Privacy Policy

Last updated: 2026-04-07

1. Introduction

This Privacy Policy explains what data we collect, why we collect it, and how we keep it safe.

We aim to provide a simple and privacy-respectful writing experience. Your data belongs to you, and we are committed to handling it transparently and responsibly.

2. Information We Collect

2.1 Information You Provide

To operate the service, we collect:

  • Your email address and password
  • Your content (notes, documents, handwriting, diagrams, etc.)

2.2 Cookies and Analytics

We use the following types of cookies:

  • Essential Cookies: Required for authentication and to keep you logged in.
  • Analytics Cookies: Used to understand how users interact with the service and improve performance.

We use Google Analytics, a web analytics service provided by Google LLC. Google Analytics may collect information such as:

  • Pages visited
  • Time spent on pages
  • Device and browser information
  • Approximate geographic location (based on IP address)

We have configured Google Analytics to:

  • Require user consent before activating analytics cookies
  • Anonymize IP addresses
  • Disable advertising features and data sharing where possible

Analytics cookies are only set after you explicitly accept them via the cookie banner.

3. How We Use Your Information

We use your data to:

  • Provide and maintain your account
  • Secure access to your content
  • Store and sync your documents
  • Improve the performance and usability of the service

We do not use your data to train AI models.

4. AI Processing

We use third-party AI services to provide certain features.

When you use AI-powered features:

  • Relevant content may be securely transmitted to these services for processing
  • We only send the minimum data necessary to perform the requested action

Based on the provider's terms, data submitted through these services is not used to train their models.

5. Data Storage and Retention

Your data is stored on secure infrastructure provided by trusted service providers. We retain your data only while your account is active.

If you delete your account, your personal data and stored content are permanently deleted.

6. Payments

Payments are handled by third-party payment processors. We do not store full payment details on our servers.

7. Third-Party Service Providers

We rely on trusted third-party providers to operate the service, including:

  • Supabase — authentication, database, and file storage
  • Google — analytics and AI processing
  • Stripe — payment processing

These providers process data only as necessary to provide their services and under their own privacy obligations.

We never sell, rent, or trade your personal data.

8. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your data based on:

  • Contract: to provide and operate the service
  • Legitimate interests: to improve and secure the service
  • Consent: for analytics cookies and optional features

9. International Data Transfers

Your data may be processed outside your country, including in the United States.

When this occurs, we use appropriate safeguards such as standard contractual clauses or equivalent legal mechanisms to protect your data.

10. Your Rights

You have full control over your data. You can:

  • Access your personal data
  • Correct inaccurate information
  • Delete your stored content and personal data

If you wish to delete your account entirely, you can contact us at [email protected] for assistance.

11. Cookie Consent

When you visit Scrivo, we ask for your consent before placing analytics cookies. You can:

  • Accept or decline analytics cookies via the banner
  • Change your choice at any time by clearing your browser storage or revisiting cookie settings

Analytics tracking remains disabled until consent is granted.

12. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (HTTPS)
  • Access controls
  • Secure infrastructure

While we take reasonable steps to protect your data, no system is completely secure.

13. Data Breach

In the event of a data breach affecting your personal data, we will notify affected users and relevant authorities as required by applicable law.

14. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page. If changes are significant, we will notify you.

16. Contact

If you have any questions about this Privacy Policy or your data, contact us at:

[email protected]