Eternal Storms Software - Privacy Policy

The gist of this privacy policy:
My name is Matthias Gansrigler, I’m the developer and owner of Eternal Storms Software. I am not interested in anyone’s data (personal or otherwise), usage patterns, or anything else like that. That’s why I don’t use Cookies on these webpages and don’t have any sort of tracking mechanisms implemented in any of my apps. If an app uses your internet connection, it’s solely for the purpose of providing a certain functionality for the user of the app. Please see 3) Apps for further info.

If you have any questions, suggestions or feedback regarding anything discussed here, please feel free to mail me.

1) General Information
• The website, its domains and sub-domains are registered with, and stored by, all-inkl.com. They’re located in Germany, Europe, part of the European Economic Area (EEA)
all-inkl.com Privacy Policy
• I do not sell or give away any personal information to others and thus your data will not be disclosed to any third party unless you have consented explicitly to such a disclosure, or where there is a legal requirement for this to happen
• A "Data Processing Agreement" has been set up between and agreed to by my provider (all-inkl.com) and me (Matthias Gansrigler)
• I am not interested in users’ data, personal or otherwise. All I’m interested in is creating great, convenient software and supporting users who use it.

1.1) Websites and e-mails
• My websites consist of the following domains, maintained by all-inkl:
eternalstorms.at, blog.eternalstorms.at, screenfloatapp.com, bugtracker.eternalstorms.at, kb.eternalstorms.at
• When you send an e-mail to one of my e-mail addresses ending in any of the above’s domains, those e-mails are stored on all-inkl.com’s servers
• Because mails are stored in Germany and are subject to Germany’s “Grundgesetz” (“fundamental law”), access to mails by all-inkl.com is valid only under certain circumstances (for example, when required by law)
• I do not share eMail addresses, names, contents of eMails or any other data transferred by mail with anyone, unless when/if required by law, or if you consent to it (like forwarding information to another developer)
• I also own the domain yoink.app, registered with and maintained by dynadot; it redirects to https://eternalstorms.at/yoink

1.2) Analytics / Tracking
• I’ve disabled analytics and tracking for all my websites, I don’t have any analytics or tracking in my apps.
• I am able to see analytics information Apple provides developers with, but that is consented to by users during the setup process of a new user on macOS/iOS, which has nothing to do with me.

1.3) Cookies
• My public websites do not use cookies, but websites I link to might.

1.4) Promo Code Redemption
• When I offer promo codes for my apps (which can be redeemed on the Mac and iOS App Stores), instead of sending out just the promo code itself, I send out a link to a php script on my site: https://eternalstorms.at/redeem.php?code=<promo code>.
The website the link leads to makes it easier for users to redeem the code, because they don’t need to copy-paste the code and find the redemption page on the App Store. Instead, the website takes them there with a single click, with the promo code information already filled out.
The website uses a script that accesses a database on my site, storing the following information, and *nothing else*:
- The date the website for the code was last accessed
- The date the code redemption link was clicked, allowing me to know when a code was used and, thus, invalidated
- How often the website for the code was accessed in general, whether it was still valid or not
- Again, *no other information* is stored or even used in the script - I’m not interested in user data, I just want to offer a better service, and know when a promo code is redeemed or approaching expiration.
- You can always “opt out” of using the link by just copying the promo code out of the link, which is the combination of letters and numbers, after ?code=<promo code> in the link




2) iTunes Affiliate Links
• I’m no longer using iTunes Affiliate Links. For the sake of completion and legacy, here’s my iTunes Affiliate Links policy:
• Links to the App Store on this website and from in my apps use an iTunes Affiliate Program token, which can be obtained here.
• Affiliate links allow me to earn a little more money, by getting a small cut of the price of items purchased through these links
• The token is active for the user that clicked the link for 24 hours (stored in a cookie), meaning any purchases made within that time frame count toward my token, unless other conditions are met (please refer to the iTunes Affiliate Program Terms and Conditions for more information)
• In iTunes Affiliate Program’s Dashboard, I have access to the following information gathered via such links by Performance Horizon:
- The country where the link was clicked (i.e., ‘Austria’, ‘United States’, etc)
- The time the link was clicked
- The kind of item that was purchased (iOS app, Mac app, music, book, movie, etc)
- The campaign I assigned to that link (for example, when I use affiliate links on my blog, I use the campaign ‘blog’, or from my website, ‘website’, etc.) so I know what part of my website the link was clicked on
- I can *not* see IP addresses, Apple IDs or names, or what exactly was purchased (i.e., an app’s name, or a book’s title) — that information is inaccessible to me
• Please refer to the iTunes Affiliate Program Terms and Conditions for more information
iTunes Affiliate Program Support / Help




3) Apps
This section contains the privacy policies for my apps.

3.1) Yoink
• No information is collected by nor transmitted to me (or third parties) when you use Yoink for Mac, iPad or iPhone, or its extensions (the keyboard, the Share/Action extension, the Today Widget and the File Provider)
• By enabling iCloud sync, your data will be synced across your devices using Apple Inc.’s iCloud services.
• iCloud offers public and private databases to developers (public are accessible by everyone, private only by the owning user - you);
Yoink uses iCloud’s private database to store its data, meaning: I have no access to that data
• You can delete Yoink for iPad and iPhone’s data from iCloud by tapping the cloud icon and selecting 'iCloud Data Reset...'
Apple Legal Information (section “iCloud Terms of Service”)

3.1.1) Yoink for iOS
• In Yoink for iOS, your internet connection is used for creating previews of websites or map locations, and for navigating to / previewing URLs stored in Yoink, downloading URLs you specify and for optional iCloud syncing between devices.

3.1.1.1) Yoink for iOS’ extensions
• Yoink’s keyboard extension requires “Full Access”, as it is called in iOS, for two reasons:
1 - To communicate with the main Yoink app (on your device)
2 - To offer drag and drop functionality
• Other functionality available to the extension because of “full access” (like using the internet connection) is not used by Yoink’s keyboard extension
• Yoink for iOS' extensions (the keyboard extension, the file provider extension, the Today Widget extension, the Action/Share extension) do not connect to the internet other than syncing to iCloud (if it’s enabled). Only Yoink’s main app does, for the reasons stated in 3.1.1.

3.1.2) Yoink for macOS
• In Yoink for macOS, your internet connection is used if you opt-in to favicon loading, for loading the Splash screen videos (from eternalstorms.at) and for previewing URLs using Quick Look.
• Yoink for Mac’s Clipboard History feature can store most of what you copy or cut for later access. It is disabled by default, has to be actively enabled by clicking onto Yoink’s widget or by activating it in its Preferences under Extensions, and can be disabled at any time there as well.
Yoink can be made to ignore cuts/copies in specific apps by the user in Preferences > Extensions, and Yoink itself attempts to ignore sensitive data with the following two methods:
1) It ignores any copied/cut content from apps that contain one of the following phrases in their name: Keychain, Enpass, 1Password, KeePass, LastPass, Password, Kaspersky, mSecure, AppLocker, Keeper Password, Passwort, oneSafe, Secrets, Strongbox, RememBear, Dashlane and Bitwarden.

2) It ignores copied content if one of the following data types is present in the current copy: com.agilebits.onepassword, org.nspasteboard.TransientType, org.nspasteboard.ConcealedType, org.nspasteboard.AutoGeneratedType (as openly suggested by developers, for developers, on http://nspasteboard.org)
If you have additional suggestions, please mail me at privacy@eternalstorms.at.
Copied items are stored locally on your Mac.
• Yoink is also available on Setapp. Setapp's Privacy Policy applies.




3.2) Transloader for Mac, iPad and iPhone
• Transloader uses an internet connection solely for the purpose of performing its functionality. No data is collected by or transmitted to me, or third parties.
• The following information is stored in your iCloud account’s private database:
- Links you add to Transloader
- A salted hash of your Macs' MAC addresses and serial numbers
- Metadata like dates, file names and Mac names
- Login cookies you agree to being stored. These cookies are saved locally on your devices you use with Transloader, and Transloader’s iCloud. And to re-iterate, no data is collected by or transmitted to me, or third parties.
• To delete all of Transloader’s iCloud data, please select ‘iCloud' in Transloader’s Preferences and click 'Delete all data...'
Apple Legal Information (section “iCloud Terms of Service”)
• Transloader is also available on Setapp. Setapp's Privacy Policy applies.



3.3) Glimpses for Mac
• Glimpses uses an internet connection to authorize with flickr and Instagram, and to download images from those services
• Because Instagram can not direct you back to Glimpses directly after authorization, I set up the process in a way that Instagram calls my website instead, which then leads you back to Glimpses on your Mac for convenience.
While the authorization token is transmitted to my provider’s server (all-inkl, see point 1) in this process to allow and complete the authorization in the Glimpses for Mac app, no information is stored or collected on the server.




3.4) ScreenFloat
• Screenshots you take are stored locally on your Mac and are not transmitted to anyone else.
• On macOS 10.15 Catalina and later, when you take your first screenshot using ScreenFloat, you’ll be prompted to give permission to record your screen.
ScreenFloat uses this permission to create screenshots when you trigger that functionality within the app. It isn’t used for anything else.




3.5) Checksums for Mac
• Checksums only access files you tell it to, whether you have “Full Disk Access” enabled in its preferences or not
• Checksums uses macOS’ built-in cksum and openssl command line utilities to create CRC, MD5, MD4 and SHA hashes. For xxHash hashes, it uses open source code publicly available here
• Checksums does not use nor require an internet connection




3.6) SiriMote for Mac
• Your internet connection is only used for the purpose of checking for updates of the app, connecting to my server eternalstorms.at. No usage-, nor any other data is transmitted to me or anyone else, other than what is necessary to fulfill the update checking request (mostly just the version number string of your copy of the app, like ‘1.0’).




3.7) BackLog for Mac
• Your internet connection is only used for the purpose of checking for updates of the app, connecting to my server eternalstorms.at. No usage-, nor any other data is transmitted to me or anyone else, other than what is necessary to fulfill the update checking request (mostly just the version number of your copy of the app, like ‘1.0’).
• Logs are reproduced directly from your Mac’s archives and may contain sensitive data. Please look over it before sharing with anyone.
• Because of the OSLogStore API, BackLog cannot run in the macOS Sandbox, but it uses the hardened runtime, and has been notarized by Apple.
• Because of the OSLogStore API, BackLog must be run from an admin user, or by running it via ’sudo’. Please use at your own discretion.
• Logs remain locally on your computer until you decide to share them, either via copy-paste, or the built-in share mechanism, which uses macOS’ built-in sharing functionality (like AirDrop, Messages, Mail). Results are discarded when you quit BackLog (temporary files might remain for a while, but are cleared out by macOS regularly).




4) Newsletter (discontinued)

• I did offer a double - opt - in newsletter, but it has since been discontinued. I decided to keep the following (points 4 and 4.1) just for informational purposes.
• The newsletter contains information about new, upcoming and updated apps, as well as other relevant information like promotions or usage tips
• My service of choice is MailChimp
You can subscribe to it here (sign-up is double-opt-in, meaning you’ll have to confirm your email address before your subscription to the newsletter is completed; link removed on purpose)
You can unsubscribe from it here (link removed on purpose because of discontinuation)

4.1) MailChimp Newsletter Service
• MailChimp Legal Information
• Subscribing and unsubscribing happens on MailChimp’s servers, located in the US
• Your email address is only used for the purpose of my newsletter
• MailChimp stores your data in the US
• Data stored by MailChimp may include your email address, date and time of signup and confirmation, your IP address and your full name
• MailChimp uses that data for analytic purposes and newsletter mailings on my behalf and may also use that data to optimize and improve their services (i.e. technical optimization of distribution and portrayal of the newsletter, or for economic reasons, to find out what countries recipients are located in)
• MailChimp does not use that data to contact subscribers themselves, nor give away any data to third parties
• I trust in the reliability and data security measures of MailChimp. They participate in the EU-U.S. “Privacy Shield”, and I’ve agreed to their “Data Processing Agreement”, an agreement wherein MailChimp agrees to secure customers’ data and process it within the bounds of their privacy policy, and - most importantly - not give away any data to third parties
• In some cases, I direct recipients of the newsletter to MailChimp’s websites (for example, the newsletter contains a link to read it online in case of issues with the email client; or if a recipient would like to correct their data; also their legal information is only reachable on their sites)
So I’d like to inform you that MailChimp uses cookies, by which personal data is processed by MailChimp, their partners and their used services. I have no influence on that collection and processing of data




5) Apple 3rd Party Program
• To 'Apple, Inc.' and ‘McShark / HAAI GmbH' employees, I currently offer Yoink for Mac for free
• For an Apple employee to activate their free copy of Yoink for Mac, they need to enter their eMail address, ending in @apple.com (or similar)
• Activation is double-opt-in, meaning you’ll have to confirm your email address before the activation is complete; the mail contains a link to delete any data from the server
• The eMail is submitted via the internet (via https) from your Mac to my provider’s server for checking and processing
• No personal information (like IP or geo location) is stored on my provider's server
• Your eMail is stored on my provider’s server only until the activation is completed within the app (at this point, the email gets removed from the database and only a salted hash of it remains), or until the activation is cancelled (at which point the entire entry is removed from the database)
• For activation purposes, a salted hash of your email (‘anonymized'), a timestamp of the activation, and the number of new activations (3 are allowed) are stored on my provider’s server; nothing else
• From time to time, this "3rd party" build of Yoink "calls home” (via https, to my all-inkl.com server) to check the validity of the email to keep the activation valid; as it’s only a check, nothing is stored in addition to what was stored during initial activation










Last update: February 22nd, 2022
- Matthias Gansrigler, Eternal Storms Software