EscaliumEscalium

Privacy Policy

Last updated: June 2026

1. Introduction

Welcome to Escalium ("we", "our", or "us"). We are committed to protecting your privacy and handling your personal data in a transparent and secure manner.

This Privacy Policy explains how we collect, use, and protect your personal information when you use https://escalium.io ("the Service").

Escalium operates globally and is based in Spain. We comply with the General Data Protection Regulation (GDPR) and, where applicable, other international privacy laws.

By using our Service, you agree to the practices described in this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:

Escalium
Based in Fuengirola, Málaga, Spain
Contact: hello@escalium.io

3. Information We Collect

3.1 Information you provide directly

  • Name (if provided)
  • Email address
  • Password (stored in encrypted form)
  • Billing and subscription information (processed securely via Stripe)
  • Content you upload (text, images, videos, links, files, and other materials)
  • Any communications with us (support requests, emails)

3.2 Content uploaded by users

Users may upload content related to their marketing activities (including music promotion, media files, and related assets). This content is processed solely for the purpose of providing the Service. We do not claim ownership over your content.

3.3 Information collected automatically

When you use the Service, we automatically collect:

  • IP address
  • Device information
  • Browser type
  • Operating system
  • Pages visited and interactions
  • Date and time of access
  • Usage events (e.g. page views, sign-ups, checkout events, purchases)

4. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and operate the Service
  • To create and manage user accounts
  • To process payments and subscriptions
  • To deliver customer support
  • To improve platform performance and user experience
  • To detect fraud, abuse, or security issues
  • To send transactional communications (e.g. account or billing emails)
  • To send marketing communications (where legally permitted)

5. Legal Basis for Processing (GDPR)

  • Contractual necessity: to provide access to the Service
  • Legal obligations: accounting, tax, and compliance requirements
  • Legitimate interest: security, fraud prevention, service improvement
  • Consent: marketing communications, cookies, and tracking technologies where required

6. Payments

Payments are processed securely via Stripe. We do not store or have access to full credit card details. Stripe acts as a third-party payment processor and handles payment information according to its own privacy policy.

7. Third-Party Services

We use third-party service providers to operate the Service, including:

  • Analytics providers (e.g. Google Analytics)
  • Advertising platforms (e.g. Meta Pixel)
  • Payment processors (e.g. Stripe)
  • Email service providers (e.g. Resend)
  • Hosting and infrastructure providers (VPS hosting, databases, and cloud storage such as S3)
  • Affiliate tracking systems (cookie-based attribution with 12-month duration)

These providers may process personal data on our behalf under their own privacy policies and/or data processing agreements.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for essential functionality, analytics, marketing, and affiliate tracking. Where required by law, we request your consent via a cookie consent banner before activating non-essential cookies.

You may control or disable cookies through your browser settings. See our Cookie Policy for full details.

9. Data Retention

We retain personal data only for as long as necessary:

  • Account data: while the account remains active + up to 90 days after deletion
  • Transaction data: up to 10 years (legal/tax obligations)
  • Analytics data: limited retention depending on provider settings
  • Support communications: up to 12–24 months

After retention periods, data is deleted or anonymized.

10. Data Deletion

You may request deletion of your account at any time. Upon deletion:

  • Your personal data is removed or anonymized within 30–90 days
  • Certain data may be retained where required by law (e.g. financial records)

11. Your Rights (GDPR)

If you are located in the EEA or other applicable jurisdictions, you have the following rights:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request deletion of your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise your rights, contact: hello@escalium.io

12. International Data Transfers

Your data may be processed outside the EEA, including in the United States or other countries where our service providers operate. When we transfer data internationally, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

13. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encrypted passwords
  • Secure hosting infrastructure
  • Access controls and authentication systems
  • Secure storage systems (including S3-based storage)
  • Monitoring for unauthorized access or abuse

However, no system is completely secure, and we cannot guarantee absolute security.

14. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify:

  • Affected users, and
  • Relevant supervisory authorities, as required by GDPR

15. Children's Privacy

The Service is not directed to individuals under 16 years of age. We do not knowingly collect personal data from children under this age. If we become aware of such data collection, we will delete it promptly.

16. Affiliate Tracking

We use affiliate tracking cookies to attribute referrals and conversions. These cookies use last-click attribution, have a duration of up to 12 months, and may be set by our affiliate system when users interact with referral links.

17. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated “Last updated” date. If changes are significant, we may notify users via email or in-app notification.

18. Contact

If you have any questions about this Privacy Policy or your data, contact us at: hello@escalium.io

© 2026 Escalium. All rights reserved.