Privacy Policy
01 Overview
Fluxum Technologies ("Fluxum," "we," "us," or "our") operates Scatterbrainz, available at https://scatterbrain.tech. This Privacy Policy describes how we collect, use, store, and share information about you when you use our Service.
This policy complies with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). Where these laws impose different obligations, we apply the higher standard.
02 Data We Collect
Account data
- Name — first and last name provided at registration
- Email address — used for account authentication, billing notices, and support
- Password — stored as a one-way hash (bcrypt); we cannot read your password
Project and usage data
- Project content — project names, component names, deliverables, stage progress, team member names, and any other content you enter into the Service
- Usage metadata — features used, session timestamps, API request logs, credit consumption records
Payment data
- Payment card details are collected and stored exclusively by Stripe, our payment processor. Fluxum Technologies does not store full card numbers or CVV codes.
- We store Stripe customer IDs, subscription IDs, and transaction metadata for billing and support purposes.
Technical data
- IP address — captured in server access logs for security and abuse prevention
- Browser and device information — user agent string, viewport, operating system
- Referrer URL — the URL you navigated from to reach our Service
Marketing attribution data
- UTM parameters from advertising campaigns (utm_source, utm_medium, utm_campaign, utm_term, utm_content) captured at signup to measure campaign effectiveness
- Landing page URL at the time of first visit
| Category | Examples | Purpose |
|---|---|---|
| Identity | Name, email | Account access, communication |
| Content | Project data, deliverables | Service delivery |
| Financial | Stripe customer ID, plan | Billing and subscription management |
| Technical | IP, user agent | Security, debugging |
| Attribution | UTM params | Campaign ROI measurement |
03 How We Use Your Data
We use the data we collect for the following purposes:
- Service delivery — to operate, maintain, and improve the Scatterbrainz platform; to authenticate your account; to process payments and manage subscriptions
- Billing and account management — to process payments, send billing receipts, notify you of failed payments or subscription changes, and manage your Credits balance
- Customer support — to respond to inquiries, resolve disputes, and troubleshoot issues with your account
- Product improvement — to analyze aggregated usage patterns and identify areas for improvement. We do not use identifiable project content for this purpose without your consent.
- Security — to detect and prevent unauthorized access, fraud, and abuse
- Legal compliance — to comply with applicable laws, regulations, or legal processes
- Marketing attribution — to measure the effectiveness of paid advertising campaigns by correlating signups to the campaigns that drove them (see Section 5)
We do not use your personal data for automated decision-making that produces legal or similarly significant effects without human review.
04 Data Storage and Infrastructure
Hosting infrastructure
Scatterbrainz is hosted on Netlify's infrastructure. Netlify operates data centers in the United States and the European Union. Data may be stored and processed in either region depending on Netlify's routing configuration. For information about Netlify's data practices, see Netlify's Privacy Policy.
Payment data storage
All payment card data is processed and stored by Stripe, Inc., a PCI DSS Level 1 certified payment processor. Stripe operates servers in the United States and the European Union. Fluxum Technologies does not store payment card numbers. For Stripe's data practices, see Stripe's Privacy Policy.
Cross-border data transfers
If you are located in the European Economic Area (EEA) or the United Kingdom, your data may be transferred to and processed in countries outside the EEA (including Canada and the United States). Such transfers are subject to appropriate safeguards including standard contractual clauses or adequacy decisions where applicable.
Security
We implement industry-standard security measures including HTTPS/TLS encryption for data in transit, hashed password storage, and access controls. No method of transmission or storage is 100% secure. We will notify you promptly in the event of a data breach that affects your personal information, as required by applicable law.
05 Advertising and Campaign Attribution
Scatterbrainz may run paid advertising campaigns, including through Google Ads. When you arrive at the Service via a paid campaign, your browser URL may contain UTM parameters (e.g., utm_source=google, utm_medium=cpc, utm_campaign=...). These parameters are captured at the time of signup and stored in our internal analytics system to measure campaign performance — specifically, to calculate cost per acquisition (CPA) and return on ad spend (ROAS).
What is shared with advertising platforms
UTM parameters and aggregated conversion signals (e.g., "a conversion occurred from this campaign") may be reported back to advertising platforms to optimize campaign delivery. We do not share your name, email address, or any other personally identifiable information with advertising platforms for this purpose.
Google Ads and analytics
If you arrive at our Service through a Google Ads campaign, Google may set a cookie on your browser as part of its standard conversion tracking mechanism. This is governed by Google's privacy policies. You can opt out of Google's advertising cookies through Google's Ad Settings or the Digital Advertising Alliance opt-out.
Internally, we store attribution data (UTM parameters, landing page, referrer, plan selected) linked to your account for business intelligence purposes. This data is used by Fluxum Technologies only and is not shared with any third party except as required for the campaign attribution mechanism described above.
07 Third-Party Services
Scatterbrainz integrates with the following third parties to deliver the Service:
| Service | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing, subscription management | Name, email, plan, payment data (handled directly by Stripe) |
| Netlify | Hosting, serverless functions, edge delivery | All Service traffic; server access logs including IP addresses |
| Anthropic API | AI processing of project content for AI-powered features | Project content submitted to AI features; governed by Anthropic's usage policies |
| Google Ads | Paid campaign attribution (if applicable) | Aggregated conversion signals; no PII |
We do not sell, rent, or trade your personal data to any third party. We share data only as described in this Policy and as required to deliver the Service.
08 Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right of correction — request correction of inaccurate or incomplete data
- Right of deletion — request deletion of your personal data, subject to legal retention obligations
- Right of portability — request your data in a structured, machine-readable format (GDPR Article 20)
- Right to restrict processing — request that we limit how we process your data in certain circumstances
- Right to object — object to processing based on legitimate interests
- Right to opt out of sale — California residents: we do not sell personal data, but you may formally exercise this right at any time
To exercise any of these rights, email refund@scatterbrain.tech with the subject line "Privacy Request." We will respond within 30 days. Requests are free of charge for one exercise per 12-month period.
Account deletion
You can delete your account from within the application settings or by emailing us. Account deletion initiates our 90-day data retention period (see Section 9), after which your personal data is permanently removed from our systems.
09 Data Retention
We retain your personal data for as long as your account is active, or as needed to provide the Service. After account cancellation or deletion:
- Account data (name, email, project content) is retained for 90 days, then permanently deleted
- Billing records and transaction history are retained for 7 years to comply with tax and financial record-keeping requirements under Canadian law
- Server access logs containing IP addresses are retained for 90 days for security purposes, then purged
- Marketing attribution records are anonymized after 24 months
You may request early deletion of your data by contacting refund@scatterbrain.tech. We will honour deletion requests within 30 days, subject to legal retention obligations.
10 Children's Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact refund@scatterbrain.tech and we will delete the information promptly.
11 Governing Law
This Privacy Policy is governed by the laws of the Province of Ontario, Canada, including PIPEDA and applicable provincial privacy legislation. Any disputes arising under this Policy shall be subject to the exclusive jurisdiction of the courts of the Province of Ontario.
12 Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by prominent notice within the Service, at least 14 days before the changes take effect. The "Effective date" at the top of this page reflects when the current version was last updated.
13 Contact
For privacy inquiries, data requests, or complaints:
Email: refund@scatterbrain.tech
Website: https://scatterbrain.tech
If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.