SocialScalr
Pricing Features Use cases Alternatives Free tools Blog Help Sign in Start free

On this page

  1. 1. Scope and application
  2. 2. Information we collect
  3. 3. How we use information
  4. 4. Legal bases (EU/UK/EEA)
  5. 5. How we share information
  6. 6. Cookies and similar technologies
  7. 7. International transfers
  8. 8. Data retention
  9. 9. Your privacy rights
  10. 10. Security
  11. 11. Children's privacy
  12. 12. Automated decision-making
  13. 13. Do Not Track
  14. 14. Third-party links and services
  15. 15. California-specific disclosures
  16. 16. EU/UK specific disclosures
  17. 17. Other jurisdictions
  18. 18. Changes to this policy
  19. 19. Contact information
  20. Appendix A: Sub-processors
  21. Appendix B: Glossary

Privacy Policy

Effective date: May 25, 2026. Last updated: May 25, 2026. Version 1.0.

SocialScalr ("SocialScalr," "we," "us," or "our"), a product of WETYR Corporation, respects your privacy. This Privacy Policy describes the categories of personal information we collect, the purposes for which we use the information, the categories of recipients with whom we share information, your rights with respect to your information, and how to contact us. This Policy applies to the SocialScalr website at socialscalr.com, the SocialScalr web dashboard, the SocialScalr Chrome extension, and our application programming interfaces (collectively, the "Services").

This Policy is comprehensive by design. We have included disclosures sufficient to meet the requirements of the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA"), the General Data Protection Regulation as adopted by the European Union and the United Kingdom ("GDPR"), and the consumer privacy laws of every other US state in which we offer the Services. Where a section applies only to consumers in a particular jurisdiction, we have so indicated.

If anything in this Policy is unclear, contact us at [email protected].


1. Scope and application

1.1 Who this Policy applies to

This Policy applies to:

  • Visitors to socialscalr.com
  • Account holders ("Customers")
  • Users authorized by Customers to use the Services on the Customer's behalf
  • Recipients of communications from SocialScalr
  • Individuals whose information is processed by SocialScalr on behalf of Customers (such as LinkedIn users whose public profile data is ingested into a Customer's account)

For information SocialScalr processes on behalf of Customers, SocialScalr acts as a "service provider" under CCPA and a "data processor" under GDPR. The Customer is the controller and the relationship is governed by the Customer's privacy policy and the Data Processing Addendum between SocialScalr and the Customer.

1.2 What this Policy does not cover

This Policy does not cover:

  • Personal information that LinkedIn or other third parties collect directly from you. Their privacy practices are governed by their own policies.
  • Information practices of Customer accounts that integrate with the Services. Each Customer is responsible for their own privacy practices.
  • Information collected by websites linked from socialscalr.com.

1.3 Changes to this Policy

We may update this Policy from time to time. Material changes will be communicated by email to account holders at least 30 days before they take effect, and by a prominent notice on socialscalr.com. The "Last updated" date at the top of this Policy indicates when it was last revised. Your continued use of the Services after changes take effect constitutes acceptance.


2. Information we collect

We collect information in the following categories. The list is organized by source and includes the corresponding categories of "Personal Information" under CCPA Section 1798.140.

2.1 Information you provide to us

When you create an account, communicate with us, configure the Services, or otherwise interact with us, you may provide:

  • Identifiers (CCPA Category A): name, email address, account username, telephone number (if provided), IP address, account login credentials.
  • Customer Records (CCPA Category B): information you provide for account management.
  • Commercial Information (CCPA Category D): subscription tier, billing history, transaction records.
  • Professional or Employment Information (CCPA Category I): company name, job title, industry, team size.
  • Inferences (CCPA Category K): preferences derived from your usage patterns.

2.2 Information collected automatically

When you use the Services, we collect automatically:

  • Identifiers (CCPA Category A): IP address, device identifiers, browser type and version, operating system, language preference, time zone.
  • Internet Activity (CCPA Category F): pages visited, features used, links clicked, search queries within the Services, time and duration of activity, referring URLs, error reports.
  • Geolocation (CCPA Category G): approximate geographic location derived from IP address. We do not collect precise geolocation.
  • Sensory Information (CCPA Category H): screenshots are not captured. Sentry session replay may capture interactions on error, with all text masked and media blocked.

2.3 Information collected through the Chrome extension

When you install and use the SocialScalr Chrome extension:

  • Identifiers and Activity: the actions you take within the extension (campaigns started, messages sent, contacts added).
  • LinkedIn Profile Data You Ingest: when you instruct the extension to add a LinkedIn profile to your account, we receive and store the publicly visible data from that profile (name, headline, current employer, location, profile URL) in your Customer account. This data is collected on your behalf as part of your use of the Services.
  • LinkedIn Session Status: the extension detects whether you are logged into LinkedIn. The extension does not transmit your LinkedIn session cookies or password to our servers under any circumstance.
  • Performance and Error Data: anonymized telemetry about extension performance and any errors encountered.

2.4 Information from third parties

We receive information about you from:

  • Stripe (our payment processor): payment status, billing address, last four digits of payment card. We do not receive or store full payment card numbers.
  • Customer's authentication provider (if SSO is configured): your name and email as provided by the identity provider.
  • Service providers assisting with operations: error reports, abuse reports, fraud signals.
  • LinkedIn (indirectly, via your use of the extension on your behalf): public profile data of accounts you choose to interact with through the Services.

2.5 Sensitive personal information

The Services are not designed to collect, and we instruct Customers not to use the Services to collect, the categories of "sensitive personal information" defined under CCPA Section 1798.140(ae). These include government identifiers (Social Security number, driver's license, passport), financial account access credentials, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, contents of mail, email, or text messages other than the contents you direct us to process, genetic data, biometric data processed for unique identification, health information, and information about sex life or sexual orientation.

In the rare case Sensitive Personal Information is provided to us inadvertently (for example, in a support ticket), we will delete the information promptly upon discovery and confirm to the data subject.

2.6 Information we do not collect

We do not collect or process:

  • Your LinkedIn password
  • Your LinkedIn session cookies (these remain in your browser)
  • Government-issued identifiers
  • Biometric or genetic data
  • Precise geolocation
  • Information from anyone under 18 years of age (if you become aware of any such information, contact us for prompt deletion)

3. How we use information

We use personal information for the following purposes:

3.1 Service provision

  • Creating and managing your account
  • Authenticating you to the Services
  • Providing the features you signed up for
  • Processing payments and managing subscriptions
  • Providing customer support
  • Communicating with you about your account and the Services

3.2 Service improvement

  • Analyzing usage patterns to improve the Services
  • Developing new features
  • Testing changes (typically with consent or via aggregated and anonymized data)
  • Quality assurance

3.3 Marketing and promotional communications

  • Sending you product updates, tips, and offers (with your consent or, where permitted, on a legitimate interest basis with opt-out)
  • Conducting customer surveys
  • Inviting you to events

You can opt out of marketing communications at any time using the unsubscribe link in our emails or by contacting [email protected]. Opt-outs do not affect transactional and service communications.

3.4 Security and fraud prevention

  • Detecting and preventing fraudulent activity, including unauthorized account access, payment fraud, and policy violations
  • Identifying and responding to security incidents
  • Investigating violations of our Terms of Service
  • Protecting our rights, property, and the safety of users and the public

3.5 Compliance and legal obligations

  • Complying with applicable laws and regulations
  • Responding to lawful requests from public authorities
  • Enforcing our Terms of Service
  • Establishing, exercising, or defending legal claims
  • Maintaining audit trails for regulatory purposes

3.6 Aggregation and anonymization

We may de-identify or aggregate information so that it no longer reasonably identifies an individual, and use the resulting information for any lawful purpose without further notice.


4. Legal bases for processing (EU/UK/EEA)

For individuals subject to the GDPR or the UK GDPR, we process personal information on the following legal bases:

PurposeLegal basisGDPR Article
Account creation and Services deliveryPerformance of a contractArt. 6(1)(b)
Billing and payment processingPerformance of a contract, Legal obligationArt. 6(1)(b), 6(1)(c)
Customer supportPerformance of a contractArt. 6(1)(b)
Marketing emails to customersLegitimate interest (with opt-out) or ConsentArt. 6(1)(f), 6(1)(a)
Marketing emails to non-customersConsentArt. 6(1)(a)
Site analytics, essentialLegitimate interestArt. 6(1)(f)
Site analytics, non-essentialConsentArt. 6(1)(a)
Security and fraud preventionLegitimate interestArt. 6(1)(f)
Compliance with legal obligationsLegal obligationArt. 6(1)(c)
Establishing or defending legal claimsLegitimate interestArt. 6(1)(f)

We do not process special categories of personal data under Article 9 GDPR. Where you provide such data inadvertently, we delete it upon discovery.

For any processing based on legitimate interest, we have documented a Legitimate Interest Assessment balancing our interests against your rights and freedoms. A summary is available on request.

You have the right to object to processing based on legitimate interest. We will honor your objection unless we demonstrate compelling legitimate grounds that override your interests, or processing is necessary for the establishment, exercise, or defense of legal claims.


5. How we share information

We share personal information with the following categories of recipients:

5.1 Service providers (sub-processors)

We engage trusted third parties to perform services on our behalf. Each is bound by contract to use information only as instructed by us and to maintain appropriate security. Our current sub-processors are listed at socialscalr.com/legal/subprocessors and include:

  • Supabase (database and authentication): Account data, customer-uploaded data, LinkedIn data ingested through the Services. Located in the United States.
  • Netlify (compute and content delivery): Site hosting, function execution. Located in the United States.
  • Cloudflare (security, content delivery, DDoS protection): Site delivery, network security. Located in the United States and globally.
  • Stripe (payment processing): Billing and payment information. Located in the United States.
  • Resend (transactional email delivery): Email addresses, email content of communications we send. Located in the United States.
  • Anthropic and/or OpenAI (AI features): Content you submit to AI features. AI provider privacy commitments include not training on API customer data by default. Located in the United States.
  • Sentry (error monitoring): Anonymized error reports, performance telemetry. Located in the United States.

We update the sub-processor list within 14 days of any change. Enterprise customers receive direct notification per their Data Processing Addendum.

5.2 Professional advisors

We may share information with our attorneys, accountants, auditors, insurance providers, and other professional advisors as necessary to obtain their services, all of whom are bound by professional or contractual confidentiality.

5.3 Authorities and legal compliance

We may disclose information when we believe disclosure is necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Enforce our Terms of Service
  • Protect the rights, property, safety, or security of SocialScalr, our users, or the public
  • Detect, prevent, or otherwise address fraud, security, or technical issues

We attempt to notify you of legal requests where permitted.

5.4 Business transfers

If SocialScalr or substantially all of its assets are acquired by a third party, or in the event of bankruptcy, insolvency, or similar proceedings, personal information may be transferred. We will notify you (by email and prominent notice on the Services) before personal information is transferred and becomes subject to a different privacy policy.

5.5 With your consent or direction

We may share information with third parties when you direct us to do so or with your consent.

5.6 Categories of recipients in the last 12 months (CCPA disclosure)

In the preceding 12 months, we have disclosed the following categories of personal information for business purposes (not as a "sale" or "share" under CCPA):

Category disclosedCategories of recipients
IdentifiersService providers (hosting, email, payment, analytics)
Customer RecordsService providers (hosting, payment)
Commercial InformationService providers (payment, analytics)
Internet ActivityService providers (analytics, error monitoring)
Geolocation (approximate)Service providers (security, analytics)
Professional InformationService providers (hosting)
InferencesService providers (analytics)

5.7 No sale or sharing of personal information (CCPA)

SocialScalr does not sell personal information, and SocialScalr does not share personal information for cross-context behavioral advertising, as those terms are defined under the CCPA.

In the preceding 12 months, SocialScalr has not sold or shared (as those terms are defined under CCPA) any categories of personal information of any consumer, including any consumer known to be under 16 years of age.

If our practices change, we will update this Policy, provide notice, and add a "Do Not Sell or Share My Personal Information" link as required.


6. Cookies and similar technologies

We use cookies, web beacons, pixels, and similar technologies. The technologies we use fall into the following categories:

6.1 Strictly necessary

Required for the Services to function. These cannot be disabled.

  • Authentication and session management
  • Security (CSRF tokens, rate limiting)
  • Load balancing

6.2 Performance and analytics

Help us understand how visitors use the Services. Where required by law (such as in the EEA and UK), we obtain consent before setting these.

  • Google Analytics or equivalent
  • Sentry error monitoring

6.3 Functional

Remember preferences and settings.

6.4 Marketing

Used for advertising and conversion measurement. Where required by law, we obtain consent.

6.5 Managing your preferences

In the EEA, UK, and other jurisdictions requiring consent for non-essential cookies, you can set preferences through our cookie banner. You can also:

  • Adjust your browser settings to refuse cookies
  • Use private/incognito browsing modes
  • Install browser extensions that block tracking
  • Send Global Privacy Control (GPC) signals; we honor GPC as a request to opt out of sale or sharing of personal information

For more information about our cookies, see socialscalr.com/legal/cookies.


7. International transfers

SocialScalr is based in the United States. Our sub-processors are primarily based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States and other countries that may have data protection laws different from those in your country.

7.1 Transfers from the EEA, UK, or Switzerland

For transfers of personal data from the European Economic Area, United Kingdom, or Switzerland to the United States, we rely on:

  • Standard Contractual Clauses approved by the European Commission (Implementing Decision (EU) 2021/914) and, for UK transfers, the UK International Data Transfer Agreement or UK Addendum to the EU SCCs
  • EU-US Data Privacy Framework (where applicable and after self-certification)
  • Other appropriate safeguards as defined under GDPR Chapter V

A copy of the SCCs or other transfer mechanisms is available on request to [email protected].

We have conducted Transfer Impact Assessments for transfers to our sub-processors and implemented supplementary measures where appropriate.

7.2 Transfers from other jurisdictions

Where required by law, we obtain consent or apply other appropriate safeguards before transferring personal information across borders.


8. Data retention

We retain personal information only as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

8.1 Retention periods

CategoryRetention period
Account dataDuration of active account, plus 12 months after closure
Billing records7 years (legal requirement in most jurisdictions)
Customer-uploaded contact listsCustomer-controlled, default 12 months
Scraped LinkedIn data ingested via Services180 days from last interaction
Message historyCustomer-controlled, default 24 months
Audit logs (security and access)12 months
AI usage logs30 days
Customer support communications24 months
Marketing communications opt-out recordsIndefinite (to honor opt-outs)
Backups30 days

8.2 Deletion on request

You can request deletion of your personal information (see Section 9). We will delete or anonymize information within 30 days of a verified request, except where we are legally required or permitted to retain it.

8.3 Anonymization

We may retain de-identified or aggregated information indefinitely. Such information cannot reasonably be used to identify you.


9. Your privacy rights

This section describes the rights available to you and how to exercise them. The specific rights available depend on the laws applicable to you.

9.1 Rights available to all users

Regardless of jurisdiction, you may:

  • Update or correct your account information through your account settings
  • Opt out of marketing communications using the unsubscribe link or by contacting [email protected]
  • Request a copy of your personal information
  • Request deletion of your personal information
  • Contact us with privacy questions at [email protected]

9.2 Rights for residents of the European Economic Area, United Kingdom, and Switzerland

Under the GDPR and UK GDPR, you have the following rights:

  • Right to be informed: through this Policy and at the time of collection
  • Right of access: request a copy of personal data we hold about you
  • Right to rectification: correct inaccurate or incomplete personal data
  • Right to erasure ("right to be forgotten"): delete personal data, subject to exceptions
  • Right to restrict processing: in specific circumstances
  • Right to data portability: receive your data in a structured, commonly used, machine-readable format
  • Right to object: to processing based on legitimate interest, and to direct marketing (absolute)
  • Rights related to automated decision-making: including profiling
  • Right to withdraw consent: at any time, where processing is based on consent
  • Right to lodge a complaint: with a supervisory authority in the EU/UK member state where you live, work, or where the alleged violation occurred

We respond to verified requests within one month, extendable by two months for complex requests with notice. There is no fee, except for manifestly unfounded or excessive requests.

9.3 Rights for California residents

Under the CCPA as amended by the CPRA, California residents have the following rights:

  • Right to know: the categories and specific pieces of personal information we collected about you, the sources, the purposes, the categories of recipients, and (if applicable) the categories sold or shared and to whom. The 12-month look-back period is extended to the full collection period for requests received after January 1, 2022.
  • Right to delete: delete personal information we collected from you, subject to exceptions including: completing the transaction, providing the good or service, security and fraud prevention, free speech, legal compliance, internal uses aligned with consumer expectations, and other uses permitted by law.
  • Right to correct: correct inaccurate personal information we maintain about you.
  • Right to opt out of sale or sharing: as stated, we do not sell or share personal information. This right is automatically honored.
  • Right to limit use of sensitive personal information: as stated, we do not collect categories of sensitive personal information defined under CCPA in the ordinary course. This right is automatically honored.
  • Right to non-discrimination: we will not discriminate against you for exercising your rights. We may offer financial incentives where the difference is reasonably related to the value of your data; we currently offer none.

To exercise your rights:

  • Email [email protected]
  • Submit a request through our web form at socialscalr.com/legal/privacy-request

We will acknowledge receipt within 10 business days and respond substantively within 45 calendar days. We may extend by an additional 45 days for complex requests, with notice. We verify your identity before processing requests by confirming control of the email address on file and, for sensitive requests, with additional verification.

You may use an authorized agent to submit requests. The agent must provide proof of authorization, and we may require you to verify your identity directly.

We do not knowingly sell or share personal information of consumers under 16 years of age.

California Shine the Light

California Civil Code Section 1798.83 ("Shine the Light") permits California residents to request information regarding our disclosure of personal information to third parties for the third parties' direct marketing purposes. SocialScalr does not disclose personal information to third parties for those third parties' direct marketing purposes.

Notice of right to opt out of sale or sharing

We do not sell or share personal information. No opt-out is necessary. If our practices change, we will update this Policy and provide the required "Do Not Sell or Share My Personal Information" link.

9.4 Rights for residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Iowa, Tennessee, Indiana, Montana, Delaware, New Jersey, New Hampshire, Minnesota, Maryland, Kentucky, and Rhode Island

The privacy laws of these states grant similar rights to those described above, with state-specific variations. In each of these states you may, depending on the state law in effect, have rights to:

  • Confirm whether we process your personal data
  • Access your personal data
  • Correct inaccuracies
  • Delete personal data
  • Obtain a portable copy
  • Opt out of targeted advertising, sale of personal data, and certain profiling decisions

Most state laws give us 45 days to respond, with possible extensions. We honor verifiable consumer requests under each applicable state law.

For residents of Colorado, Connecticut, Texas, Oregon, Montana, Delaware, New Jersey, Maryland, and other states recognizing universal opt-out mechanisms, we honor the Global Privacy Control (GPC) browser signal as an opt-out of targeted advertising and sale of personal data, even where our current practices do not involve such activities.

To exercise state privacy rights, contact [email protected] or use socialscalr.com/legal/privacy-request.

9.5 Appeal rights

If we deny your privacy request, you may appeal our decision by replying to our denial or by emailing [email protected] with "Privacy Appeal" in the subject line. Where state law provides for an appeal process (Virginia, Colorado, Connecticut, Texas, others), we will respond to the appeal within 60 days or the period required by law. If we deny the appeal, you may have the right to contact the state's attorney general.

9.6 Verifying your identity

To process your request, we must verify that you are the person about whom we have collected personal information. The verification method depends on the type of request and the sensitivity of the information:

  • For requests to know categories of information: we may verify with two pieces of personal information that match our records
  • For requests to know specific pieces or to delete: we may verify with three pieces of personal information plus a signed declaration under penalty of perjury that you are the consumer
  • For authorized agents: we may require proof of agency and identity of the principal

We do not process requests that we cannot verify. If you submit a request through an account, logging in serves as verification.


10. Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. Our security program includes:

  • Encryption of data in transit (TLS 1.2 minimum) and at rest (AES-256)
  • Multi-factor authentication required for all employees with access to customer data
  • Role-based access control with least-privilege principle
  • Regular security training for personnel
  • Continuous monitoring and intrusion detection
  • Regular vulnerability scanning and penetration testing
  • Incident response procedures
  • Vendor security review

Despite these measures, no method of transmission or storage is perfectly secure. We cannot guarantee absolute security. If we become aware of a personal data breach affecting you, we will notify you and applicable regulators as required by law.

For more information about our security practices, see socialscalr.com/security.


11. Children's privacy

The Services are intended for users 18 years of age or older. We do not knowingly collect personal information from children under 18.

If you are under 18, do not use the Services or provide any personal information to us. If we become aware that we have collected personal information from a child under 18 without verified parental consent, we will delete the information promptly.

If you believe a child has provided us with personal information, contact [email protected].

In jurisdictions where the age of digital consent under GDPR is below 18 (typically 13 to 16 depending on the EU member state), the Services remain restricted to users 18 or older.


12. Automated decision-making

We do not engage in automated decision-making that produces legal effects or similarly significantly affects you, within the meaning of GDPR Article 22.

Our AI features generate content (text suggestions for posts, comments, and messages) based on your inputs. These features:

  • Do not make decisions about you
  • Require your review and approval before any action is taken
  • Are not used for credit, employment, housing, insurance, or other significant decisions

You may opt out of AI features at any time in your account settings.


13. Do Not Track

Some browsers send a "Do Not Track" (DNT) signal. There is no industry consensus on how to respond to DNT signals. SocialScalr does not currently respond to DNT signals.

We do honor the Global Privacy Control (GPC) signal as an opt-out of sale or sharing where applicable.


14. Third-party links and services

The Services may contain links to third-party websites or integrate with third-party services (such as LinkedIn). We are not responsible for the privacy practices of third parties. Their information practices are governed by their own privacy policies.

When you use the Services to interact with LinkedIn, your interactions occur within your own authenticated LinkedIn session. LinkedIn's privacy policy and terms govern your relationship with LinkedIn.


15. California-specific disclosures

15.1 Notice at collection (CCPA Section 1798.100(b))

This is our Notice at Collection. We collect the categories of personal information described in Section 2 for the purposes described in Section 3. We retain the information for the periods described in Section 8. We do not sell or share personal information.

15.2 Statistics on requests received

Pursuant to California Code of Regulations Section 7102, we will publish annual statistics on the number of consumer requests received, complied with, and denied, beginning with the first year in which we receive 100 or more requests.

15.3 Disclosures for the last 12 months

See Section 5.6 for categories of personal information disclosed in the preceding 12 months and the categories of recipients.


16. EU/UK specific disclosures

16.1 Data Controller identity

The Data Controller for personal data collected through the Services is:

WETYR Corporation (SocialScalr)
Registered address available on request
United States
Email: [email protected]

For information processed on behalf of Customers (as a Data Processor), the Customer is the Controller and you should contact them directly.

16.2 Data Protection Officer / Privacy Lead

We have appointed a Privacy Lead responsible for overseeing compliance.

Email: [email protected] (also reaches the Privacy Lead)

16.3 EU representative

When required by GDPR Article 27, our EU representative will be appointed and listed here once service to EU residents begins at scale. In the meantime, contact [email protected] and we will route your request appropriately.

16.4 UK representative

When required by UK GDPR Article 27, our UK representative will be appointed and listed here once service to UK residents begins at scale. In the meantime, contact [email protected] and we will route your request appropriately.

16.5 Supervisory authority

You may lodge a complaint with the supervisory authority of your EU member state or with the UK Information Commissioner's Office (ICO) at ico.org.uk.


17. Other jurisdictions

If you reside in a jurisdiction with privacy laws not specifically addressed in this Policy (Brazil's LGPD, Canada's PIPEDA, Australia's Privacy Act, Japan's APPI, India's DPDPA, others), the same general rights apply: notice, access, correction, deletion, and complaint to a regulator. Contact [email protected] to exercise rights specific to your jurisdiction.


18. Changes to this Policy

We may update this Policy from time to time:

  • Material changes: 30-day notice by email to account holders and prominent notice on the Services
  • Non-material changes: updated "Last updated" date

Continued use of the Services after changes take effect constitutes acceptance.

Past versions of this Policy are archived at socialscalr.com/legal/privacy-archive.


19. Contact information

For any privacy-related questions, requests, or complaints:

  • Email: [email protected] (fallback: [email protected])
  • Web form: socialscalr.com/legal/privacy-request
  • Mail:
    WETYR Corporation
    Attn: Privacy (SocialScalr)
    Registered address available on request
    United States

Additional contacts:

  • Data Protection Officer / Privacy Lead: [email protected]
  • DMCA notices: [email protected]
  • Security vulnerabilities: [email protected]
  • Legal notices: [email protected]

We aim to respond to all inquiries within 5 business days for general questions, and within the statutory deadlines for formal privacy requests.


Appendix A: Sub-processor list

A current, complete list of sub-processors is maintained at socialscalr.com/legal/subprocessors. The list includes for each sub-processor:

  • Name
  • Purpose
  • Categories of personal information processed
  • Location of processing
  • Cross-border transfer mechanisms applicable

We notify enterprise customers of changes per their Data Processing Addendum.


Appendix B: Glossary

  • Personal Information / Personal Data: information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.
  • Processing: any operation performed on personal data, including collection, recording, organization, storage, use, disclosure, and erasure.
  • Controller: the entity that determines the purposes and means of processing.
  • Processor: the entity that processes personal data on behalf of the Controller.
  • Sub-processor: a third party engaged by the Processor to process personal data.
  • Sale (CCPA): disclosing personal information to a third party for monetary or other valuable consideration.
  • Sharing (CCPA): disclosing personal information for cross-context behavioral advertising.
  • Sensitive Personal Information (CCPA): specific categories listed in Section 2.5.
  • Service Provider (CCPA): a person or entity that processes personal information on behalf of a business pursuant to a written contract.

Companion policies: Terms of Service - Cookie Policy - Data Processing Addendum - Acceptable Use