Privacy Policy

At MacPaw, We care about the privacy of Your data and are committed to protecting it.

This Privacy Policy is an integral part of the Terms of Use of Setapp and explains what information MacPaw Way Ltd, a company operated in Cyprus under company registration number 428214, and/or its affiliated companies (collectively, “MacPaw”, “we”, “our” or “us”) collect about You during Your use of Setapp and Site as defined below.

Setapp is a subscription-based platform for macOS, iPadOS and/or iOS* devices that allows You to access and download computer and/or mobile applications (“Developer Content”) from third-party developers (“Developers”) ( Setapp as a platform by itself - “Product”, “Setapp”).

*Please note that Setapp’s functionality and apps availability may differ depending on your region. For example, only users in the EU can download apps directly on iOS devices.

In this Privacy Policy, We explain why We collect the information framed herein, what We do with that information, and how We handle that information. We’ll also explain what choices You have with respect to the information.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY DOWNLOADING OR USING SETAPP, HAVING A JOURNEY THROUGH SITE, YOU AGREE TO BE LEGALLY BOUND BY THIS POLICY AND ALL TERMS INCORPORATED HEREIN BY REFERENCE. IF YOU DO NOT AGREE TO THIS POLICY, WE REQUEST YOU NOT TO DOWNLOAD OR USE SETAPP, AND NOT TO USE SITE.

• Setapp, including the associated Setapp macOs, iPadOS and/or iOS applications (collectively, the “Services”);
• Site setapp.com;
• Other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with Setapp.

If you do not agree to the terms, do not access or use Setapp or Site. The data controller of your personal information during the use of Site, Setapp and Services is MacPaw Way Ltd. The data controller of your personal information during the use of the Developer Content is the respective Developer.The use of Developer Content is governed by separate privacy notices applicable to Developer Content that govern the Developer Content’s use of your personal data. You should review such additional privacy statements before using any Developer Content.

The policy does not apply to third-party services. Where third party services are used, and the third party is not a Data Processor, no Personal Data (as defined below) is shared with them, or the Personal Data has been anonymised such that the Privacy Laws do not apply. Information collected by third parties is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.

This Privacy Policy is applicable when:

• You are using Setapp and Services;
• You are entering and using Site;
• You are registering and then logging into your Account;
• You provide your personal details to us in another way for communication purposes (e.g., by making a request of any type, etc.).

You are not legally required to provide us with Your personal data. If you do not wish to provide us with your personal data, or to have it processed by us, Developers, or any of our Service Providers (as defined below), please do not provide it to us and avoid any interaction with us or with our Product.

Capitalized terms used in this Policy and not otherwise defined shall have the meanings provided below:

Personal Data or Personal Information in this Privacy Policy means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or de-identified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.

Special Categories of Data means Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data and data concerning health or a person’s sex life or sexual orientation. By default, the Special Categories of Data are not processed in any way by Setapp, Services or Site.

Processing/Processed means any operation on personal data, whether automated or not.

Privacy Laws means all applicable laws, legal requirements, and self-regulatory guidelines and principles relating to privacy, data security, and Personal Data and similar applicable consumer protection laws, including with respect to the receipt, collection, compilation, use, storage, processing, sharing, safeguarding, security, disposal, destruction, disclosure or transfer of Personal Data and any and all applicable laws governing breach notification in connection with Personal Information. As used in this Agreement, “Privacy Laws” shall include the California Consumer Privacy Act, General Data Protection Regulation and the rules and regulations promulgated thereunder, and applicable state laws.

We may collect personal data directly from an individual or automatically when an individual interacts with Setapp, Services, Site. We may also collect personal data from other sources and third parties, even before our first direct interaction with You.

The processing of your data is either based on:

• your consent,
• in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract (“Contractual Necessity”),
• based on legitimate interest (e.g. to understand how Setap, Services, Site are used and how Our campaigns are performing, and gaining insights which help Us dedicate our resources and efforts more efficiently; in marketing, advertising and selling our services; providing customer service and technical support; and protecting and securing our users, ourselves and our Product, including in cases of necessity - to exercise, establish or defend legal claims);
• to comply with our legal obligations

(cf. General Data Protection Regulation (Regulation (EU) 2016/679) art. 6(1)(a)-(b), (f); or similar provisions in other applicable Privacy Laws).

If the processing is based on your consent, you may at any time withdraw your consent by contacting us or using special interface features designed for that.

Our activities are not aimed at children under 13 years. We do not knowingly collect information from children under the age of 13. If you have not reached the age limit, do not use the functionality of Setapp, Services, Site and do not provide us with your personal information.

If you are a parent of a child below the age limit and you learn that your child has provided MacPaw with personal information, please contact us at [email protected] and insist on exercising your rights of access, correction, cancellation and / or opposition.

If you are a resident of California and are under 18 years of age and wish to erase publicly available content, please contact us at [email protected].

Payment information provided by you via Setapp, Services, Site will be stored and processed by third-party payment service providers as designated by us from time to time. We will collect certain information on the Site, via Setapp and Services, those are required for such third-party payment services providers to process payments, including credit/debit card numbers, security numbers and other related payment information.

All such information is subject to the privacy policy of such third-party payment service providers as applicable.

We use information processed from Setapp to respond to users’ requests. We do not sell, rent, lease, trade or share users’ personal information other than as outlined in this Privacy Policy. When you provide us with your personal information or otherwise choose to sign up to receive email communications from us, we will use that information to send those communications to you. Individuals may “opt out” of receiving email communications through links available on emails received or by contacting us.

Where we act as the controller of the data, such as where we use personal information for MacPaw’s own independent purpose of the activity, we will retain your information for the necessary period of time that it serves the purpose for which it was originally processed or subsequently authorised and in accordance with applicable law. Namely, but not exclusively, we retain Your data to maintain and expand our relationship and provide you with our services and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our internal policies and applicable laws.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements.

We delete, block or anonymize the personal data of the data subject as soon as the purpose of the storage is fulfilled.

We use data centers that store Setapp, Services, Site and databases, IT service providers that maintain our systems, and consulting companies. Therefore, for the date of acceptance of the Terms of Use and acknowledgment of this Privacy Policy by You, the information submitted to MacPaw can be transferred to, processed, and stored in the United States of America, the countries of the European Union and Ukraine. Data stored and processed by MacPaw may sometimes be moved between these zones (in a secure manner). If you post or transfer any information to or through our Product, you are agreeing to such information, including Personal Data, being hosted and accessed in the United States of America; the countries of the European Union and Ukraine.

MacPaw may use services of other providers that are partly located in third countries (outside the European Union or the European Economic Area). Where this is the case, and there is no adequacy decision for these countries, MacPaw undertakes to take appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses in force at the time of transfer of data, or binding internal data protection regulations.

If a third country transfer is provided for and no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it, and that enforceability of your data subject rights cannot be guaranteed.

However, we will always take steps to ensure that any international transfer of personal data is carefully managed to protect your rights and interests. Data transfers to service providers and other third parties are protected by contractual obligations and, where appropriate, by other guarantees, such as standard contractual terms issued by the European Commission or certification schemes.

We may transfer our email addresses to Developers only after receiving your consent for such a transfer. In all other situations, we do not disclose Your personal information to Developers. For example, you can log in to Developers’ websites with your Setapp account. Developers will receive your personal data only when you have consented to sharing your personal data with them, i.e., authorise them to access your data at Setapp.

We engage selected third-party companies and individuals to perform services on our behalf or complementary to our own. Such service providers include hosting and server co-location services, data security services, contract, billing and payment processing services, fraud detection and prevention services, web and product analytics, e-mail distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, hosting services, e-mail, voicemails, support, enablement and customer relation management systems, and our legal, financial and compliance advisors (collectively, “Service Providers“). Our Service Providers may have access to personal information, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use the data as determined in our agreements with them.

As for now the following Service Providers are engaged:

You may choose to integrate Setapp with third-party services or applications. The provider of this integrated third-party service may receive certain Personal Data about your use of Setapp and Services, or share certain Personal Data from your account on the third-party provider’s service with Setapp, depending on the nature and purpose of such integration. This could include your personal data. We will take care of such your data and store it securely.

We may disclose or allow government and law enforcement officials access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that:

(a) we are legally compelled to do so;
(b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or
(c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.

We may share personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of Setapp, Services, Site, any of our users, or any members of the general public.

We may share personal data internally within our group, for the purposes described in this Privacy Policy. In addition, should MacPaw or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, personal data may be shared with or transferred to the parties involved in such an event. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the event of insolvency, bankruptcy or receivership.

For the avoidance of doubt, MacPaw may share personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable and anonymous. We may transfer, share or otherwise use non-personal and non-identifiable data at our sole discretion and without the need for further approval.

When You give Us personal data, We take steps to make sure that it’s treated securely.

Non-sensitive details (Your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while We strive to protect personal data, We cannot guarantee the security of any personal data users transmit to Us, and You do so at Your own risk. Once We receive personal data, We make Our best effort to ensure its security on Our systems.

We use industry-standard encryption to protect personal data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology.

Once We receive personal data, We protect it on Our servers using a combination of technical, physical, and logical security safeguards.

The MacPaw takes the security of Your personal data very seriously and works to protect Your personal data from loss, misuse and unauthorised access or disclosure.

Setapp and Site uses cookies and similar technologies in our Site and Services that help us collect Location Information, Log data, Device information, Setapp and Site Specific Data. The Site and Services may also include cookies and similar tracking technologies of third parties, which may collect Other Information about you via the Site and Services and across other webSite and online services. For more details about how we use these technologies, please see our Cookie Policy.

We engage in service and promotional communications, through e-mail.

We may contact you with important information regarding Setapp, Services, Site. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Services or Setapp, Site, billing issues (if applicable), subscription notices, etc. You can typically control your communications and notifications settings from settings of Setapp, or otherwise in accordance with the instructions included in the communications sent to you. Please note that you will not be able to opt out of receiving certain service communications which are integral to your use (like subscription details).

We may also notify you about new features, additional offerings, events, special opportunities or any other information we think you will find valuable, as our user in case you provided us your email to receiving such promotional communications. We may provide such notices through e-mail, or through the Product.

If you do not wish to receive such promotional communications, you may notify MacPaw at any time by following the “unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” instructions contained in the promotional communications you receive.

We acknowledge that You have the right to access Your personal information, and We work to manage your inquiries in an appropriate way. Your rights are as follows:

• You may request to access, correct, update or request deletion of your personal information based on information collected from accessing Product.
• You may request additional information related to the purposes for which MacPaw processes your personal information, the categories of personal information we process, where we originally collected the information, who MacPaw shares it with, and how long MacPaw will retain it.
• You may object to the processing of your personal information, request that MacPaw restricts the processing of your personal information or request portability.
• You have the right to opt-out of email communications we send you at any time. You can do so by clicking the “unsubscribe” or “opt-out” link in the communicational emails we send you, including MacPaw’s newsletter. Where we have collected and processed your personal information with your consent, you can withdraw your consent at any time. However, withdrawing your consent will neither affect the lawfulness of any processing MacPaw conducted prior to your withdrawal nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• Upon your request, and where it is technically feasible, we will provide you with a copy of your personal data or transmit it directly to another controller.
• You have the right to submit a complaint to a data protection authority about the collection and use of your personal information.

To make a request please email MacPaw at [email protected] with “Personal Data Request” in the subject line, and provide us with full details in relation to your request, including your contact information and any other detail you feel is relevant. We will provide a response to an access request within 30 days of receiving such request with respect to the personal information we hold or if we cannot, we will notify you and provide you with the reason for the delay.

You may have other rights as may be provided by the applicable legislation.

MacPaw is required by law to verify that any request submitted was made by someone with the legal right to access the data. Therefore, prior to providing any information pursuant to a data subject access request, MacPaw may request that you provide MacPaw with additional information in order for MacPaw to verify your identity and legal authority.

All breaches will be reported to the relevant supervisory authority within 72 hours after becoming aware of such breaches if such breach has a risk to the rights and freedoms of natural persons, and unless the data was anonymised or encrypted.

Breaches of this Privacy Policy by staff, contractors, officers of MacPaw will be dealt with under MacPaw’s grievance and disciplinary policy and may lead to a disciplinary sanction.

We will communicate the personal data breach to you when the data breach is likely to result in a high risk to the rights and freedoms of natural persons.

If MacPaw learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice in the Product. Depending on where you live, you may have a legal right to receive such notices in writing.

You have a right to report grievances related to privacy with your local data privacy supervisory authority.

We ask you firstly to contact us directly via [email protected] in case you have any questions, comments, or concerns connecting with your data handling by MacPaw.

In Cyprus this is the Commissioner for personal data protection who can be reached at https://www.dataprotection.gov.cy, or contacted by phone number +357 22 818 456 or via email [email protected].

We may need to update this Privacy Policy to keep pace with changes in Setapp, Services, Site, activities, and laws applicable to Us and You. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Privacy Policy. We recommend that you periodically check the Privacy Policy of Product to stay informed of any changes.

Please note that your continued use of the Product after any change means that you agree with, and consent to be bound by, the new Privacy Policy.

If you disagree with any changes in this Privacy Policy and do not wish your information to be subject to it, you will need to stop using the Product.

You can contact Us anytime through the contact data provided in this Privacy Policy.

If you have questions or comments about this Privacy Policy or if you receive any unwanted, unsolicited e-mail sent by MacPaw or purporting to be sent via MacPaw, please contact us directly via [email protected].