This document describes how LDX Technology processes your personal data. We've tried to keep it as short as possible, while still including all the information that may be relevant to you.
How we process your data
The ARC Browser frontend stores its data locally on the device where it is installed, but there are a few ways data can be transmitted outside the device:
- When you send a crash report. The report should not contain any personally identifiable or otherwise sensitive information, but nevertheless you will still have to confirm sending each report. Crash reports are not sent automatically.
- When you download game metadata and media from online sources (known as "scraping"). In this case, information such as the selected platform and the game's filename (or the app name in the case of Android apps and games) will be transmitted to an online database to find the requested data. This information is stored for a short period of time for troubleshooting purposes, and then discarded.
- When you use the RetroAchievements integration, in which case information will periodically be sent to the RetroAchievements API to request up-to-date information about achievements for your games. The information transmitted includes the username and API key you specify in the app as well as identifiers for your games. This information is sent to third party RetroAchievements, and we have no control over how they use the data. Please visit their website if you wish to find out more or contact them.
In addition to the information above, your IP address will also be transmitted as it would be impossible to provide these services without it. The legal basis for this processing is legitimate interest.
Consulting and development
If you are a client paying for consultation and/or software development services, some of your personal data will be processed by us. This includes, at a minimum, contact information like names, e-mail addresses, postal addresses and phone numbers, but may also include other personal data as necessary depending on the business arrangement. This information is necessary for us to conduct business and fulfill our part of the business agreement.
In some cases, our processing of your personal data may be governed by specific agreements (for example, a personal data assistant agreement), in which case those agreements will take precedence over this privacy notice.
After our business relationship has ended we will retain the data for a maximum duration of one year (unless a more specific agreement says otherwise). You can of course ask us to delete your personal data at any time, as per the last section of this document. Do keep in mind that some information related to accounting and invoices may have to be kept for up to eight years in order to comply with accounting laws.
When you send an e-mail to us, that e-mail almost always contains some personal data (e-mail addresses, for example, can be considered personal data). Regardless of the type or amount of personal data in the e-mail, it will always be processed when we receive and read it. This is necessary for us to even determine what kind of personal data the e-mail contains, and thus we have a legitimate interest to do so. After reading the e-mail, it will be determined to fall into one of three categories:
- You are a consultation and/or software development client, and the e-mail contains personal data related to our business agreement. In this case it will be processed as per the previous section.
- The e-mail contains no personal data other than contact information (name, e-mail address, postal address, phone number and similar). In this case, the data will be processed and kept for up to one year after the issue addressed by the e-mail has been resolved. The reason for this is to keep track of our e-mail conversations, and to keep a history of previous conversations if you e-mail us again about a similar issue at a later date. Most e-mails that fall into this category will be requests for support or questions about our apps, and thus we have a legitimate interest in doing our best to provide the best possible service to you.
- The e-mail contains personal data other than contact information, which we don't have a defined lawful basis to process. In this case, depending on the nature of the e-mail, we will either delete it immediately or reply to you and ask for your consent to continue processing the data. If we haven't received your consent after 48 hours of asking, the e-mail will be deleted. You may of course withdraw your consent at any time.
(This information is only relevant to EU citizens)
We use services provided by Zoho (https://www.zoho.com), Cloudflare (https://www.cloudflare.com) and SpiderOak (https://spideroak.com) to process personal data. Because they are international organizations, some or all of the data may be transferred to a "third country" (which is a fancy way of saying a country outside of the EU). This does not expose your data to any additional risk though, as we have data protection agreements with all of them that ensure an adequate level of protection even outside the EU.
Other personal data
If we have to process your personal data in other ways than outlined above you will be informed of this specifically, and asked to consent if applicable.
Your rights, questions and concerns
As per the GDPR, you have certain rights regarding the processing of your personal data. Specifically, you have the right to ask us to:
If you want to excercise any of these rights, or have any other questions about the way we process personal data, please send an e-mail to email@example.com. Do keep in mind that if you don't let us process your data in accordance with this privacy notice we may not be able to provide you with some or any services.
- give you access to your personal data, in a portable data format if requested
- rectify incorrect or incomplete personal data
- delete your personal data
- restrict our processing of your personal data, or object to it
In addition to the above, you also have the right to lodge a complaint with a supervisory authority, for example if you feel like we have processed your personal data in an unlawful manner.