Privacy Policy
How GeckoGuard collects, uses, and protects your information.
We minimize data collection and protect your information.
Quick Summary:
- We collect account and usage data to provide the Service
- We don't sell personal information to third parties
- You can request data deletion or export at any time
Key Definitions
1. Scope
This Privacy Policy describes how GeckoGuard ("we," "us," or "our") collects, uses, shares, and protects information when you use our Service. This Policy applies to:
- Our website and web application (geckoguard.com)
- Our API and developer services
- Any related services, tools, or features we provide
By using GeckoGuard, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Service.
2. Information We Collect
Account Information
When you create an account, we collect:
- Email address (required for authentication and communications)
- Password (stored as a cryptographically hashed value)
- Optional: Name or display name
- Account preferences and settings
Authentication Data
We store authentication-related information:
- Hashed passwords (we cannot see your actual password)
- OAuth identifiers (if you use third-party authentication)
- Session tokens and refresh tokens
- Email verification status
Usage Data
We automatically collect information about how you use the Service:
- API request logs (endpoints, timestamps, response codes)
- Feature usage and interactions
- Error logs and diagnostics
- IP addresses (for security and rate limiting)
- Browser and device information
Device Identifiers (Optional)
If you enable hardware binding features, we may collect:
- Hardware IDs (HWID) associated with license activations
- Device information provided by your end users
This data is only collected if you configure your products to use hardware binding. It is used solely to enforce license restrictions and is not used for advertising or tracking.
Cookies and Local Storage
We use cookies and local storage for:
- Session management and authentication
- User preferences and settings
- Analytics and performance monitoring
- Security features (CSRF protection, rate limiting)
3. How We Use Information
We use the information we collect to:
- Provide and maintain the Service: Process your requests, manage your account, and deliver features you use
- Security and fraud prevention: Detect and prevent abuse, unauthorized access, and security threats
- Support and communications: Respond to your inquiries, send service-related notifications, and provide customer support
- Analytics and product improvement: Understand how the Service is used, identify issues, and improve features and performance
- Legal compliance: Fulfill legal obligations, respond to legal requests, and enforce our Terms of Service
- Marketing (with consent): Send promotional emails if you opt in to our newsletter
4. Legal Bases
We process your personal information based on the following legal bases (as applicable under GDPR and similar laws):
- Contractual necessity: To provide the Service and fulfill our Terms of Service
- Legitimate interests: To improve the Service, ensure security, and prevent fraud
- Consent: For marketing communications and optional features (you can withdraw consent at any time)
- Legal obligations: To comply with applicable laws and regulations
6. Data Retention
We retain your personal information for as long as necessary to:
- Provide the Service to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Maintain security and prevent fraud
When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or security purposes. Some data, such as audit logs, may be retained longer for compliance and security reasons.
7. Security Measures
We implement industry-standard security measures to protect your information:
- Encryption: Data is encrypted in transit (TLS/SSL) and at rest
- Access controls: Limited access to personal data on a need-to-know basis
- Authentication: Strong password requirements and optional two-factor authentication
- Monitoring: Continuous security monitoring and threat detection
- Regular audits: Security assessments and vulnerability testing
- Secure infrastructure: Hosting on reputable cloud providers with security certifications
8. International Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your country.
We ensure appropriate safeguards are in place for international transfers, including:
- Standard contractual clauses approved by data protection authorities
- Service providers certified under recognized privacy frameworks
- Compliance with applicable data protection regulations
By using the Service, you consent to the transfer of your information to countries where we operate, including the United States.
9. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
Access and Portability
You can request a copy of your personal data in a machine-readable format. Contact support to submit a request.
Correction
You can update your account information at any time through your account settings. You can also request corrections to inaccurate data.
Deletion
You can delete your account and request deletion of your personal data. We will delete your data in accordance with our retention policies, subject to legal requirements.
Opt-Out of Marketing
You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in emails or updating your preferences in your account settings.
Cookie Controls
You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.
To exercise these rights, contact us at support@geckoguard.com. We will respond within 30 days, subject to verification of your identity.
10. Children's Privacy
GeckoGuard is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will delete such information upon verification.
11. Changes to this Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
Material changes will be communicated via email or through the Service at least 30 days before they take effect. The "Last updated" date at the top of this page indicates when the Policy was last revised.
Your continued use of the Service after changes become effective constitutes acceptance of the updated Policy. If you do not agree to the changes, you must stop using the Service and delete your account.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: support@geckoguard.com
For privacy-specific inquiries: privacy@geckoguard.com
We aim to respond to all privacy-related inquiries within 48 hours during business days.