Privacy Policy

Effective Date: 21st January 2026
Last Updated: 21st January 2026

Smooth OÜ (“Company,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website at smoothapp.co (the “Website”) and our mobile application Zero Station & PhotoTag (the “App”), together referred to as the “Services.”

If you do not agree with the terms of this Privacy Policy, please do not access or use the Services.

1. Information we collect

We may collect the following categories of information when you use the Services:

Personal identifiers: Name, email address, phone number, postal address, username, and similar identifiers you provide when creating an account, contacting us, or subscribing to communications.
Account and profile data: Passwords, profile details, preferences, and any content you submit (e.g., feedback, support requests).
Usage data: Information about your interactions with the Services, such as pages or screens viewed, features used, time and date of visits, session duration, and clicks.
Device and technical data: IP address, device type, operating system, browser type, app version, language, and other technical identifiers.
Location data: Approximate or precise location (if you grant permission in your browser or device settings).
Cookies and similar technologies: Data collected via cookies, web beacons, SDKs, and similar technologies on the Website and in the App.
Third‑party data: Information from third‑party services you connect or interact with through the Services (for example, analytics providers, sign‑in providers, or payment processors), subject to their own privacy policies.

You may decline to provide certain information, but this may limit your ability to use some features of the Services.

2. How we use your information

We use the information we collect for the following purposes:

Providing and maintaining the Services: Operating, hosting, troubleshooting, and improving the Website and App, and enabling core features.
Account management: Creating and managing user accounts, authenticating logins, and providing customer support.
Communications: Sending transactional messages (e.g., service notifications, security alerts), and responding to your inquiries or feedback.
Personalization: Tailoring content and features, remembering your preferences, and enhancing user experience.
Analytics and performance: Monitoring usage, measuring performance, and understanding how users interact with the Services to improve them.
Marketing (where permitted): Sending promotional communications about products, services, or features we think may interest you, in line with your preferences and applicable law.
Security and fraud prevention: Detecting, preventing, and responding to security incidents, fraudulent activity, and abuse.
Legal compliance and enforcement: Complying with legal obligations, resolving disputes, and enforcing our terms and policies.

We will only process personal data where we have a legal basis to do so, such as your consent, performance of a contract, compliance with legal obligations, or our legitimate interests, as required by applicable law (e.g., GDPR).

3. Legal bases (EEA/UK users)

If you are located in the European Economic Area or the United Kingdom, our legal bases for processing your personal data typically include:

Consent: For placing certain cookies, sending certain marketing communications, or accessing device features where consent is required.
Contract: To provide the Services you request and to fulfill our contractual obligations to you.
Legitimate interests: To improve and secure the Services, prevent fraud, and personalize your experience, where these interests are not overridden by your rights.
Legal obligation: To meet legal and regulatory requirements, such as record‑keeping or responding to lawful requests.

We may share your information in the following situations:

Service providers: With trusted third parties that perform services on our behalf, such as hosting, analytics, customer support, email delivery, and payment processing, under appropriate confidentiality and data‑protection agreements.
Business transfers: In connection with or during negotiations of any merger, sale of company assets, financing, acquisition, or similar transaction, where user information may be transferred as a business asset.
Legal and safety: When required by law or in response to valid legal requests (e.g., subpoenas, court orders), or when we believe disclosure is necessary to protect the rights, property, or safety of us, our users, or others.
With your consent: When you instruct us to share your information, or when you otherwise consent or direct us to do so, including via integrations with third‑party services.

We do not sell personal information in the conventional sense, but we may allow certain partners to collect information about your activities for interest‑based advertising or analytics, subject to your choices and applicable law (e.g., “sale” or “sharing” under some state privacy laws).

5. Cookies and tracking technologies

We use cookies, mobile SDKs, and similar technologies to:

Remember your preferences and settings
Keep you signed in
Understand how you use the Services
Personalize content and measure the effectiveness of campaigns

You can usually configure your browser to refuse cookies or alert you when cookies are being sent. Some mobile operating systems also provide controls over tracking and ad identifiers. If you disable cookies or certain device permissions, some features of the Services may not function properly.

Where required, we will obtain your consent before using non‑essential cookies or similar technologies.

6. Data retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including to comply with legal, accounting, or reporting obligations, or to resolve disputes and enforce our agreements.

When we no longer need your information, we will delete or anonymize it, or, if this is not possible (for example, because your data is stored in backup archives), securely store your information and isolate it from further processing until deletion is possible.

7. International data transfers

Your information may be stored and processed in countries other than where it was collected, including countries that may have different data‑protection laws than your jurisdiction.

Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses or other lawful transfer mechanisms, and take steps to ensure your information receives an adequate level of protection.

8. Data security

We use reasonable technical and organizational measures to protect your information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include encryption, access controls, and regular security reviews.

However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

9. Your rights and choices

Depending on your location and applicable law, you may have some or all of the following rights regarding your personal information:

Access: Request confirmation of whether we process your personal data and obtain a copy.
Rectification: Request that we correct incomplete or inaccurate information.
Deletion: Request that we delete your personal data in certain circumstances.
Restriction: Request that we restrict processing of your personal data under specific conditions.
Objection: Object to processing based on legitimate interests or to direct marketing.
Data portability: Request a copy of your data in a structured, commonly used, and machine‑readable format where technically feasible.
Withdraw consent: Where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

You can exercise these rights by contacting us using the contact details in the “Contact us” section below. We may need to verify your identity before responding.

You can also:

Opt out of marketing emails by using the unsubscribe link in those emails.
Adjust cookie and tracking preferences through your browser, device settings, or any consent tools we provide.

Residents of certain jurisdictions (such as the EEA, UK, or some U.S. states) may have additional rights or appeal options under local law.

10. Children’s privacy

The Services are not directed to children under the age of 13 (or other age as defined by local law), and we do not knowingly collect personal information from children.

If we learn that we have collected personal information from a child without appropriate consent, we will take reasonable steps to delete that information. If you believe a child has provided us with personal information, please contact us.

11. Third‑party services and links

The Services may contain links to third‑party websites, services, or apps that are not operated by us..

This Privacy Policy does not apply to those third‑party properties, and we are not responsible for their content, privacy practices, or policies. You should review the privacy policies of any third‑party services you access.

12. Mobile app permissions

The App may request certain permissions from your device, such as access to location, camera, photos, microphone, notifications, or storage, in order to provide specific features.

You can manage these permissions in your device settings. Denying or revoking permissions may limit certain App functionalities.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

When we make changes, we will revise the “Effective Date” at the top and, where required by law, notify you by prominent notice (such as posting on the Services or sending you a communication) and obtain your consent if required.

14. Contact us

If you have any questions or concerns about this Privacy Policy or our privacy practices, or if you wish to exercise your rights, please contact us at: hello@smoothapp.co

Company: Smooth OÜ
Email: hello@smoothapp.co