Scamwise
Savi

ScamWise Terms and Conditions

Last Updated: February, 2026

These terms and conditions (“Terms”) apply to your use of our website(s) (“Websites”), mobile applications (“Apps”) and any data, products, tools, software, application, or any services of any other kind owned, operated, or otherwise (collectively “Services”) provided by Savi Security, Inc. (“ScamWise”) to you.  Any terms that deviate from these Terms are only valid and binding for ScamWise if they have been agreed to by ScamWise in writing. ScamWise and you are each a “Party” and collectively “the Parties.”

ScamWise is a Delaware corporation. 

In these Terms, the words “we”, “us” and “ours” refer to ScamWise and the words “user”, “you” and “your” refer to anyone using our Service. 

In addition to these Terms, ScamWise may issue guidelines (“Guidelines”) that describe and govern in a more detailed matter the manner in which you are entitled to use the Service. In case of conflict between a Guideline and these Terms, the contents of the Guideline shall prevail. 

By using the Services, you acknowledge that you have read, understood, and agreed to be bound by these Terms. By clicking “Agree” (or a similar confirmation) in the App or on our Website, or by otherwise accessing or using the Services, you enter a legally binding contract with ScamWise. If you do not agree to these Terms, you should refrain from using the Services. ScamWise reserves the right to suspend or discontinue all or part of the Services to protect your rights or the integrity of our Websites or Apps.

ScamWise may update, amend, or supplement these Terms at any time. You are responsible for reviewing the latest version of the Terms before registering or using the Services and for periodically checking for updates.

By registering and/or downloading, installing, or accessing the Services, either as a consumer or a business professional, you represent and warrant that:

You are a natural person with full legal capacity and authority (or, if you are a minor, as determined in accordance with the laws and regulations applicable to you, you have obtained consent from your legal guardian), or a legal entity or other organization with the legal right to enter into this agreement and to use the Services in accordance with applicable laws. If you do not meet these eligibility requirements, you and your legal representative will be held liable for any consequences, and ScamWise may suspend your access to the Services, and to seek compensation for any damages or losses incurred.
You have the legal right to use the Services under applicable laws and regulations.
The information you provide to ScamWise is true, accurate, and complete, and you agree to update such information as necessary upon request by ScamWise.

[In addition to the above, the following applies for users using the Services for business purposes or as a business professional:

An agreement (“Agreement”) in respect of the Services between ScamWise and you shall be concluded upon your acceptance of a proposal from ScamWise. ScamWise may require you to confirm your acceptance in writing. In the event that you do not formally accept a proposal from ScamWise but nevertheless create such an impression (e.g. by having ScamWise carry out certain work), the proposal will be deemed to have been accepted in full. ScamWise has the right to engage third parties for the performance of the Agreement. ]

1.     Services

  • [The Services provided by ScamWise consist solely of aggregated content derived from publicly available information.] ScamWise does not independently evaluate, verify, or express any opinion on such content, and the inclusion of such information shall not be construed as representing the views or positions of ScamWise.
  • Unless agreed otherwise, our Services are provided to you free of charge and on an “as-is” basis. If you use our Services free of charge, available features may change from time to time without notice being required and we may terminate or suspend such free of charge Services provided to you at any time and without notice or explanation. 
  • We work to ensure continuous availability of the Services but do not warrant uninterrupted availability.
  • For users using the Services for business purposes or as a business professional:
    • ScamWise will make reasonable efforts to provide you with access to the Services and will do so with reasonable care and expertise. However, ScamWise does not warrant uninterrupted availability of the Services.
    • In case of errors in the Services, ScamWise will strive to resolve these as quickly as possible. ScamWise is entitled to perform maintenance on its Services and make changes to the Services. Such changes may result in change or loss of functionality of the Services. 
  • If our Services consist of providing Apps, the following applies in addition to any other relevant provisions:
    • Our Apps are distributed through third-party app stores. These Terms apply only between ScamWise and you and not to any app store provider. You acknowledge that the app store provider has no obligations towards you regarding any support or maintenance of our Apps or the use of the Services.
    • If you are a consumer that uses the Apps free of charge, we grant you a limited, non-exclusive, non-transferable, revocable license to use the App on any mobile device that you own or control. The App may be used only on the device onto which the App was downloaded and installed. This license is granted to you for personal, non-commercial use only and does not allow you to use the App for any commercial purposes or on behalf of any third party. The license is granted to you at no charge, and we reserve the right to terminate or suspend your license and applicable Services at any time, with or without cause, at our sole discretion, for example if we discontinue free licenses or when you are in breach of these Terms. 
    • The App may be available for download on various app stores, such as Apple App Store for iOS or Google Play for Android, and you agree to comply with the additional terms and conditions imposed by those app stores. We are not responsible for any such additional terms and conditions, and your use of the App may, in addition to these Terms, be subject to such terms and conditions.
    • The App may, depending on your device and app store settings, automatically download and install Updates, or you may be prompted to manually download and install the Updates. We may require you to install Updates before continuing to use the App. If you do not install Updates when prompted or required to do so, certain features or functionality of the App may no longer be available to you.
    • You acknowledge and agree that Updates may be made available subject to additional terms and conditions, which will then be presented to you prior to installation of the Update. You will have the option to accept or reject such additional terms and conditions. If you do not install Updates when prompted or required to do so, certain features or functionality of the App may no longer be available to you.
    • You acknowledge that as mobile operating systems and devices are updated, the App may no longer be compatible with certain versions or features of those systems and devices. We will make reasonable efforts to ensure that the App remains compatible with the latest and most widely used mobile operating systems and devices, but we make no guarantees or representations regarding such compatibility.
    • Any warranties provided by us under these Terms are only provided by us and not by the third-party app store the App is distributed by.
  • We may, from time to time, provide updates or upgrades to the Website or the App that may for example include bug fixes, new features, or other enhancements (collectively, "Updates"). However, you acknowledge and agree that we have no obligation to provide any Updates, and that we may modify, suspend, or discontinue any aspect of the Website or App at any time, without notice or liability to you.
  • Our Websites and Apps may contain open-source software that is subject to open-source licenses. Your use of the open-source software is subject to the terms and conditions of the applicable open-source license(s), and nothing in these Terms limits your rights under or grants you rights that supersede the terms and conditions of any applicable open-source license. If the Website or App contains open-source software and when required by law, the applicable open-source licenses are mentioned in the App or on the Website or the documentation provided along with the App or Website, as the case may be. To the extent that any such open-source software is distributed under the terms of a license that requires us to make the corresponding source code available, we will make the corresponding source code available to you upon your request.
  • You understand and agree that the Services do not guarantee completeness or accuracy. You are solely responsible for independently verifying information retrieved from the Services and for any decisions made based on such information. All actions performed through [your account] or on our website or app on your phone or browser are presumed to be conducted by you; accordingly, you shall bear full legal liability for such activities.

2.     Privacy 

  • While delivering our Services, we may collect and process specific personal information as outlined in ScamWise's privacy policy which can be found at [INSERT LINK] and/or as referenced within the respective Service. ScamWise’s privacy policy forms an integral part of these Terms. ScamWise generally acts as an independent data controller and determines the purposes and means of processing personal data in connection with the Services.
  • In certain cases, for example if ScamWise provides business services and processes personal data on your behalf, ScamWise acts as a data processor within the meaning of the European Data Protection Regulation (“GDPR”). In such cases, our Data Processing Addendum applies and forms an integral part of the Agreement.

[3.     Registration 

  • To be able to make full use of our Services, you may be required to register for an account. ScamWise has the right to review, suspend, or terminate your account at its sole discretion. We may offer you the option to register for an account by using certain third-party services (e.g. Google or Facebook Login) in which case the following also applies.
  • You may only register for an account if you are 18 years (or the age as determined in accordance with the laws and regulations applicable to you) or older. Accounts are personal and may not be shared or transferred to other people. You are only allowed to create one account, which is only for your own use.
  • When you are asked to choose a username, please note that the username may be displayed and visible to other people using our Service. For example, your username may be displayed online when you submit information (e.g. reviews, comments, reports). 
  • When you are asked to choose a password, you are responsible for choosing a sufficiently reliable password. The foregoing also applies if you use a third-party service account (e.g. Google) to create and subsequently access your account created with us.
  • You must keep your login credentials, username, and password strictly confidential. We cannot be held liable for any misuse of the login credentials and may assume that any use of an account is done by the person that created the account in the first place – unless we were notified that access to the account may have been compromised.
  • Users may request termination of their membership or access rights via customer service at support@savisecurity.com.
  • By registering as a member, you understand and agree to the following obligations:
    • Provision of Personal Data: You agree to provide complete and accurate personal information, including but not limited to your phone number, name, and other registration-related data, to ScamWise or its lawfully appointed processors. You authorize ScamWise to collect, process, and use such personal data, and to take any reasonable measures based on the results of internal or user-generated queries or reports.
    • To access full membership features, you agree to log in prior to using the Services and maintain active authentication during use. You must safeguard your login credentials and shall not imply, disclose, transfer, lend, or authorize any third-party to access your account. ScamWise has the right to forcibly log out accounts that are detected as logged into multiple mobile devices simultaneously.
    • In the event of a forced logout, you agree to reauthenticate, and you acknowledge that ScamWise bears no liability for any losses resulting from this process.
    • Incident Reporting: If you discover or suspect that your account has been compromised or accessed without authorization, you must immediately change your password and notify ScamWise’s customer service at support@savisecurity.com. ScamWise has the right to suspend the account during investigation and assist in reactivating access upon resolution.] 

5.     Access

  • To use and access the Services, authentication may be required. User credentials may not be shared with third parties, except for third parties that are engaged by you for use of the Services on your behalf.
  • You are obliged to keep credentials secure and strictly confidential. ScamWise has the right to assume that all acts performed using these credentials are performed under your supervision and with your approval. You must notify ScamWise immediately if you suspect abuse or any other form of unauthorized use.

6.   General Rules of Conduct

  • While using our Service, you must comply with these Terms. Additionally, as mentioned above, certain Guidelines may also apply. If you use Services in violation of these Terms or those Guidelines, we may take action in the manner described therein.
  • You shall not use the Services in a manner that violates any applicable laws and regulations. You may not use Services in a manner that causes nuisance, hindrance, or loss and/or damage to ScamWise and third parties, including other users of the Services.
  • While making use of our Services, you are not permitted to:
    • introduce, transmit, or otherwise upload materials or software code to the that are libelous, racist, deceptive, misleading, fraudulent, threatening, abusive, harassing, tortious, obscene, pornographic or profane or otherwise harmful, or unlawful, and use will not have any purpose that is unlawful or prohibited by these Terms;
    • in any manner, damage, disable, overburden, or impair the Services or interfere with any other party’s use and enjoyment of the Services;
    • attempt to obtain any materials or information not provided for in the Services; and
    • download or use, or transport to, the Services to or in a country or region that is subject to an embargo or sanction by the government of the United States.
    • violate applicable laws and regulations or any Guidelines issued by ScamWise;
    • use indecent language;
    • submit off-topic reviews or experiences;
    • submit information that is not based on the truth or experiences that are not genuine;
    • violates other people's rights, including any intellectual property rights;
    • submit information on behalf of someone else or pretend to be someone else;
    • make commercial statements in your review, including naming competitors of the party to which the review relates;
    • Transfer, sell, auction, or distribute membership accounts, activation codes, discount codes, or other paid service items in any unauthorized manner, including via online forums or social media platforms;
    • attempt to scan, probe, or test the vulnerability of the Service’s systems or network, or bypassing security mechanism;
    • forge identifying information or otherwise transmitting false or misleading origin data;
    • exploit security vulnerabilities or bypassing protection mechanisms to alter, delete, or collect personal data of others.
  • If ScamWise takes notice of any use of the Services that violates these Terms, the Guidelines, any applicable laws and regulations or and any other agreements we have with you, ScamWise shall have the right to take measures (including but not limited to refusing, suspending, or terminating access to the Services, freeze the user’s account, remove offending content and pursue all legal remedies available) to stop the suspected unlawful or unauthorized use and shall not be liable for any damage resulting from measures taken.
  • You warrant that any information, statements, or claims submitted by you to the Services, including domains and associated information reported by you to be added to a public warning list, are fully correct. You shall indemnify and hold ScamWise harmless against all claims pertaining to loss and/or damages arising from your breach of these Terms.
  • For the purpose of verification, we may at any time request you to promptly provide us with additional information regarding the information you have submitted to us while making use of the Services. Not timely or adequately complying with any such request shall give us the right to suspend the Services without further notice being required. 
  • We may recover from you any loss or damage sustained due to a breach of these Terms, the Guidelines, the applicable laws and regulation and any other agreements we have with you. You shall indemnify and hold us harmless against any and all claims pertaining to loss and/or damages arising from your violation of these Terms, the Guidelines, the applicable laws and regulations and such agreements we have with you. 

7.     Intellectual Property Rights 

  • All intellectual property rights in the Services and any materials developed and/or made available by or licensed to ScamWise in connection with the Services are owned by ScamWise or its licensors. We grant you a non-exclusive, non-transferable and non-sublicensable right of use with regard to the Services and materials [provided under the Agreement for a limited duration of the Agreement.]
  • You may provide suggestions, comments, or other feedback (collectively, "Feedback") to us with respect to our Services. Feedback is entirely voluntary. In the event you furnish any Feedback to use, we may use Feedback for any purpose without obligation of any kind. You hereby assigns all right, title, and interest in any Feedback to us; to the extent you cannot assign all rights, you hereby grants us an irrevocable, non-exclusive, perpetual, royalty-free license to use the Feedback in connection with our business, including the enhancement of the Services.
  • You warrant and represent that you are the rightful owner or rightful licensee of all intellectual property rights which forms part of, or is included in, the information supplied by you when using the Services and have the right to grant us the license described in the previous paragraph. You will not submit any information that infringes the rights of third parties. To the extent you knowingly or negligently provide infringing information, you will indemnify and hold us harmless from any related third-party.
  • You may not (1) decompile or reverse engineer the source code of the Website or the App, except to the extent permitted by mandatory law or applicable open source license; (2) supply copies of the Website or App to third-parties; (3) sublicense the Website or App or to make the Website or the App available to third-parties; (4) modify the Website or the App, except to the extent permitted by mandatory law; (5) remove or make unreadable any copyright notices included in the App or on the Website; and (6) use the Website to the App for any unlawful purpose or in any way that could harm us or any third-party. 

 8.    User’s Responsibilities

  • You shall be solely responsible for the correct and lawful use of the Services and the subsequent use of any information you may acquire via the Services.
  • Unless agreed otherwise, ScamWise has no obligation to develop, maintain, support, or assist you in realizing any integrations between the Services and other software you use.
  • ScamWise makes no representations regarding the quality and usability of data and information you may obtain via the Services. It shall be your responsibility to determine whether such data and information is fit and lawful for your intended use. 

9.     Indemnification and Limitation of Liability. You shall indemnify, defend and hold us harmless as well as our assignees, subsidiaries, and affiliated companies, and their respective officers, directors, employees, shareholders, agents and representatives, from and against any and all loss, claim, cost, judgment, liability, injury, damage, demand, action, or expense of any kind or character brought by a third-party (collectively, "third-party Claims"), including court costs and reasonable fees of attorneys and other professionals, arising out of or in connection with (i) a breach of these Terms or the Agreement or any of the covenants contained herein, (ii) a breach of any applicable privacy statute or regulation governing the collection and processing of personal information or personal data, such as California Consumer Protection Act, GDPR, UK Data Protection Act, or Switzerland Federal Act on Data Protection, each as amended, or (iii) the use or possession by you of the Services.

10. Disclaimer of Warranties; Limitation of Liability. THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE,” AND YOU AGREE TO USE THEM AT YOUR OWN RISK. WE MAKE NO GUARANTEES, REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, ARISING BY LAW OR OTHERWISE, INCLUDING BUT NOT LIMITED TO, CONTENT, QUALITY, ACCURACY, COMPLETENESS, EFFECTIVENESS, RELIABILITY, FITNESS FOR A PARTICULAR PURPOSE, USEFULNESS, USE, OR RESULTS TO BE OBTAINED FROM THE SERVICES, EXCEPT THOSE EXPRESSLY SET FORTH HEREIN. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY US OR OUR REPRESENTATIVES WILL CREATE ANY OTHER WARRANTIES OR IN ANY WAY INCREASE THE SCOPE OF OUR OBLIGATIONS HEREUNDER. WE (INCLUDING OUR LICENSEES, ASSIGNEES, SUBSIDIARIES, AFFILIATES, AND THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, SHAREHOLDERS AND REPRESENTATIVES) SHALL NOT BE LIABLE FOR ANY INJURY (INCLUDING WITHOUT LIMITATION PERSONAL INJURY, DISABILITY, OR DEATH), DAMAGE (INCLUDING WITHOUT LIMITATION PROPERTY DAMAGE), LOSS, CLAIM, LIABILITY, OR EXPENSE, OF ANY KIND, ANY LOSS OF PROFIT, REVENUE, CONTRACTS OR SAVINGS, OR ANY INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, ARISING OUT OF OR RELATING IN ANY WAY TO THE AGREEMENT OR THE TERMS OR ANY USER’S USE OF OR INABILITY TO USE THE SERVICES, ANY DEFECT OR ERROR IN ANY SERVICES, OR ANY BREACH OF THE AGREEMENT OR THESE TERMS, WHETHER IN AN ACTION IN CONTRACT OR TORT OR BASED ON A WARRANTY. THE AGGREGATE LIABILITY OF US (INCLUDING OUR LICENSEES, ASSIGNEES, SUBSIDIARIES, AFFILIATES, AND THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, SHAREHOLDERS AND REPRESENTATIVES) FOR ALL CLAIMS AND DAMAGES OF EVERY KIND AND TYPE, WHETHER IN CONTRACT OR TORT, ARISING OUT OF OR RELATING IN ANY WAY TO THE AGREEMENT OR THESE TERMS, INCLUDING RESULTING FROM THE USE OR POSSESSION OF THE SERVICES, SHALL NOT EXCEED, IN THE AGGREGATE, THE FEES PAID HEREUNDER BY THE USER IN THE TWELVE MONTHS IMMEDIATELY PRECEDING THE CLAIM. IN THE EVENT OF AN ERROR IN ANY OF THE SERVICES, YOUR SOLE REMEDY WILL BE A REFUND OF THE FEES PAID TO OBTAIN THE SERVICES, IF ANY.

11.   Changes 

  • We may amend these Terms and applicable Guidelines at any time and will make reasonable efforts to announce changes or additions via our Services at least seven (7) days before the date they take effect.
  • If you do not wish to accept any such changes or additions, you may terminate the Agreement by requesting to remove your account or to otherwise stop making use of our Services. Use of our Services after the announced effective date will be regarded as acceptance of the proposed changes or additions.

12.     Other Terms 

  • ScamWise’s privacy policy, the Guidelines, and any attachments to these Terms shall form an integral part of these Terms, which shall constitute an agreement between ScamWise and you.
  • These Terms will be interpreted and construed pursuant to the laws of the State of California and the United States without regard to conflict of law provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods. Any claims or litigation arising under these Terms will be brought in state and federal courts located in San Francisco, California, and you specifically consent to San Francisco, California, as the exclusive venue for any such proceeding.
  • In these Terms, the words "in writing" or “written” also refer to communication via email, provided that the identity and the integrity of the contents of the communication can be sufficiently established.
  • You agree to waive any future challenge to the validity and enforceability of these Terms and any document submitted hereunder on the grounds that it was electronically transmitted and/or authorized or accepted.
  • These Terms contain the entire agreement between you and us with respect to the subject matter herein and supersede all previous communications, proposals, representations, understandings, and agreements, either oral or written, between you and us with respect to said subject matter. No employee, agent, representative or affiliate of ScamWise has authority to bind ScamWise to any oral representations or warranty concerning any ScamWise products or services. Any written representation or warranty not expressly contained in these Terms, or a separate written Agreement between you and us, is unenforceable.
  • All section and paragraph titles and captions contained in these Terms are for convenience only and are not deemed a part of the context hereof.
  • ScamWise is authorized to transfer any agreement with you and all its rights and obligations arising therefrom to a third-party that acquires the business operations to which said agreement is subject without further approval or cooperation from you being required, including these Terms.
  • Beta Releases. Any beta, pilot, limited release, non-production, pre-production or evaluation feature or version of a feature or offering provided by ScamWise (“Beta Releases”) is experimental and provided “AS IS” without warranty, support, or maintenance of any kind and will not create any obligation for ScamWise to continue to develop, productize, support, repair, offer for sale, or in any other way continue to provide or develop any such feature or offering. You agree that your access to or purchase of access to the Services or any Beta Release is not contingent on the delivery of any future functionality or features, or dependent on any oral or written statements made by ScamWise regarding future functionality or features. ScamWise may modify or remove Beta Releases at any time.
  • Aggregated Statistics. ScamWise may monitor your use of the Services and collect and compile data and information related to your use of the Services to be used by ScamWise in an aggregated and anonymized manner, including to compile statistical and performance information related to the provision and operation of the Services (“Aggregated Statistics”). As between you and ScamWise, all right, title, and interest in Aggregated Statistics, and all intellectual property rights therein, belong to and are retained solely by ScamWise. You acknowledge that ScamWise may compile Aggregated Statistics based on any data regarding or derived from your use of the Services. You agree that ScamWise may (i) make Aggregated Statistics publicly available in compliance with applicable law, and (ii) use Aggregated Statistics to the extent and in the manner permitted under applicable law; provided that such Aggregated Statistics do not identify you or any user.

APPENDIX A: DATA PROCESSING ADDENDUM

This ScamWise Data Processing Agreement (the “DPA”) is incorporated into the Terms, or applicable governing document (either, the “Agreement”) and governs ScamWise’s provision of services as further detailed below. You enter into this DPA on behalf of yourself, your affiliates, and any entity you represent that uses the Services. 

This DPA may be updated from time to time with reasonable notice to you. Any term not defined in this DPA shall have the meaning set forth in the Terms.

1. Definitions. The following definitions apply to this DPA. All capitalized terms of the DPA not defined below shall have the meaning given in the Terms.

1.1 Applicable Law” includes all laws, regulations and other legal requirements applicable to you or ScamWise. This may include, for example, the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”); equivalent requirements in the United Kingdom including the UK General Data Protection Regulation and the Data Protection Act 2018 (“UK GDPR”); the California Consumer Privacy Act and associated regulations (“CCPA”), and the California Privacy Rights Act and its implementing related regulations when effective (“CPRA”); the Personal Information Protection and Electronic Documents Act, SC 2000, c.5 (“PIPEDA”); Australia’s Privacy Act 1988 and the Australian Privacy Principles (the “Privacy Act”); the Virginia Consumer Data Protection Act when effective (“VCDPA”); the Utah Consumer Privacy Act when effective (“UCPA”), and the Colorado Privacy Act and related regulations when effective (“CPA”). Each Party is responsible only for its own obligations under the Applicable Law.


1.2 Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data, imposing notification or other obligations in the event of such a breach.

1.3 Business” and “Service Provider” have the same meanings as described by Applicable Law.

1.4 Controller” has the same meaning as described by Applicable Law.


1.5 Data Subject” has the meaning as described by Applicable Law.


1.6 EEA” means the European Economic Area, or other adequate country.


1.7 Processor” has the meaning as described by Applicable Law.


1.8 Personal Data” means (i) any information relating to an identified or identifiable individual, within the meaning of the GDPR; (ii) “personal data” within the meaning of the VCDPA and CPA; (iii) “personal information” within the meaning of PIPEDA, the CCPA, the CPRA, and the Privacy Act; and (iv) any analogous term as defined by Applicable Law.


1.9 Subprocessor” means a third-party engaged by a Processor for processing Personal Data.

1.10 Transfer Mechanism” means, (i) for the EEA, the Standard Contractual Clauses (“SCC”) approved by the European Commission Implementing Decision (EU) 2021/914 of 4 June 2021 (as amended), (ii) for the UK, the International Data Transfer Agreement (“IDTA”) or International Data Transfer Addendum (“IDT Addendum”) issued by the Information Commissioner's Office under Section 119A of the Data Protection Act 2018, effective 21 March 2022, or (iii) other recognized compliance standard for lawful data transfers.

1.11 UK” means the United Kingdom.

2. Scope. This DPA applies when use of the Services involves Personal Data. You or ScamWise may be a Controller, Processor, or Subprocessor as context requires. Nothing in this DPA restricts Data Subjects from exercising their rights under Applicable Law, including rights to compensation for material and non-material damage in accordance with Article 82 of GDPR or its equivalents under Applicable Law. This DPA does not apply where ScamWise and you are joint Controllers (in which case the Parties will execute a separate agreement with respect to processing Personal Data).


3. Parties’ obligations.


3.1 Controller instructs Processor to process Personal Data only in accordance with this DPA and only for the purpose of providing the services under the Agreement. Controller is responsible for providing all notices and obtaining all consents, licenses, and legal bases required to allow Processor to process Personal Data. Processor instructs Subprocessor to process Personal Data in accordance with this DPA only for the purpose of providing the services under the Agreement and is responsible for sharing Controller’s instructions with Subprocessor prior to the processing of Personal Data. If ScamWise and you are independent Controllers, each Party agrees to only process Personal Data in accordance with this DPA (unless legally required to do otherwise), to use the technical and organizational measures described in Annex 1 when processing Personal Data, and to provide the other Party with reasonable and prompt assistance with responses to data subjects’ requests to exercise their rights under the Applicable Laws.


3.2 Processor or Subprocessor will only process Personal Data in accordance with this DPA and Controller’s instructions (unless legally required to do otherwise). Processor or Subprocessor will not sell, retain or use any Personal Data for any purpose other than as permitted by this DPA, the Terms, or ScamWise’s privacy policy. Processor or Subprocessor will inform Controller immediately if it believes any instructions infringe any Applicable Law. Processor or Subprocessor will use the technical and organizational measures described in Annex 1 when processing Personal Data to ensure a level of security appropriate to the risk involved.


3.3 When required by Applicable Law, Processor or Subprocessor will notify, in accordance with Applicable Law, Controller of any data Breach after becoming aware of the Breach and provide assistance to Controller in accordance with Applicable Laws. Processor or Subprocessor will, without undue delay, provide Controller with reasonable assistance with (i) data protection impact assessments, (ii) responses to Data Subject(s) requests to exercise their rights under Applicable Laws, and (iii) engagement with any appropriate supervisory authority.

3.4 Processor or Subprocessor shall treat Personal Data as confidential information and will not disclose or use or otherwise process Personal Data except as necessary for ScamWise to provide or maintain the Services (including internal use as training or research data) or comply with Applicable Law.

3.4.1 Processor or Subprocessor will ensure Personal Data subject to this DPA is only made available to personnel that require access to fulfill the obligations of this DPA, and any such authorized personnel are under obligations of confidentiality to protect and keep the Personal Data in confidence and will only process the Personal Data in accordance with Controller’s instructions.

3.4.2 Processor or Subprocessor will provide, if requested by Controller, information or documentation necessary to demonstrate its compliance with confidentiality or other obligations of Applicable Laws or this DPA.

3.4.3 Upon written request, or as required by Applicable Law, Processor or Subprocessor will return or delete any Personal Data in its possession, unless it is legally required to retain it.

3.4.4 If a Data Subject submits a request to Processor or Subprocessor related to Personal Data subject to Controller’s instructions, Processor or Subprocessor will promptly forward such request to Controller promptly after Processor or Subprocessor has identified that the request is from a Data Subject for whom Controller is responsible. Controller authorizes on its behalf, and on behalf of its controllers when Controller is acting as a processor, Processor or Subprocessor to respond to any Data Subject confirming the request has been forwarded to you. The Parties agree that, when a request is made of ScamWise, ScamWise forwarding such data subjects’ requests in accordance with this Section, represents the scope and extent of ScamWise’s required assistance. 

3.4.5 In the event Personal Data becomes subject to confiscation during bankruptcy or insolvency proceedings, or similar measures by third parties while being processed, Processor or Subprocessor will inform Controller without undue delay. Processor or Subprocessor will, without undue delay, notify all relevant parties in such action (for example, creditors, bankruptcy trustee) that any Personal Data subject to those proceedings is at Controller’s disposition.

3.5 Processor or Subprocessor will accommodate Controller’s reasonable audit requests, such audits not to occur more than once per year and during normal business hours


except in event of a data Breach. The results of such audit constitute confidential information of the Processor or Subprocessor.

3.6 Controller gives Processor general authorization to engage Subprocessors. Controller may object to a Subprocessor by (i) terminating its relationship with the Processor pursuant to any contractual provisions, (ii) ceasing to use the services the Subprocessor is engaged in, or (iii) requesting the Processor use a different Subprocessor, allowing that the cost of the services may be impacted by fulfilling such request.

3.6.1 Processor will restrict Subprocessor access to Personal Data to only what is necessary to provide the services, and Processor will prohibit the Subprocessor from accessing or using Personal Data for any other purpose.

3.6.2 Processor will enter into a written agreement with its Subprocessors, imposing upon the Subprocessor equivalent obligations to those included in this DPA.

3.6.3 Processor is responsible for compliance with its obligations under this DPA, including any data transfer obligations, and for any act or omissions of its Subprocessors that breach the obligations of this DPA.



3.6.4 Controller.

3.6.5


Processor may appoint new Subprocessors with reasonable notice to


ScamWise’s Subprocessors are listed in Annex 2.


3.7 Data Transfers. ScamWise is located in the United States, and Personal Data may be transferred to the United States, pursuant to the terms of any Agreement between ScamWise and you.


3.7.1 Transfers of Personal Data out of the EEA, UK or other countries with data transfer laws will only be made in accordance with the appropriate Transfer Mechanism and this DPA. To the extent required, and provided no alternative Transfer Mechanism is in place, the Parties are deemed to have executed the following Transfer Mechanisms by virtue of entering into this DPA:

(i) for transfers out of the EEA, the appropriate SCC module with the following elections:

(a) Clause 7 is not used;

(b) at Clause 9 “General Written Authorization” is provided and the data importer will provide 30 days’ advance notice for changes to its list of subprocessors;

(c) the optional language at Clause 11(a) is omitted;

(d) at Clause 17, option 2 is selected and the governing law shall be that of Denmark;

(e) at Clause 18(b) the courts of Denmark shall have jurisdiction


(f) the information at Annex 1 is the information as reflected and supported by the Agreement and this DPA (including any Addendums).

(ii) for transfers out of the UK, the appropriate SCC module as described above is used and supplemented with the ITD Addendum, utilizing the following Mandatory Clauses: “Part 2: Mandatory Clauses of the Approved Addendum, being the template Addendum B.1.0 issued by the ICO and laid before Parliament in accordance with s119A of the Data Protection Act 2018 on 2 February 2022, as it is revised under Section 18 of those Mandatory Clauses.”


3.7.2 Subject to the terms of the relevant Transfer Mechanism, if the data importer (as defined by the Transfer Mechanism) receives a request from a governmental body (the “Requesting Party”) for access or disclosure of Personal Data, the data importer will use reasonable efforts to direct the Requesting Party to the data exporter (as defined by the Transfer Mechanism).

3.7.3 If compelled to disclose or make available Personal Data to a Requesting Party, the data importer will:

(i) promptly notify the data exporter to allow the opportunity to seek a protective order or other adequate remedy. If the data importer is prohibited from notifying the data exporter of the request, the data importer will use reasonable efforts to obtain a waiver of that prohibition to allow as much communication to the data exporter as possible; and

(ii) challenge any overbroad or inappropriate request (including when such request conflicts with the laws of applicable countries related to the Data Subject(s) involved in such request).

3.7.4 If, after exhausting the steps described in 3.7.3, the data importer remains compelled to disclose Personal Data to the Requesting Party, the data importer will disclose only the minimum amount of Personal Data necessary to satisfy the request and will keep a record of the disclosure.

3.8 Warranty. Processor or Subprocessor agrees and warrants that it has no reason to believe there is legislation applicable to it, or its Subprocessors, including in any country to which Personal Data is transferred either by itself or through a Subprocessor, that prevents it from fulfilling the instructions received from Controller and its obligations under this DPA. In the event of a change in legislation which is likely to have substantial adverse effect on the warranties and obligations provided by this DPA, Processor or Subprocessor will promptly notify the change to Controller as soon as Processor is aware, in which case Controller is entitled to suspend the transfer of Personal Data and/or terminate the Agreement.

4. Entire Agreement; Conflict. Except as supplemented by an addendum to this DPA, the DPA and the Agreement are the final, complete, and exclusive expressions of their terms and


supersede all prior agreements and understandings between the Parties with respect to this subject matter. If there is a conflict between the DPA and one of its addendums, the DPA will control.


GDPR and UK GDPR Addendum to the DPA


This GDPR and UK GDPR Addendum (this “GDPR and UK Addendum”) supplements the DPA or Agreement between the Parties governing the processing of Personal Data. This GDPR and UK Addendum applies when the GDPR or UK GDPR applies to ScamWise’s Services interaction with applicable Personal Data. Unless otherwise defined in this GDPR and UK Addendum, all capitalized terms are defined by the DPA or Agreement.

1. Processing Controls. ScamWise’s privacy policy (available at [xx]) may be used to assist the Parties with obligations under the GDPR, including obligations to respond to requests from Data Subjects. Taking into account the nature of the interactions involving the Services, the Parties agree it is unlikely that a Processor or Subprocessor would become aware that Personal Data transferred under a Transfer Mechanism is or would be inaccurate or outdated. Nonetheless, if a Processor or Subprocessor becomes aware that Personal Data transferred under a Transfer Mechanism is inaccurate or outdated, it will inform the Controller without undue delay. Processor will cooperate with Controller to erase or rectify inaccurate or outdated Personal Data transferred under the Transfer Mechanism, such as by responding to appropriate requests received under its privacy policy.

2. Specified Purpose. While the Services do not specifically request or require special categories of Personal Information, Controller represents they have obtained necessary and explicit consent for the processing of special categories of Personal Data, for the specified purposes of creating and storing three-dimensional data, rendering, and related data for physical structures, and such other services as described in an Agreement between the Parties from time to time.

3. Controller Instructions. The Parties agree that the DPA and the Agreement constitute Controller’s documented instructions regarding processing of Personal Data (“Documented Instructions”). Additional instructions outside the scope of the Documented Instructions (if any) require prior written agreement between the Parties, including agreement on any additional fees for carrying out such instructions. Taking into account the nature of the processing, the Parties agree it is unlikely that a Processor or Subprocessor can form an opinion on whether Documented Instructions infringe the GDPR or UK GDPR. If Processor or Subprocessor forms such an opinion, it will inform the Controller, in which case the Controller is entitled to withdraw or modify its Documented Instructions.


CCPA Addendum (“CCPA Terms”)


These ScamWise CCPA Terms (“CCPA Terms”) supplement the DPA and other Agreement between the Parties when the California Consumer Privacy Act of 2018 (“CCPA”) or California Privacy Rights Act of 2020 (“CPRA”) applies to access, use or otherwise processing of “Personal Information” (as defined and applied in CCPA or CPRA) by the Parties. Unless otherwise defined in these CCPA Terms, all capitalized terms are defined by the DPA or Agreement.

The Parties each agree and certify, with respect to any Personal Information it receives from the other Party under circumstances where the receiving Party is acting as a Service Provider, and not already in such receiving Party’s possession, that it will operate as a Service Provider and will not: (a) retain, use, or disclose Personal Information except as permitted in an agreement between the Parties and under CCPA or CPRA, or (b) sell or share Personal Information.

These CCPA Terms do not limit or reduce any other data privacy commitments either Party may have under an agreement between the Parties.


Switzerland Addendum to the DPA


This Switzerland Addendum (this “Swiss Addendum”) supplements the DPA and other Agreement between the Parties governing the processing of Personal Data. This Swiss Addendum applies when the Federal Act on Data Protection (“FADP”) applies to ScamWise’s Services interaction with Swiss Customer Data (as defined below). Unless otherwise defined in this Swiss Addendum, all capitalized terms are defined by the DPA or Agreement.

1. Applicability. Except as otherwise set out in this Swiss Addendum, the terms of the DPA will apply to your use of the services to process Swiss Customer Data, and all references to Applicable Law in the DPA will include the FADP, all references to Personal Data in the DPA will include Swiss Customer Data, and all references to “Standard Contractual Clauses” in the DPA will be replaced with “Swiss Standard Contractual Clauses.”

2. Transfers of Swiss Customer Data. When this Swiss Addendum applies, a Transfer Mechanism includes the Swiss Standard Contractual Clauses to the extent Swiss Customer Data that is transferred, either directly or via onward transfer, to any Swiss Third Country (each a “Swiss Data Transfer”). The Swiss Standard Contractual Clauses will not apply to a Swiss Data Transfer if the Parties have adopted an alternative recognized compliance standard for lawful Swiss Data Transfers pursuant to 1.8(iii) of the DPA.

3. Definitions. The following capitalized terms used in this Swiss Addendum have the meaning given to them below:

3.1 “Swiss Standard Contractual Clauses” means the GDPR standard contractual clauses for the transfer of personal data to processors established in third countries with the following modifications:

3.1.1 In instances where the data transfer is subject to both the FADP and the GDPR, the Parties adopt the GDPR standard for all data transfers and:

a. The “competent supervisory authority” in Annex I.C under Clause 13 will reflect parallel supervision by the FDPIC.

b. The term “member state” will not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c).

c. Protections afforded to data subjects shall include protection for the data of legal entities in accordance with the FADP until the entry into force of the revised FADP.

3.1.2 In instances where the data transfer is exclusively subject to the FADP:


a. The “competent supervisory authority” in Annex I.C under Clause 13 will reflect the FDPIC.

b. The applicable law for contractual claims under Clause 17 will reflect Swiss law.


c. The term “member state” will not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18 c.

d. All references to the GDPR shall be understood as references to the FADP.

e. Protections afforded to data subjects shall include protection for the data of legal entities in accordance with the FADP until the entry into force of the revised FADP.

3.2 “Swiss Customer Data” means the “personal data” (as defined in the FADP) that is uploaded to the Services. This includes the data of legal entities in accordance with the FADP until the entry into force of the revised FADP.

3.3 “FADP” means the Federal Act on Data Protection of 19 June 1992 until its totally revised version of 25 September 2020 (revised FADP) comes into effect, at which time “FADP” means the revised FADP.

3.4 “FDPIC” means the Federal Data Protection and Information Commissioner.

3.5 “Swiss Third Country” means a country outside Switzerland not recognized by the Secretary of State or the Data Protection Act 2018 as providing an adequate level of protection for personal data (as described in the FADP).


Annex 1 – Processor Security Standards


Processor will undertake and implement the following technical and organizational measures to ensure the security of Personal Data.

1. Information Security Program. Processor will maintain an information security program (including the adoption and enforcement of internal policies and procedures) designed to (a) help secure Personal Data against accidental or unlawful loss, access, or disclosure, (b) identify reasonably foreseeable and internal risks to security and unauthorized access to Processor’s systems, and (c) minimize security risks, including through risk assessment and regular testing. Processor will designate one or more employees to coordinate and be accountable for the information security program. The information security program will include the following measures:

1.1 Network Security. Processor systems will be electronically accessible to employees, contractors, and any other person as necessary to provide the services. Processor will maintain access controls and policies to manage what access is allowed to Processor systems, including the use of firewalls or functionally equivalent technology and authentication controls. Processor will maintain corrective action and incident response plans to respond to potential security threats.

1.2 Physical Security. Processor represents and warrants it has implemented and maintains the following safeguards. To the extent Processor does not maintain its own physical servers and infrastructure, Processor’s cloud infrastructure providers are authorized to provide these same requirements.

1.2.1 Physical and environmental protection policies, procedures, and systems for Processor systems shall include: emergency lighting, fire protection, temperature and humidity controls, water damage protection, and delivery and removal.

1.2.2 Physical access to Processor’s premises and physical infrastructure, even if hosted by a third-party, is protected by physical access authorization, physical access controls and monitoring, and visitor access records to restrict access to authorized personnel only.

2. Continued Evaluation. Processor will conduct periodic reviews of the security of its systems and adequacy of its information security program as measured against industry security standards and its own policies and procedures. Processor will continually evaluate the security of its systems and associated services to determine whether additional or different security measures are warranted and to respond to new security risks or findings generated by the periodic reviews.


[Annex 2 – The list of ScamWise Subprocessors, last updated [XX] is provided at [this link].


Privacy Policy

Savi Security, Inc. (“ScamWise”) is a cybersecurity platform. This privacy policy (the “Policy”) is intended to help you understand what personal information we collect, how we use and share that information, and how you can make choices regarding your personal information. The Policy applies to all services provided or powered by ScamWise, including websites, mobile applications, co-branded or white-labeled sites and apps, and products that are integrated into third-party apps and sites. All capitalized terms of the Policy not defined below shall have the meaning given in the Terms.

Table of contents

  • Information we collect
  • How we use your information
  • When we share your information
  • Third-party tools and cookies
  • Third-party links
  • Security
  • Data retention and deletion
  • Children
  • Your rights under certain U.S. state laws
  • For data subjects in the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland
  • Representative for data subjects in the EU and UK
  • How to make a privacy request
  • Contact us

Information we collect

We collect information from you, from ScamWise users, and automatically through your use of our Services.

When you create an account: When you create a ScamWise account, you provide us with information, such as your name, your email address, your phone number, and a password. You may also choose to add a profile photo and payment information to your account.

When you use our Services: When you use the Services, you are assigned a unique identification number in your browser's local storage, so we can track certain items, like return behavior, for example. You may also provide other information through free-form text fields in our applications. If you provide any photographs or videos, please take care to ensure the images you provide to ScamWise do not contain any information that can identify you or any other individual. We may collect and store applicable multimedia content, such as images, videos, and audio recordings provided to ScamWise, as well as associated metadata and sensor information from your device. We may also collect device information, or approximate (or coarse) location information (such as when more precise location services are not utilized or to determine relative position) to improve the Services.  

When you visit our sites or apps: We may collect information about how you interact with our sites and apps, including when you visit our sites without logging into your account. This may include log data (such as your device ID, IP address, browser information, device hardware, and software type), usage data (such as which pages you click on or how you use our mobile app), geo-location information, and cookie data (see below for more information about cookies). 

When you contact sales or customer support: When you interact with a ScamWise sales or customer-support representative or virtual AI representative via phone, video, or chat, we or our vendor may record the audio, video, and a transcript of your communications. We may use those recordings and transcripts for internal training purposes. You may also provide our representatives with additional information about your business and your customers.

Information we collect from third parties: We may also periodically obtain both personal and non-personal information about you from third parties, such as marketing vendors who provide us with information about potential customers of our business services, or public sources, such as information on a website.

Information we collect when you apply for employment with us or provide services to us: If you apply for a job with ScamWise or provide services to or communicate with ScamWise as a vendor or an independent contractor, we may collect information such as contact information, identifiers such as social security number, background information, work availability and preferences, employment qualifications and history, and billing and payment information. ScamWise collects that information to hire or engage the best qualified applicants or service providers, to evaluate and conduct business with vendors, and to comply with applicable laws.]

 How we use your information

To provide services: We may use information we collect to provide our Services, including to allow you access to ScamWise and to fulfill our obligations in our Terms.

For our business operations: We may also use your information to ensure our Services are working as intended, such as tracking outages or troubleshooting issues that you report to us, to make improvements to our Services, and to review and process employment applications. 

To develop new Services: We may use information we collect in existing Services to help us develop new ones.

To provide personalized Services and marketing: We may use the information we collect to customize our Services, including providing recommendations and personalized content, and to market our Services to you in compliance with applicable law. You can opt out of these personalized messages at any time.

To measure performance: We may use data for analytics and measurement to understand how our Services are used. For example, we may analyze data about your visits to our sites and applications to do things like optimize the Services. We may also use tools to understand how people use our site and app, diagnose issues, and improve the Services. This includes session replay technology, which captures certain interactions such as clicks, taps, scrolls, and page views. We may configure these tools to mask sensitive information, and you can manage your preferences in your cookie settings.

To communicate with you: We may use information we collect, like your email address and your phone number, to interact with you directly. For example, we may let you know about upcoming changes or improvements to our Services or ask for your feedback on our products. If you contact ScamWise, we may keep a record of your request in order to help solve any issues you might be facing.

To protect ScamWise and our users: We may use information to help improve the safety and reliability of the Services. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm ScamWise or our users.

We may combine the information we collect among our Services and across your devices for the purposes described above.

 When we share your information

We may share your information in the following circumstances:

With your consent: We may share your personal information outside of ScamWise based on your consent or instructions. 

With account administrators: If you work for an organization that uses the Services, your account administrator will have access to your ScamWise account. They may be able to: access and retain information stored in your account; view statistics regarding your account; change your account password; suspend or terminate your account access; and receive your account information in order to satisfy applicable law, regulation, legal process, or enforceable governmental request.

With a ScamWise partner under an enterprise agreement or using an embedded ScamWise tool on a partner’s website: If your use of ScamWise is being sponsored or paid for by a ScamWise customer or other third party, including if you are using a ScamWise App sponsored by a third party, ScamWise provides information about your use of ScamWise to that third party. The third party will have the ability to access the information in your account, modify and distribute information you upload, and disclose, restrict, monitor, compile information about, and generate reports from your information and your general usage of ScamWise, and it may use the information for its own business and marketing purposes. If you interact with ScamWise through a third party’s website or application, information collected through that interaction will be available both to that third party and to ScamWise.

If you do not agree to the sharing of your information or do not wish to be contacted by the third party, or its affiliates or service providers, do not use ScamWise in this manner.

For external processing: We may provide personal information to service providers to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. For example, we use service providers to help store our data in data centers, provide our Services, improve our internal business processes, and offer additional support to customers and users.

For legal reasons: We will disclose personal information outside of ScamWise if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to: enforce applicable terms of use, including investigation of potential violations; detect, prevent, or otherwise address fraud, security, or technical issues; protect against harm to the rights, property, or safety of ScamWise, our users, or the public as required or permitted by law; and meet any applicable law, regulation, legal process, or enforceable governmental request.

If our business changes: If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity.

 Third-party tools and cookies

Third-Party Tools: We may use automated tools and applications to operate and evaluate usage of our Service. We may use these tools to help us improve the Service, performance, and user experiences.

Cookies: Cookies are small text files used to store data for a variety of purposes.

The ScamWise mobile app and website utilize functional cookies to enable the Services and enhance the user experience. [These cookies do not interact with browsing activity on non-ScamWise platforms such as third party websites.]

[The ScamWise website utilizes, when enabled, advertising cookies to inform targeted advertising initiatives. These cookies further track advertising performance to deliver relevant Services through third party platforms. ]

To learn more about cookies generally, visit https://www.allaboutcookies.org/. To control your cookie settings, visit your Cookies Settings. 

You can also manage your cookies locally by adjusting your browser settings, or you can opt-out of targeted advertising through cookies by visiting networkadvertising.org/choices or aboutads.info/choices.

We do not sell your personal information in exchange for money. Certain jurisdictions provide you with a right to opt out of the “sale” or sharing of your personal information to third parties in exchange for valuable consideration. Our use of analytics or online advertising tools, as described above, may result in the disclosure of your information to our third-party partners that are subject to this right. You may exercise your right to opt out by emailing support@savisecurity.com and requesting to opt out. 

Third-party links

The Services may contain links to third-party websites or social media outlets. Any access to and use of such linked websites is not governed by this Policy but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.

Security

We are committed to protecting your information. We have implemented technical and organizational measures intended to achieve an appropriate level of security in order to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed by ScamWise. However, no security measures are perfect or impenetrable, and we cannot guarantee the security of your information. 

Please take appropriate steps to keep your information secure; use a strong password and do not disclose it to others. If you believe there has been any unauthorized access to your account, please alert us immediately.

Data retention and deletion

We will delete your personal information upon request. You can make a request to delete your personal information by emailing support@savisecurity.com. 

Subject to privacy laws, we will retain certain information associated with your account for analytical purposes and recordkeeping integrity, as well as to prevent fraud, collect any fees owed, enforce our Terms, take actions we deem necessary to protect the integrity of our website or our users, or take other actions otherwise permitted by law. 

In some cases, we may de-identify, aggregate, or otherwise anonymize personal information, or retain solely for internal purposes consistent with California Privacy Rights Act § 1798.105(c)-(d) and other relevant privacy laws or regulations.

Children

ScamWise is targeted to adults, and we do not knowingly collect personal information from children. If you believe we have collected personal information from a child without parental consent under the permissible age of your jurisdiction, please contact us immediately at support@savisecurity.com, and we will take reasonable steps to delete it as quickly as possible.

 Your rights under certain U.S. state laws

This Privacy Policy and our practices comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CDPA), the Delaware Personal Data Privacy Act (DPDPA), the Indiana Consumer Data Protection Act, the Iowa Consumer Data Protection Act (ICDPA), the Kentucky Consumer Data Protection Act, the Maryland Online Data Privacy Act (MODPA), the Minnesota Consumer Data Privacy Act (MnCDPA), the Montana Consumer Data Privacy Act (MtCDPA), the Nebraska Data Privacy Act (NDPA), the New Hampshire Expectation of Privacy Act (NHEPA), the New Jersey Act Concerning Online Services, Consumers, and Personal Data (NJ Privacy Act), the Oregon Consumer Privacy Act (OCPA), the Rhode Island Data Transparency and Privacy Act, the Tennessee Information Protection Act (TNIPA), the Texas Data Privacy and Security Act (TDPSA), the Utah Consumer Privacy Act (UCPA), and the Virginia Consumer Data Protection Act (VDCPA). Our practices also comply with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Quebec-Law 25. Depending on where you live, pursuant to these laws you may have the right to:

  • opt-out of the sale or sharing of personal information,
  • know about personal information collected, disclosed or sold,
  • request deletion or portability of personal information, 
  • correct inaccurate personal information that we maintain about you, and
  • be treated without discrimination should you exercise these rights.

You may be able to appoint an authorized agent to exercise these rights on your behalf. 

To exercise your rights, see How to Make a Privacy Request, below. 

If you have the right to appeal any decision or non-action that ScamWise takes in response to your attempt to exercise any of these rights, you may do so by contacting us at support@savisecurity.com and referencing the claim number associated with your original request. 

Do Not Track (“DNT”) is a privacy preference that may be enabled on certain web browsers. We are committed to providing you with meaningful opt out mechanisms through your cookie settings. We do not currently recognize or respond to browser-based DNT signals. 

California residents have the right under the “Shine the Light” law to ask us one time each year if we have shared personal information with third parties for their direct marketing purposes. To make such a request, please contact us at support@savisecurity.com and indicate in your communication that you are making a “Shine the Light” inquiry.

For data subjects in the European Economic Area (“EEA”), the United Kingdom (“UK”), and Switzerland

The information above describes the types of personal information we collect, how we get it, and our legal bases for using it (e.g., your consent, our contractual or legal obligations, or our legitimate interests). It also describes the circumstances under which we may share your personal information.

If you have provided us with your consent to process information, you may revoke your consent at any time through our cookie-preferences tool, or by submitting a request to delete your personal information.

Under data protection law, you have rights including:

  • Your right of access: You have the right to ask us for copies of your personal information.
  • Your right to rectification: You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing: You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability: You have the right to ask that we transfer the personal information you gave us to another organization, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. If you are unhappy with how we have used your data, you may file a complaint with your data protection authority.

ScamWise is based in the United States (“U.S.”) and therefore, personal data of EU data subjects will be transferred to the U.S. ScamWise has ensured that such transfers and protection of personal data are made in accordance with European Union and other local data protection laws and regulations. Standard contractual clauses, if relied upon, are concluded with all relevant parties. You can request a copy of the standard contractual clauses at any time by contacting us at support@savisecurity.com. For any further questions on international data transfers, you can contact us; our contact details can be found below.

Representative for data subjects in the EU and UK

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives EU and UK data subjects an easy way to exercise privacy-related rights (e.g. requests to access or erase personal data). To contact us through or make use of data subject rights under the EU or UK jurisdictions, please visit the following website.]

 How to make a privacy request

If you wish to exercise your rights, please email us at support@savisecurity.com with (1) your full name and contact information, (2) your country and state, if applicable, (3) whether you are an individual or represent a company, (4) your request type (e.g. deletion request, update data, access request, or general user request), and (5) the details of your request.

To exercise your California right-to-know as described above, you may also call us at (323) 210-4121.

 

Contact us

You may contact us with any questions relating to this Privacy Policy by contacting us at support@savisecurity.com.

Savi Security, Inc.
1920 Hillhurst Ave #1381

Los Angeles, CA 90027



Savi

Sign up to Get Savi.

Stops scams before they reach you or your loved ones. Join the waitlist to be the among first to get Savi when we launch!

© 2026 Savi Security