EavesEaves
Privacy Policy
This Privacy Notice for Almaden Software OÜ ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your information when you use our services ("Services"), including when you download and use our mobile application, Eaves, or any other application of ours that links to this Privacy Notice.
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions, contact us at support@lockedin.software.
Summary of key points
- What information do we process? Eaves has no accounts, no analytics, no advertising, and no tracking. The only personal data processed is what's needed to deliver and restore the one-time in-app purchase, handled by Apple and RevenueCat.
- Do we process sensitive information? No.
- Do we collect information from third parties? No.
- How do we process your information? Only to provide and restore your purchase, for security and fraud prevention, and to comply with law.
- How do we keep your information safe? We use reasonable technical and organizational measures, though no system is 100% secure.
- What are your rights? Depending on where you live, you may have rights to access, correct, or delete your data.
1. What information do we collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We do not require an account and collect no personal profile. The only information you provide directly is what you choose to include if you contact us for support (for example, your email address and the contents of your message).
Sensitive Information. We do not process sensitive information.
Payment Data. When you make the in-app purchase, payment is processed entirely by Apple through the App Store. We never receive or store your payment card number or security code. Our payments provider, RevenueCat, receives only the resulting transaction receipt (not your card details). You may review their privacy notices here: apple.com/legal/privacy and revenuecat.com/privacy.
Information automatically collected
In Short: A small amount of technical data is collected by our payments provider when you make a purchase. We run no analytics.
We do not use cookies, advertising identifiers, or analytics, and we do not collect your IP address, browser data, precise location, or browsing activity. The only data collected automatically is:
- Purchase technical data. Collected automatically by our payments provider, RevenueCat, when you make or restore the in-app purchase: device type, operating system, and last-seen time. Used only to deliver, validate, and restore your purchase.
2. How do we process your information?
In Short: We process your information to provide and restore your purchase, for security and fraud prevention, and to comply with law.
- To deliver and facilitate delivery of services to the user. To provide the unlocked features you purchased.
- To fulfill and manage your orders. To process and restore the in-app purchase made through the Services.
- To protect our Services. To keep our Services safe and secure, including fraud monitoring and prevention.
- To comply with law. Where required for legal, tax, or accounting obligations.
3. What legal bases do we rely on to process your information?
In Short: We only process your personal information when we have a valid legal reason to do so.
If you are located in the EU or UK, we rely on the following legal bases:
- Performance of a Contract (Art. 6(1)(b)) — to deliver, validate, and restore the purchase you requested.
- Legitimate Interests (Art. 6(1)(f)) — to validate receipts and prevent fraudulent or abusive purchases.
- Legal Obligations (Art. 6(1)(c)) — to comply with tax, accounting, and other legal requirements.
We do not rely on consent, and we do not carry out any automated decision-making or profiling.
If you are located in Canada, we process your information on the basis of your express or implied consent, which you may withdraw at any time, and in the limited circumstances permitted by PIPEDA.
4. When and with whom do we share your personal information?
In Short: We share information only with the service providers needed to deliver your purchase.
We share data with third-party service providers only to perform services on our behalf under a written contract. They cannot use your information for their own purposes. The parties we share with are:
- Invoice and billing: Apple
- In-app purchase & entitlement management: RevenueCat
We may also share information in connection with a business transfer — any merger, sale of company assets, financing, or acquisition of all or a portion of our business.
5. Is your information transferred internationally?
In Short: We may transfer, store, and process your information in countries other than your own.
Our payments provider's servers are located in the United States. If you are in the EEA, UK, or Switzerland, your information may be transferred to and processed in the United States.
European Commission's Standard Contractual Clauses: we rely on the EU Standard Contractual Clauses (and the UK International Data Transfer Addendum) for these transfers. The relevant Data Processing Agreement is available here: revenuecat.com/dpa.
6. How long do we keep your information?
In Short: We keep your information only as long as necessary.
We keep purchase data for as long as necessary to provide and support your in-app purchase (including restoring it), and to meet applicable legal, tax, and accounting obligations — after which it is deleted or anonymized.
7. How do we keep your information safe?
In Short: We use organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect your personal information. However, no electronic transmission or storage can be guaranteed to be 100% secure.
8. Do we collect information from minors?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18, nor do we knowingly sell such personal information. If you become aware of any data we may have collected from a minor, please contact us at support@lockedin.software and we will take reasonable measures to delete it.
9. What are your privacy rights?
In Short: Depending on where you live, you may have rights that give you greater access to and control over your personal information.
In some regions (like the EEA, UK, Switzerland, and Canada), you have rights under applicable data protection laws — including the right to (i) request access and obtain a copy of your personal information, (ii) request rectification or erasure, (iii) restrict processing, (iv) data portability, and (v) object to processing. To make a request, use the contact details in "How can you contact us about this notice?" below.
If you are in the EEA or UK and believe we are unlawfully processing your personal information, you may complain to your Member State data protection authority or the UK ICO. In Switzerland, you may contact the Federal Data Protection and Information Commissioner.
10. Controls for do-not-track features
Because no uniform technology standard for recognizing Do-Not-Track (DNT) signals has been finalized, we do not currently respond to DNT browser signals. (Eaves is a mobile app and performs no web tracking regardless.)
11. Do United States residents have specific privacy rights?
In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have rights to access, correct, delete, or obtain a copy of your personal information.
Categories of personal information we collect
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Online identifier (anonymous app user ID) | NO* |
| B. California Customer Records | Name, contact, financial information | NO |
| C. Protected classification characteristics | Age, race, gender, demographic data | NO |
| D. Commercial information | Transaction information and purchase history | YES |
| E. Biometric information | Fingerprints, voiceprints | NO |
| F. Internet or network activity | Browsing/search history | NO |
| G. Geolocation data | Device location | NO |
| H. Audio, electronic, sensory data | Recordings | NO |
| I. Professional or employment information | Work history | NO |
| J. Education information | Student records | NO |
| K. Inferences | Profiles about preferences | NO |
| L. Sensitive personal information | — | NO |
* An anonymous app user ID is generated by RevenueCat and disclosed to it as part of processing your purchase; it is not collected from you and cannot be linked to your identity.
Your rights
You have the right to know whether we process your personal data, to access it, to correct inaccuracies, to request deletion, to obtain a copy, to non-discrimination for exercising your rights, and to opt out of targeted advertising, sale of personal data, or profiling. We do not sell or share personal data, do not use it for targeted advertising, and do not profile.
How to exercise your rights
To exercise these rights, visit https://lull.lockedin.software/data-requests or email support@lockedin.software. We will verify your identity before acting on your request. If we decline, you may appeal by emailing the same address; if your appeal is denied, you may contact your state attorney general.
California "Shine the Light" law
California Civil Code Section 1798.83 permits California residents to request information about personal information disclosed to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.
12. Do other regions have specific privacy rights?
Australia
We collect and process your personal information under Australia's Privacy Act 1988. You have the right to request access to or correction of your personal information, and to complain to the Office of the Australian Information Commissioner.
13. Payments processor and data processor (RevenueCat)
We use RevenueCat, Inc. as our in-app purchase and entitlement management provider. RevenueCat acts as our data processor under a Data Processing Addendum (available at revenuecat.com/dpa) and processes the following information on our behalf solely to deliver, validate, and restore your purchase: device type, operating system, last-seen time, and your Apple transaction receipt. RevenueCat identifies you only by a randomly generated anonymous app user ID — we have no way to link this to your name, email, or real-world identity. RevenueCat stores this data on Amazon Web Services servers in the United States. For users in the EEA and UK, this transfer is safeguarded by the EU Standard Contractual Clauses (Module 2, Controller-to-Processor) as set out in RevenueCat's DPA. RevenueCat does not use your data for its own purposes beyond providing services to us. For more information, see revenuecat.com/privacy. To submit a data deletion request directly to RevenueCat, contact compliance@revenuecat.com.
14. Do we make updates to this notice?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
The updated version will be indicated by an updated "Last updated" date at the top of this Privacy Notice. We encourage you to review it frequently.
15. How can you contact us about this notice?
If you have questions or comments about this notice, you may email us at support@lockedin.software or contact us by post at:
Almaden Software OÜ
Ehitajate tee 110
Mustamäe linnaosa
Tallinn, Harju maakond 13517
Estonia
16. How can you review, update, or delete the data we collect from you?
You may have the right to request access to the personal information we collect, correct inaccuracies, or delete it. To do so, visit https://lull.lockedin.software/data-requests.