Privacy policy

Last modified: October 17th, 2023

This Privacy Policy describes how Scrutineer collects, uses, and deletes your data.

By using Scrutineer and its websites (the "Services") and making use of a Scrutineer Account (the “Account”) and all its related features, you understand that your data in relation with your use of our Services is processed according to the following privacy policy. The Privacy Policy states (i) what data we collect through your access and uses of the Services; (ii) the use we make of such data; and (iii) the safeguards put in place to protect your data. The Privacy Policy is to be read and understood as being a complement to our terms and conditions.

  1. Legal framework The Services are operated by Sprenger Company B.V. (the “Company”, “We”), domiciled at Boompjes 49R, 3011XB Rotterdam, The Netherlands. It is therefore governed by the laws and regulations of The Netherlands.
  2. Data Scrutineer collects from you, and how we use it Our overriding policy is to collect as little user information (personal data included) as possible to ensure a private user experience when using the Services. Data collection is limited to the following:
    1. Account creation Specifically the identity your account is bound to, which is a GitHub user ID.
    2. Account activity Specifically the signature and verification process and management tasks related to your Realm, including information stored in the signed commit
    3. IP logging By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities.
    4. Communicating with Scrutineer and the sales team
    5. Payment information We rely on third parties to process credit card and PayPal transactions and must therefore share payment information with these providers. We do not retain full credit card details, we only save your name and the last 4 digits of the credit card number. We may use your account data for payment-related matters, including but not limited to sending you emails, invoices, receipts, notices of delinquency, and alerts to update payment information. The legal basis of these processing activities is the necessity to the execution of the contract to provide the Services. In order to respect the principle of data minimisation, we reserve our right to remove payment information from our systems that is no longer valid, without notice.
  3. Data disclosure We will only disclose the limited user data we possess if we are legally obligated to do so by a binding request coming from the competent EU authorities. We may comply with electronically delivered notices only when they are delivered in full compliance with the requirements of EU law.
  4. Your privacy rights at Scrutineer Through your Account interface, you can directly access, edit, delete, or export personal data processed by the Company in your use of the Services. If your Account has been suspended for a breach of our terms and conditions, and you would like to exercise the rights related to your personal data, you can make a request to our support team. In case of violation of your rights, you have the right to lodge a complaint to the competent supervisory authority.
  5. Modifications to Privacy Policy Within the limits of applicable law, the Company reserves the right to review and change this Privacy Policy at any time. As long as you are using the Services, you are responsible for regularly reviewing this Privacy Policy. Continued use of the Services after such changes are performed shall constitute your consent to it.