Privacy Policy

This Privacy Policy sets out how Dreadsense Labs processes personal data in connection with its software products and the website operated at labs.dreadsense.com.

1. Identity of the Data Controller

The data controller responsible for the processing of personal data described in this Privacy Policy is Curt Alin-Evin Persoană Fizică Autorizată, a sole proprietorship duly registered in Romania (the "Controller", "we", "us", or "our"), operating under the trade name "Dreadsense Labs". Full identification details are provided in Section 11.

2. Scope and Application

This Privacy Policy applies to (i) all software applications developed and distributed by the Controller under the Dreadsense Labs brand (collectively, the "Software"), and (ii) the website accessible at labs.dreadsense.com (the "Website"). It governs the collection, use, disclosure, retention, and protection of personal data within the meaning of Regulation (EU) 2016/679 (the "GDPR") and applicable Romanian law, including Law No. 190/2018.

3. Personal Data Processed by the Software

The Software is designed to operate entirely on the user's device. The Controller does not collect, transmit, store, or otherwise process any personal data through the Software. Specifically, the Software does not transmit telemetry, usage analytics, diagnostic information, crash reports, device identifiers, or any other personal data to the Controller or to any third party engaged by the Controller.

The Controller does not operate user accounts and does not maintain any server-side database of Software users. Accordingly, no Internet Protocol (IP) addresses, hardware identifiers, or comparable identifiers are logged on infrastructure controlled by the Controller in connection with the use of the Software.

4. Personal Data Processed via the Website

The Website is a static informational resource. It does not set cookies, does not employ analytics or tracking technologies, and does not display third-party advertising.

For the purpose of presenting the Website with consistent typography, web fonts are requested from Google Fonts. As a result, when a user accesses the Website, the user's browser issues HTTP requests to fonts.googleapis.com and fonts.gstatic.com. Such requests may include the user's IP address and may be logged by Google LLC in accordance with its own privacy practices. Users who do not wish for such requests to be made may prevent them through appropriate browser configuration.

5. Distribution Through the Microsoft Store

The Software is distributed through the Microsoft Store, operated by Microsoft Corporation ("Microsoft"). When a user installs or uses the Software via the Microsoft Store, Microsoft may collect certain personal data on its own behalf, including but not limited to installation events, diagnostic information, and Store interaction data. Such processing is carried out by Microsoft as an independent controller and is governed exclusively by the Microsoft Privacy Statement. The Controller does not have access to such data in identifiable form and exercises no control over the processing carried out by Microsoft.

6. Personal Data Provided Through Correspondence

Where a user contacts the Controller by electronic mail at contact@labs.dreadsense.com, the Controller will receive the contents of the message together with the sender's email address and any other personal data the sender voluntarily includes. Such data are processed solely for the purpose of responding to the inquiry and managing any resulting correspondence.

The legal basis for this processing is Article 6(1)(b) GDPR, where the correspondence relates to a request made prior to or in the performance of a contract, or Article 6(1)(f) GDPR, on the basis of the Controller's legitimate interest in responding to inquiries directed to it. Personal data processed under this Section are retained for the duration necessary to address the matter and for a reasonable period thereafter, after which they are securely deleted.

7. Recipients and International Transfers

The Controller does not share personal data with third parties, except (i) with Microsoft in the context described in Section 5, (ii) with providers of essential infrastructure services (such as electronic mail and web hosting) acting as processors on behalf of the Controller and bound by appropriate contractual obligations, and (iii) where required by law or competent authority. Where personal data are transferred outside the European Economic Area, such transfers are made on the basis of an adequacy decision or appropriate safeguards as required by Chapter V of the GDPR.

8. Data Subject Rights

Subject to the conditions set forth in the GDPR, data subjects have the right to: (a) obtain confirmation as to whether their personal data are being processed and access such data; (b) request the rectification of inaccurate data; (c) request the erasure of their data ("right to be forgotten"); (d) request the restriction of processing; (e) object to processing; (f) receive their data in a structured, commonly used, and machine-readable format (right to data portability); and (g) withdraw consent at any time, where processing is based on consent, without affecting the lawfulness of processing carried out prior to the withdrawal.

Requests to exercise any of the above rights may be addressed to the Controller using the contact details provided in Section 11. Data subjects also have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal — ANSPDCP), dataprotection.ro.

9. Children

The Software and the Website are not directed at, nor intended for use by, children under the age of sixteen (16). The Controller does not knowingly collect personal data from minors. Where the Controller becomes aware that personal data of a minor have been provided without verifiable parental consent, such data shall be deleted without undue delay.

10. Amendments

The Controller reserves the right to amend this Privacy Policy from time to time in order to reflect changes in applicable law or in its processing activities. Material amendments shall be communicated by updating the "Last Updated" date set out at the top of this Privacy Policy and, where appropriate, by an announcement on the Website. The current version of this Privacy Policy is available at all times at labs.dreadsense.com/privacy.html.

11. Contact and Identification of the Controller

Inquiries concerning this Privacy Policy or the processing of personal data by the Controller may be addressed in writing to the contact details set out below.