayPal).
We do not store your full card number or CVV on our servers.
We may store billing-related data such as:
Last 4 digits of the card,
Card type,
Billing address,
Transaction history.
Support and Communications
If you contact support or sales, we may collect:
The content of your messages and requests,
Technical logs or screenshots you choose to share,
Meeting notes or call recordings (if explicitly agreed or where required for training/quality).
3.2 Information Collected Automatically
When you visit our websites, dashboards, or use our services, we may collect:
Technical data:
IP address,
Browser type and version,
Device identifiers,
Operating system,
Referrer URL,
Time zone and language.
Usage data:
Pages visited,
Buttons and links clicked,
Session duration,
Features used in our dashboard or tooling,
Error and performance metrics.
This information is collected using cookies and similar technologies (see Section 7 and our Cookie Policy).
3.3 Trial Usage Data (Mobiscroll UI)
During the trial period of Mobiscroll UI:
The trial code communicates with
https://trial.mobiscroll.comfor license validation.We may collect:
The Mobiscroll components you initialize,
Configuration options needed strictly for validation,
License key or trial identifier,
Basic environment information (e.g. domain, tech stack version)
We do not collect your end-user content or business, event data through the trial validation service.
When you switch to a licensed (non-trial) version, the components do not communicate with Mobiscroll servers for normal operation, and we stop collecting trial usage data.
3.4 Data Processed Through Mobiscroll Connect
When you use Mobiscroll Connect, you send us Customer Data via API calls. Depending on how you configure your integration, this may include:
Identifiers for your end-users (e.g. name, email, IDs),
Calendar or scheduling information,
Application-specific payloads related to your use case.
We also generate Service Data, such as:
API request and response metadata,
Authentication and security logs,
Performance and reliability metrics.
Customer Data
Is processed only as needed to provide Mobiscroll Connect, debug issues, ensure security, and fulfill your instructions.
Is retained for limited time in line with our DPA and internal policies.
Service Data
Is used to operate, secure, analyze, and improve Mobiscroll Connect and related services.
Is typically stored for longer than Customer Data, but in a way that does not require us to retain identifiable Customer Data longer than necessary.
We do not use Customer Data from Mobiscroll Connect to create marketing profiles or train separate models unrelated to providing or improving our services, except in aggregated or anonymized form.
4. How We Use Personal Data and Legal Bases
Where GDPR/UK GDPR applies, we rely on the following legal bases:
Contract necessity – to set up and manage your account, provide trials, fulfill orders, deliver Mobiscroll Connect, and provide support.
Legitimate interests – to secure our services, analyze usage, improve products, prevent abuse, and market Mobiscroll to existing or prospective business customers (B2B).
Consent – where required for certain cookies, marketing communications, or specific optional features.
Legal obligation – to comply with accounting, tax, and regulatory requirements.
We use personal data to:
Provide and maintain our services
Create and manage accounts and licenses,
Deliver Mobiscroll Connect functionality,
Validate Mobiscroll UI trials,
Provide updates and bug fixes.
Process payments and billing
Issue invoices,
Process payments via third-party providers,
Prevent fraud and abuse.
Support and communicate with you
Respond to requests and support tickets,
Provide onboarding and technical guidance,
Notify you of important changes (security, terms, service updates).
Improve and develop our products
Understand how our websites and products are used,
Test new features and interface changes,
Analyze trends in an aggregated way.
Marketing (B2B)
Send newsletters, product updates, and relevant content,
Run campaigns via email and advertising platforms (e.g. Google, Facebook, LinkedIn),
Respect your marketing preferences and opt-out choices.
You can object to certain processing based on legitimate interests (especially direct marketing) at any time.
5. Sharing Your Data with Third Parties
We do not sell your personal data. We share it only where necessary and with appropriate safeguards.
5.1 Service Providers (Processors)
We use third-party providers to help us operate our business and deliver our services. Depending on your use, this may include:
Cloud & infrastructure:
Amazon Web Services (AWS)
Microsoft Azure
Payments:
Braintree
PayPal
Analytics & product usage:
Google (e.g. Google Analytics)
Fullstory
Communication & customer success:
Intercom
Zendesk
Mailchimp
Fraud prevention & geo/IP info:
MaxMind
Advertising & marketing tools:
Facebook
LinkedIn
These providers act as processors and may only process personal data on our instructions and for the specified purposes. We ensure appropriate contractual and security controls are in place.
5.2 Customers’ Own Integrations (Connect)
For Mobiscroll Connect, you may configure your own integrations (e.g. your email or calendar provider, or downstream systems). In those cases:
You control which third parties receive the data,
Mobiscroll simply executes your configuration and instructions.
5.3 Legal and Compliance
We may disclose personal data if required to:
Comply with applicable law, court orders, or lawful requests from authorities,
Establish, exercise, or defend legal claims,
Protect our rights, property, or safety, or that of our users or the public.
Where legally permitted, we will notify relevant customers before disclosing personal data.
5.4 Business Transfers
If Mobiscroll is involved in a merger, acquisition, reorganization, sale of assets, or similar transaction, personal data may be transferred as part of that transaction, subject to this Privacy Policy and any applicable legal requirements.
6. International Data Transfers
We are based in Romania / EU, but some of our providers and infrastructure are located in other countries, including outside the European Economic Area (EEA).
Where personal data is transferred outside the EEA to a country that does not provide an equivalent level of protection, we rely on appropriate safeguards, such as:
Standard Contractual Clauses (SCCs) approved by the European Commission,
Other applicable data transfer mechanisms under EU data protection laws.
Details can be found in our DPA or obtained by contacting us.
Data residency for Mobiscroll Connect:
We plan to offer customer-selectable data regions in the future. Until then, data is hosted in regions chosen by Mobiscroll and our infrastructure providers, as described in our technical and contractual documentation.
7. Cookies and Similar Technologies
We use cookies and similar technologies on our websites and dashboards to:
Keep you signed in and secure your session,
Remember your preferences,
Understand how our website and services are used,
Measure the effectiveness of our marketing,
Show you relevant content and ads.
Some cookies are strictly necessary for the site to function; others are analytics or marketing cookies.
You can:
Manage your cookie preferences via our Cookie banner or Cookie Policy,
Adjust your browser settings to block or delete cookies, bearing in mind some functionality may not work properly.
For more details, please see our separate Cookie Policy.
8. Data Retention
We retain personal data only for as long as necessary to:
Provide our services and fulfill our contractual obligations,
Comply with legal, tax, and regulatory requirements,
Resolve disputes and enforce our agreements,
Maintain appropriate business records.
In general:
Account and billing data are kept while your account is active and for a period after closure as required by law (e.g. tax and accounting periods).
Customer Data in Mobiscroll Connect is retained for a limited period needed to provide the service, for retries and troubleshooting, and then deleted or anonymized in accordance with our DPA and internal policies.
Trial validation data is kept only as long as needed to manage trials and protect against abuse.
Logs and Service Data may be retained for longer to ensure security, detect fraud, and analyze performance, but not in a way that requires us to retain identifiable Customer Data longer than necessary.
If you ask us to delete your personal data, we will do so unless we must retain it for legal or legitimate business reasons (see “Your Rights” below).
9. Security
We take security seriously and implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
These measures include, for example:
Encryption in transit (HTTPS/TLS) and at rest (for relevant data),
Access controls and least-privilege principles,
Monitoring, logging, and intrusion detection,
Regular updates and security patches,
Internal policies and staff training.
No system is perfectly secure, but we work continuously to keep our systems and your data safe.
10. Your Rights
Where applicable under GDPR/UK GDPR and similar laws, you may have some or all of the following rights regarding your personal data:
Right of access – to know whether we process your personal data and to receive a copy.
Right to rectification – to have inaccurate or incomplete personal data corrected.
Right to erasure – to request deletion of personal data in certain circumstances.
Right to restriction – to request that we limit processing in certain situations.
Right to data portability – to receive your personal data in a structured, commonly used format and transmit it to another controller.
Right to object – to object to processing based on our legitimate interests, including direct marketing.
Right to withdraw consent – where processing relies on consent, you can withdraw it at any time (this does not affect processing before withdrawal).
Right to lodge a complaint – with your local data protection authority.
To exercise your rights, please contact us at: support@mobiscroll.com.
We may need to verify your identity before acting on your request.
If you are an end-user of a customer’s application:
In most cases, Mobiscroll acts as a processor for Customer Data in Mobiscroll Connect. Please direct any rights requests to the controller (our customer) who operates the application or service you use. We will assist them as required by our DPA and data protection law.
11. Your Choices
11.1 Marketing Communications
You can control your marketing preferences by:
Using the unsubscribe link in any marketing email,
Adjusting settings in your Mobiscroll account if available,
Contacting us at support@mobiscroll.com
We will still send service-related communications (e.g. security notices, essential updates, transactional emails) even if you opt out of marketing.
11.2 Cookies
You can manage cookies as described in Section 7 and our Cookie Policy. Note that disabling certain cookies may affect site functionality.
11.3 Account and Profile
You can update your account details in your Mobiscroll dashboard. To delete your Mobiscroll account, please contact us; note that deletion of the account may not immediately remove all data in backups or where retention is required by law.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our products, practices, or legal requirements. When we make changes, we will update the “Last updated” date at the top.
Your continued use of our services after the updated Privacy Policy becomes effective means you accept the changes.
13. Contact Us
If you have questions, concerns, or requests about this Privacy Policy or our handling of personal data, please contact:
SC. Acid Media SRL.
RO19333154
Dambovitei 12, Targu Mures, Mures, 540495, Romania
support@mobiscroll.com
You also have the right to lodge a complaint with your local data protection authority.