Scrapp Privacy Policy

Last Updated: August 4th 2025

Last Reviewed: August 4th 2025

Our Mission

We built Scrapp to be your go-to resource for learning about zero-waste practices. Whether you're around the house, at work, or volunteering with your local community, Scrapp makes it easy to dispose of things the right way and positively impact the world around you.

Our "services" have the same meaning as defined in the Terms of Service. They include the Scrapp's software, which is accessible across both mobile and web-based devices. We also have a website, blog, and support center, and we may collect your information through other means like surveys, emails, and social media to deliver the best experience possible. This information is never connected to a device's scan history to create a "user profile".

We may share content posted in public spaces, but only after contacting the individual for their permission or crediting their contributions. These features are important to us for building the Scrapp community, and we believe they will make Scrapp even better for our users. You should take all of this into account when you are using our services.

We make money from paid subscriptions, knowledge-based services, and the sale of digital (and sometimes physical) goods, not from selling your personal information to third parties.

Services Covered

This policy applies to all Scrapp services:

• Scrapp mobile app and web portal: Individual recycling & disposal guidance
• Scrapp for Communities: Municipal and organizational programs
• Scrapp for Business: Organizational waste accounting and zero waste strategy
• Website and support: Our blog, help center, and customer service

What We Don't Collect

To be completely clear, we never collect:

• Personal conversations or private messages
• Information from other apps on your device
• Your browsing history outside of Scrapp
• Sensitive personal information (health, financial, political views)

The Information We Collect

We collect certain information depending on how you use Scrapp. This includes information you provide to us, information we collect automatically, and information we receive from other sources. Every piece of information we collect serves a specific purpose: delivering recycling guidance, improving our services, enabling a great user experience, or fulfilling legal requirements. We don't collect data just because we can.

Core App Usage (No Account Required)

App Activity Data

When you download the Scrapp app to learn how to dispose of items properly, we collect:

• Product Information: Such as brand name, product name, size, barcode, packaging parts, and packaging materials.
• General location: Your approximate location to provide local disposal information.
• When you used the app: Timestamp of your activity
• Technical identifier: A randomized ID for your device (this cannot identify you personally). This identifier is assigned at the install/unique site visit for each user. If you uninstall and reinstall the application, a new ID will be given to you.
• Your Address: This information is only collected if you subscribe to bin day reminders for your local community.
• Infrastructure Information: The information for what can be disposed of, where, at what time, in what manner, and the contact information for that specific infrastructure.

Why we need this: To give you accurate, location-specific recycling guidance and understand which items people recycle most often. It is important to note that we don't track your location when the app is closed or running in the background. Your location is used for the sole purpose of delivering location-based disposal guidance or bin notifications if you have opted to use these features.

Device and Performance Information

We automatically collect:

• Basic device info: Operating system, app version, screen size
• Performance data: App crashes, loading times, error messages
• IP address: For security, rate/usage limiting, and ensuring acceptable use.

Why we need this: To fix bugs, improve app performance, and ensure compatibility across different devices.

Optional Features (With Your Permission)

Email for Support

• When: Only if you submit feedback and want a response
• What: Your email address and the contents of the feedback message.
• Retention: Deleted after your issue is resolved (unless you ask us to keep it for future support)

Session Recordings (Opt-In Only)

• What it is: Visual recordings of how you interact with the app interface
• Default setting: OFF - you must explicitly turn this on
• What we see: Button taps, page navigation, and how you use features
• What we DON'T see: Camera feed (blocked), content outside the app
• Why it helps: Allows us to see exactly where users get confused or encounter bugs, so we can fix them and improve the overall app experience. This is especially useful when helping those who don't have a high degree of tech literacy or when handling hard-to-describe, unique issues.
• Your control: Turn on/off anytime in Settings. When you turn it off, recordings stop immediately (you may need to restart the app).

Enhanced Features

Scrapp was designed to allow users to customize their experience around the use cases they need. Some optional features may request additional permissions, but core features that do not require any access continue to function. Some enhanced features that are optional include:

• Camera access: To scan barcodes and submit product requests
• Location services: For more precise recycling, disposal, and location recommendations
• Notifications: To send reminders from the council around bin pickup schedules.

Business and Community Services

Scrapp for Communities

When municipalities, organizations, or communities use our services to educate the public, track waste and recycling data, and identify zero waste strategies, we collect:

• Organization details: Company/organization name, contact information, service area, etc.
• Administrator information: Names and roles of people managing the account
• Usage statistics: How community members use recycling guidance, disposal guidance, and key features (aggregated data only).
• Custom recycling rules: Local disposal regulations, recycling guidance, and facility information you provide.

Corporate Waste Tracking

When companies employ our services for tracking waste and recycling data, and identifying zero waste strategies, we collect:

• Organization details: Company name, location, number of employees
• Waste stream data: Types and volumes of materials procured, recycled, and processed by the organization.
• Impact reporting: Waste diversion metrics, sustainability goal tracking, environmental impact calculations
• Administrative contacts: Names and roles of sustainability managers, facility coordinators, or primary contacts at the organization.

Paid Services

If you purchase Scrapp premium features or services:

• Payment info: Processed securely by our 3rd party payment providers with their own secure processes (we never see your full credit card number).
• Billing details: Name and address for payment processing.
• Purchase history: What you bought and when.

Your Data Collection Controls

We always provide you with control over the data we collect from you and give you the option to delete records by request or directly in the app.

Always Available:

• Turn location services on/off
• Disable analytics and session recordings
• Clear your product scan and search history
• Deletion of your support query once resolved

In Your Device Settings:

• Block camera or microphone access
• Disable app notifications
• Manage cookie preferences (website)
• Control advertising preferences

By Contacting Us:

• Request all data we have about you
• Delete your account and all associated data
• Ask questions about specific data collection practices

Contact for data requests: tech@scrappzero.com

Information from External Sources

Some external sources, such as referrals, search engines, and advertising, may use cookies or pass contact information to us for the purposes of conducting business via cookies or referral links.

Advertising and Referrals

When you find Scrapp through ads or referral links:

• Which ad you clicked: Helps us understand which marketing works
• Referring website: Shows us how you discovered Scrapp

Cookies and Similar Technologies

We use three types of cookies on our website:

Essential Cookies (Required)

• Purpose: Make the website work properly
• Examples: Remember your language preference, keep you logged in
• Control: Cannot be disabled without breaking website functionality

Functional Cookies (Optional)

• Purpose: Enhanced features and personalization
• Examples: Remember your recycling location, save your preferences
• Control: Can be disabled in your browser settings

Analytics Cookies (Optional)

• Purpose: Understand how people use our website to improve it.
• Examples: Which pages are most popular, where people click, and what messaging resonates with visitors.
• Control: Can be disabled through the cookie banner or browser settings.

Service Providers and Partners

We may receive information from:

• Microsoft Azure: Cloud hosting, usage analytics, and security monitoring data
• Payment processors: Transaction confirmations, and fraud prevention data
• Recycling facilities: Acceptance criteria, processing capabilities, and location data.
• Environmental organizations: Research data, best practices, program updates (aggregated only)

Advertising and Analytics Partners

• Ad performance data: Click-through rates, conversion metrics, audience insights
• Social media platforms: When you interact with our content or ads
• Website analytics: Traffic sources, user behavior patterns, demographic information
• App store data: Download statistics, user ratings, review content

Public and Research Sources

• Government databases: Municipal recycling programs, facility directories, regulation updates
• Academic institutions: We contribute aggregated, anonymized data to environmental research studies (no individual user data shared)
• Industry associations: Best practices, standards, certification requirements
• Public datasets: Population data, waste generation statistics, environmental impact metrics

Communication and Community Data

Direct Communications

• Email correspondence: All messages exchanged with our support team
• Survey responses: Feedback about features, user experience, and environmental impact
• Newsletter subscriptions: Email preferences and engagement metrics
• Phone support: Call records, conversation summaries (when applicable)

Community Interactions

• Feedback submissions: Bug reports, feature requests, general app feedback
• Comments and reviews: Responses to our blog posts or app store reviews
• Beta testing feedback: Feature testing insights and improvement suggestions (when participating in beta programs)

Research and Development

• Beta testing participation: Feature feedback, bug reports, usage patterns
• User interviews: Insights from research sessions (with explicit consent)
• Focus group data: Feedback from product development sessions
• Academic collaborations: Data shared for environmental research (anonymized)

Technical and Diagnostic Data

Advanced Device Information

• Network information: Connection type checked for performance optimization, but not stored.
• App configuration: Settings, preferences, feature usage patterns
• Installation data: Download source, app version history, update patterns

Performance and Security Monitoring

• Detailed error logs: Stack traces, system state information, crash dumps
• Security events: Failed login attempts, suspicious activity detection
• Performance metrics: Load times, memory usage, battery consumption
• API usage: Requests made to our services, response times, and error rates

Integration Data

• Microsoft Azure services: Cloud storage, security monitoring, performance analytics
• Third-party APIs: Recycling facility data, municipal program information
• Payment integrations: Stripe and PayPal for subscription processing

Information We Never Collect

Even with these comprehensive data practices, we maintain strict boundaries:

• Sensitive personal data: Health information, financial account details, political affiliations
• Private communications: Messages between users, emails outside our service
• Unrelated device data: Information from other apps, personal files, contacts
• Covert tracking: Background location when app is closed, microphone activation without permission
• Discriminatory profiling: Data used to make decisions about employment, housing, or credit

How We Use Your Information

We use your information to provide our services to you. The data we collect is used in specific ways outlined below.

For App Usage

Core Functionality

• Deliver disposal guidance: Process your location to provide local disposal, recycling, composting, repair, and reuse rules and facility information
• App performance: Ensure the app works properly across different devices and operating systems
• Customer support: Respond to your questions, resolve technical issues, and process feedback
• Payment processing: Handle subscriptions and premium feature purchases securely

Service Improvement

• Bug fixes: Identify and resolve technical problems quickly
• Performance optimization: Make the app faster, more reliable, and more user-friendly
• Feature development: Understand which features are most helpful to plan improvements
• Quality assurance: Test new features and ensure they work properly

For Business Operations

Analytics and Insights

• Usage patterns: Understand how people use different features (in aggregate)
• Impact measurement: Track how much waste is being diverted through our platform
• Service optimization: Improve our recycling and disposal guidance database and accuracy
• Business metrics: Monitor app performance and user satisfaction

Marketing and Growth

• Advertising effectiveness: Measure how well our ads perform on other platforms
• User acquisition: Understand how people discover and start using Scrapp
• Product marketing: Share information about new features with existing users (with permission)

Communication (With Your Control)

Service-Related Communications

• Important updates: Changes to recycling rules in your area or app functionality
• Account notifications: Purchase confirmations, subscription renewals, policy changes
• Support responses: Answers to your questions and resolution of reported issues

Marketing Communications (Opt-In Only)

• Educational content: Tips for reducing waste and improving recycling habits
• New features: Information about app updates and improvements
• Promotional offers: Discounts on premium features or services
• Community impact: Updates on collective environmental impact

Important: You can opt out of marketing communications anytime, and we'll obtain consent where required by law.

Legal and Safety Purposes

Security and Fraud Prevention

• Account security: Detect and prevent unauthorized access or misuse
• System security: Monitor for technical threats and vulnerabilities
• Policy enforcement: Ensure users follow our Terms of Service
• Fraud detection: Identify and prevent fraudulent transactions or activities

Legal Compliance

• Regulatory requirements: Meet environmental, business, and privacy law obligations
• Financial reporting: Maintain records required for tax and business compliance
• Legal proceedings: Respond to valid legal requests and defend our rights
• Emergency situations: Share information if someone's safety is at immediate risk

How We Share Your Information

We never sell your data. We do not sell, rent, or trade your personal information for money or other benefits. This is a fundamental principle of our business model.

When We Do Share Information

With your explicit permission, in the following situations:

• Support responses: When you request help and provide your email address
• Research participation: When you explicitly agree to participate in environmental studies
• Business services: When your organization contracts with us for our zero-waste services
• Feature requests: When you ask us to integrate with other services or providers

With Trusted Service Providers

We share limited information with partners who help us operate, but only what's necessary for their specific services:

What We Share vs. What We Don't

We share:

• Technical data needed for their specific services
• Aggregated usage statistics (no individual identification)
• Transaction information for payment processing

We never share:

• Your complete profile or recycling history
• Personal identification information
• Individual location data or app usage patterns

For Legal Requirements

• Law enforcement: When legally required by valid court orders or subpoenas
• Emergency situations: If we believe in good faith that someone's life is in danger
• Legal proceedings: To defend our rights, investigate violations, or comply with legal processes
• Regulatory compliance: To meet obligations under environmental, privacy, or business laws

Important: We'll notify you before sharing your information unless legally prohibited, and we'll challenge overly broad requests.

Business Transfers

If Scrapp is acquired, merges with another company, or undergoes similar business changes:

• Your information may be transferred as part of that transaction
• We'll notify affected users at least 30 days before any transfer
• Your privacy rights will be maintained under the new ownership
• You'll have the option to delete your account before any transfer

Aggregated and Anonymous Data

We may share statistics that cannot identify individual users:

• Environmental impact: "Users in Boston diverted 500 tons of waste from landfills."
• Usage trends: "Plastic bottle recycling queries increased 25% this quarter."
• Research contributions: Anonymized data for academic environmental studies
• Business metrics: General usage statistics for investors or partners

This aggregated data helps improve recycling programs and advance environmental research, making for a cleaner, greener world.

Information Sharing We Never Do

• Sell personal data to data brokers or advertising networks
• Share individual recycling habits or personal preferences
• Provide access to your account or personal dashboard
• Share information for others' marketing purposes (except our own)
• Transfer data without appropriate legal safeguards

Data Security & Retention

How We Protect Your Information

Encryption and Security

• Data in transit: All information is encrypted using Transport Layer Security (TLS) when traveling between your device and our servers
• Data at rest: Your information is encrypted when stored on our servers using industry-standard encryption
• Access controls: Only authorized employees can access personal information, and only when necessary for their job functions
• Regular security audits: We continuously monitor and improve our security practices through internal and external assessments

Microsoft Azure Security

Our primary cloud infrastructure leverages Microsoft Azure's enterprise-grade security, including:

• Physical security: Multi-layered security at data centers with 24/7 monitoring
• Network security: Advanced threat detection and prevention systems
• Compliance certifications: SOC 2, ISO 27001, and other industry-standard certifications
• Redundancy: Multiple backup systems to ensure data availability and integrity

Administrative Safeguards

• Employee training: Regular privacy and security training for all staff
• Background checks: Security screening for employees with data access
• Principle of least privilege: Staff only access data necessary for their specific role

Data Retention

How Long We Keep Information

Core Usage Data

• Active users: Retained while you use the app and for up to 2 years after your last activity
• Recycling history: Kept in aggregated form for environmental impact research (no personal identification)
• Location data: Exact location is used for an instant to determine jurisdiction for guidance but isn't logged/stored.

Support and Communications

• Resolved support tickets: Archived for up to 1 year to help with similar issues, then automatically deleted
• Email communications: Retained for 2 years maximum, then deleted.
• Survey responses: Retained for 5 years for product improvement, then deleted

Business and Legal Data

• Payment records: Kept for 7 years for tax compliance and financial auditing requirements
• Legal hold data: Retained as required by law, court order, or active legal proceedings
• Security logs: Kept for 2 years for fraud prevention and security analysis
• Contract data: Business relationship information kept for the duration of contracts plus 3 years

Research and Analytics

• Session recordings: Deleted within 30 business days after analysis is complete
• Aggregated analytics: May be retained indefinitely as it cannot identify individuals
• Crash reports: Deleted after bugs are fixed, typically within 30-90 days
• Performance data: Retained for 1 year to monitor long-term trends

Automatic Data Cleanup

We perform regular automated sweeps to remove:

• Expired session data and temporary files
• Resolved support tickets older than 1 year
• Old log files and diagnostic data
• Completed session recordings

Account Deletion

When you delete your account:

• Personal data: Removed within 30 days
• Aggregated data: Remains in anonymous form for research
• Legal requirements: Some data may be retained longer if required by law
• Confirmation: We'll send confirmation once deletion is complete

Your Privacy Rights & Controls

Universal Rights (Available to All Users)

Access and Control

• Correct information: Fix any inaccurate personal details or update your preferences
• Delete your account: Remove all your personal data from our systems permanently
• Object to processing: Stop certain types of data use, like marketing or analytics

How to Exercise These Rights

In the App (Immediate Control)

• Settings page: Turn location services, analytics, and session recording on/off instantly
• Privacy controls: Manage what data is collected and how it's used
• Account deletion: Use the "Delete Account" option in Settings for immediate removal
• Communication preferences: Control email subscriptions and push notifications
• Data export: Download your recycling history and account information

By Email (For Complex Requests)

For requests we can't handle in the app, email tech@scrappzero.com:

• Request complete data download including business service data
• Ask detailed questions about our privacy practices
• Report privacy concerns or potential data breaches
• Request data corrections that can't be made in-app
• Exercise rights on behalf of minor children

Response time: We'll respond within 30 days (often much faster for simple requests)

Verification: We may ask for additional information to confirm your identity before processing sensitive requests

Cookie and Tracking Controls

Website Cookie Management

• First visit: Choose your preferences through our cookie banner
• Anytime changes: Update preferences through "Cookie Settings" in the website footer
• Browser controls: Use your browser's privacy settings to block or delete cookies
• Opt-out tools: Use third-party preference centers for advertising cookies

Mobile App Controls

• In-app analytics: Toggle usage analytics and crash reporting in Settings
• Session recording: Opt in/out of interface recordings in Privacy Settings
• Location services: Control in both app Settings and device-level permissions
• Advertising: Manage personalized ads through device settings

Third-Party Opt-Outs

• Google Analytics: Use Google's opt-out browser add-on or device settings
• Advertising networks: Visit the Digital Advertising Alliance opt-out page
• PostHog analytics: Disable in app Settings or contact us directly
• Social media tracking: Manage through platform-specific privacy settings

Special Rights for Specific Regions

Additional GDPR Rights (EU/UK Residents)

• Data portability: Transfer your data directly to another service
• Automated decision-making: Object to any automated profiling (we don't currently use this)
• Supervisory authority complaints: Contact your local data protection authority if unsatisfied with our response

Additional CCPA Rights (California Residents)

• Detailed disclosure: Request specific categories and sources of personal information
• Opt-out of sales: Although we don't sell data, you can still make this request
• Non-discrimination: We won't treat you differently for exercising your rights

International Data Transfers

Where Your Data Is Stored

Primary Locations

• United States: Our primary business operations
• United Kingdom: Business operations and the database and server storage via Microsoft Azure UK regions

Why We Transfer Data Internationally

• Service delivery: Providing consistent recycling guidance across different countries
• Technical operations: Using global cloud infrastructure for reliability and performance
• Business operations: Coordinating between our US headquarters and international users
• Research collaboration: Contributing to global environmental research (anonymized data only)

Legal Safeguards for International Transfers

For EU and UK Data

• Standard Contractual Clauses (SCCs): EU-approved legal frameworks ensuring adequate protection
• Data Processing Agreements: Detailed contracts with Microsoft Azure ensuring GDPR compliance
• Adequacy decisions: When transferring to countries the EU considers to have adequate privacy protections
• Additional security measures: Enhanced encryption and monitoring for international data

Your Control Over Location

• Data residency requests: Contact us if you need data stored in a specific jurisdiction for legal reasons
• Regional compliance: We follow the strictest applicable privacy laws (GDPR, CCPA, etc.)
• Transfer notifications: We'll inform you of any significant changes to data storage locations

Regional Privacy Rights

For European Union and UK Residents (GDPR)

Your Specific Rights Under GDPR

• Right to be informed: This privacy policy and transparent communication about all data processing
• Right of access: Get a complete copy of your personal data within one month
• Right to rectification: Correct any inaccurate or incomplete information
• Right to erasure: Delete your personal data ("right to be forgotten")
• Right to restrict processing: Temporarily limit how we process your data
• Right to data portability: Transfer your data to another service in a machine-readable format
• Right to object: Stop processing based on legitimate interests or for marketing purposes
• Rights related to automated decision-making: We don't use automated profiling, but you can object if we ever do

Legal Bases for Processing Your Data

• Contract performance: Providing recycling guidance, app functionality, and premium services
• Legitimate interests: Service improvement, security, fraud prevention, and business operations (balanced against your privacy rights)
• Consent: Optional features like session recording, marketing communications, and enhanced analytics
• Legal obligations: Compliance with tax, environmental, and other applicable laws
• Vital interests: Emergency situations where someone's safety is at risk

How to Exercise GDPR Rights

• Email us: tech@scrappzero.com with your specific request
• Verification: We may ask for ID verification to protect your privacy
• Response time: Within one month (may extend to three months for complex requests)
• No charge: All requests are free unless they're excessive or repetitive

If You're Not Satisfied

Supervisory Authority Contact:

• EU residents: Contact your national data protection authority
• UK residents: Information Commissioner's Office (ICO) - ico.org.uk
• Right to judicial remedy: You can also seek remedy through courts

For California Residents (CCPA/CPRA)

Categories of Personal Information We Collect

Under California law, we collect these categories of personal information:

• Identifiers: Email addresses, device IDs, IP addresses, randomized user identifiers
• Commercial information: Purchase history, subscription details, payment methods
• Internet/network activity: App usage patterns, website interactions, feature usage
• Geolocation data: Approximate location for recycling guidance (not precise GPS)
• Professional information: Company details for business services and waste tracking

Your California Privacy Rights

• Right to know: What personal information we collect, use, disclose, and sell
• Right to delete: Request deletion of your personal information (with some exceptions)
• Right to correct: Fix inaccurate personal information
• Right to opt-out of sales: We don't sell personal information, but you can request this
• Right to opt-out of targeted advertising: We don't use personal data for targeted ads
• Right to limit sensitive personal information use: We don't collect sensitive personal information
• Right to non-discrimination: We won't treat you differently for exercising your rights

How to Exercise CCPA Rights

• Email: tech@scrappzero.com with your request
• Verification: We may ask additional questions to verify your identity
• Authorized agent: Someone else can make requests on your behalf with proper authorization
• Response time: Within 45 days (may extend to 90 days for complex requests)
• Format: We'll provide information in a portable, easily understood format

CCPA Disclosures

• No sale of personal information: We have never sold personal information and don't plan to
• Service provider relationships: We share data with service providers under strict contractual limitations
• Business purposes: All sharing is for legitimate business operations, not commercial sale

Canada (PIPEDA)

Canadian residents can request access to personal information and challenge accuracy. We follow PIPEDA principles for fair information practices.

Other Jurisdictions

We respect privacy rights under all applicable local laws. If your region has specific privacy protections not mentioned here, contact us and we'll work to accommodate your rights.

Changes to This Privacy Policy

How We Handle Updates

When We Update This Policy

• Regular reviews: We review this policy at least annually
• Legal changes: Updates when privacy laws change
• Service changes: Modifications when we add new features or services
• User feedback: Improvements based on questions or concerns you raise

How We Notify You

• Email notification: If you've provided an email, we'll send updates for significant changes
• In-app notification: Banner or popup in the app highlighting important changes
• Website banner: Prominent notice on our website for 30 days
• Direct contact: Personal notification for business service customers

What Constitutes Significant Changes

• New data collection: Adding new types of personal information we collect
• Expanded sharing: Sharing data with new types of third parties
• Reduced rights: Limiting your control options or privacy rights
• Purpose changes: Using data for substantially different purposes
• Legal basis changes: Switching from consent to legitimate interest or vice versa

Your Options When We Update

• Continue using Scrapp: Using our services after updates means you accept the changes
• Delete your account: If you don't agree with changes, you can delete your account anytime
• Contact us: Ask questions about specific updates before deciding
• Partial opt-out: You may be able to opt out of specific new features while keeping your account

Policy Version Control

• Archive access: Previous versions available upon request
• Change tracking: We maintain records of what changed and when
• Effective dates: Clear indication of when changes take effect

Conclusion

Thank you for reading our Privacy Policy. We're committed to protecting your privacy while helping you achieve zero waste. Your trust is essential to our mission of creating a more sustainable world.

We believe privacy and environmental protection go hand in hand. Just as we help you reduce waste in the physical world, we minimize data collection in the digital world.

Questions or concerns? We're here to help. Contact tech@scrappzero.com anytime.

Ready to start your zero-waste journey? Download Scrapp or reach out to us to begin creating a waste-free world while keeping your personal information safe.