Privacy Policy Eraser App
Summary and general principles:
We are all about privacy. The information we store: name, email, phone, and your computers' MAC addresses (which are unique across all computers and other devices around the world) we don’t share with any third-party (except when you ask us). As an added precaution, we keep your phone and email address on our server only in encrypted form. (See also "Commitment and Enrollment in the EU-U.S. DPF (Data Privacy Framework) and UK and Swiss extensions to that framework" section later in this Policy Statement.)
Personal data stored; how we store it; what we use it for; what we have access to:
- We keep the following information unencrypted on our server:
- Your First Name, Last Name, Number of licenses used, Mac Addresses of your machines where you have installed our App: This is not provided to any third-party (nor do we allow any third-party to access this through us). We use the Mac Address only to generate license files and keys that tie a particular download of our App to your computer.
- We need to keep the MAC address of computers where you have installed our App -- even after license keys are generated and you have already activated the App on a particular computer -- because:
- If we release a new version of the App, the new version you install will need to obtain a new license file and we will need to send the MAC Address of the computer again. Since it matches one of those you already have a license for (which we could only know if we stored the MAC Address of the prior installations), installing it again will not increment your number of licenses used and you will still have the same number of licenses available.
- Your first license key is only good until your refund period expires. The app will reach out again for a new license key if it finds that the current license key has expired for a device. To reach out for a license key, as the client is locatable only by the MAC Id of the device and the email address of the client, it is necessary for us to keep this MAC Address for this reason as well.
- We keep the following information that you provide during onboarding encrypted on our server where we have access to it. (We keep it encrypted so that, in the unlikely event of a data breach on our server, malevolent actors will not be able to gain access to this information.)
- Your email address: We never give this out to any third-party; nor do we allow third parties to contact you through us by sending information to us to disseminate to you. (I.e., you will not be receiving marketing emails from any third party because you have provided us with your email.) As stated, this is kept encrypted on our server (to protect it in the unlikely event there is a breach). We use your email address to send you:
- OTPs:
- When you first sign up (onboard) with us, we send an OTP to ensure you have entered your email address correctly so that you can make use of the licenses you are about to pay for and so that we know we will be able to communicate with you with important updates...e.g., if there is a new release because the existing release will not run on a new version of OS/X or Windows; or, if there are improvements with more features, or, (unlikely) fixes due to a program flaw.
- When you download our app on a computer, the first time it executes it will send your email address and that computer's MAC address to our server. The server will only generate a license key file and send you the key for it if the email address you send matches one that still has unused licesnes AND, crucially, that the email address sent belongs to the person sending it. To that end, an OTP is sent to your email that you will need to enter each time you install our app on a new computer. You will have to enter this OTP in the App in order to obtain the license for a new computer (or existing computer if a new version of the App is installed). (Your used license count will not be incremented if installing a new version of the App on a computer that was already executing the App [as the same MAC address will be sent].)
- We will also send OTPs in other situations – e.g., if you discontinue service with us (though, we don’t know why you would ever want to do that!) and you decide to exercise your “right to be forgotten” and want your data completely removed from our server (because, we wouldn’t want anyone who didn’t like you to do that to you!), etc..
- Billing and account maintenance messages: If we haven't received your payment (or haven't received that you paid even though you had, which is possible only if our servers are down when you made the payment so our online reseller's system couldn't reach us AND when we reached out to them we couldn't verify your payment because their servers were down -- so, very rare -- we would send you an email asking you to try again later to download your license or offering you the opportunity to request a refund).
- Important App-related email to notify you of new releases available to: Fix bugs (unlikely); Enhance functionality; or, if the existing App will no longer work on a new release of the Windows or OS/X operating system.
- We are planning a maintenance outage (or have an unexpected outage) and you won’t be able to request license keys for a new computer for a period of time;
- Occasional (not more than 4 times per calendar year) mail from us announcing our new products we are coming out with or with Company news.
- Your phone number: We never give your number to any third party (and never act on behalf of any third party when using it). As stated, this is kept encrypted on our server (to protect it in the unlikely event there is a breach). We use this only to send you an OTP if you wish to change your email. For this App, it is optional to provide your phone number. If you don't, you will have no way of changing your email on file with us (because, we won't believe you if you contact us unless you also retain access to your old email where we can send an OTP for verification). Should you drop your email that is on file with us and you still have remaining licenses that you are entitled to, you will lose these and have to purchase the product again to get a new license (or to update a license you already have on an existing device). We will not use your phone number for any other purpose other than verifying your identity at your request or if you give us permission to contact you on an issue you raise from your registered email with us.
How and where we store your personal data and how we protect it:
- We use Amazon AWS as our “data processor” (a GDPR term that means they manage the server infrastructure, computers, network and disks on our behalf but do not control this information as we are the “data controller”). Our servers at AWS are protected by secure keys and only we have access to these servers. Only a small group of senior employees specifically designated has access to these servers.
- Your email and phone number are stored encrypted, but with our password (not with your password(s)) as we need access to this information for the purposes already stated. In the unlikely event of a server breach, it would be extremely difficult for a malevolent actor to gain access to this information.
- Your license keys are also encrypted in a manner that would be extremely difficult for a malevolent actor to gain access -- even in the unlikely event of a server breach.
- We intend to store all information in the United States for now until we grow our revenues to a point where having a data center in Europe, the UK or Asia makes financial sense. This means that the U.S. Government could, technically, order us to provide them with data.
We strive to protect your privacy fully and we are all about privacy. Our only revenues from our app are your subscription fees. Though we have many layers of protection – both technical and procedural – and, though we believe that we deploy maximal protections that would render it, we hope, impossible for anyone to access your data, we cannot and do not provide any guarantees and we accept no liability. Having stated this, know that we never transfer your data to any third party (other than the aforementioned use of our Data Processor: Amazon AWS where AWS has no rights to access our data). You use this app at your own risk, though with the assurance that our very reputation rests on maintaining the privacy and security of our end users’ information.
We do not collect information from those under 16 years of age. If we are made aware that a subscriber is under the age of 16 and is using our app without parental consent, we will remove that user from our servers and terminate their use of the application.
Commitment and Enrollment in the EU-U.S. DPF (Data Privacy Framework) and UK and Swiss extensions to that framework:
We commit to all of the principles and rules set forth in the EU-U.S. DPF and its UK and Swiss extensions. The link to the EU-U.S. DPF is here:
EU-U.S. Data Privacy Framework (DPF). The DPF describes the principles to which our organization subscribes. Your complaints or inquiries can be sent to us in either of the two ways mentioned below. We strive to respond to any privacy requests or complaints within 2 weeks and commit to responding to you within 30 days. If you are dissatisfied with our handling of your privacy complaint or issue, you have the right to complain to an independent arbiter to investigate complaints related to non-compliance or non-conformity to DPF principles. The U.S. FTC (Federal Trade Commission) has jurisdiction over any personal data kept by us. In the event you are dissatisfied with the way we address your issue or complaint you have the right to escalate your complaint/issue outside our organization in accordance with the following guide with associated links that outlines a series of escalating steps you may take:
EU-U.S. DPF Procedures for submitting a complaint
EU-U.S. Data Privacy Framework (DPF). The DPF describes the principles to which our organization subscribes. Your complaints or inquiries can be sent to us in either of the two ways mentioned below. We strive to respond to any privacy requests or complaints within 2 weeks and commit to responding to you within 30 days. If you are dissatisfied with our handling of your privacy complaint or issue, you have the right to complain to an independent arbiter to investigate complaints related to non-compliance or non-conformity to DPF principles. The U.S. FTC (Federal Trade Commission) has jurisdiction over any personal data kept by us. In the event you are dissatisfied with the way we address your issue or complaint you have the right to escalate your complaint/issue outside our organization in accordance with the following guide with associated links that outlines a series of escalating steps you may take:
EU-U.S. DPF Procedures for submitting a complaint
As mentioned in prior sections of this Privacy Statement, we have an obligation to disclose your personal data to lawful requests of U.S. Government authorities (but, also, we have very little of your information in this App -- your email, maybe your phone, and the MAC Address of your devices). You have the Right To Be Forgotten. For this App, to exercise this right, please write to support@tessellationsoftware.com with subject "Right To Be Forgotten" (no quotes). Our customer support will arrange a time to send you an OTP (to ensure that it is you making the request -- or, will send one to your phone if you have one on file with us). If you confirm, we will delete you and we will no longer have your email and phone and you will lose any unused licenses.
As mentioned, although we don’t transfer your data to third parties excepting for our use of Amazon AWS and FastSpring as our reseller. In both cases, we exercise precautions in accordance with our high-level expertise and do not permit Amazon to use your data for their own purposes. AWS is where our servers sit and they provide infrastructure support to us for our servers, networking, communications, etc.. Our “data processor” (AWS) has certified to the EU-U.S. Data Privacy Framework (DPF) that they adhere to the DPF principles and therefore will not use any data we store with them that they might have access to. (Their access is even more limited than ours and, as repeatedly stated, our access is extremely limited.)
We reserve the right to change this Privacy Policy at any time. For any substantive change, we will notify you via email and/or through a link in our App.
How to contact us concerning Privacy issues:
Other than in India
Via mail:
Tessellation Software LLC
58 Sylvan Road N
Westport, CT 06880-2942, U.S.A.
Via email:
Send an email to: privacy@tessellationsoftware.com with ‘Subject:’ starting with any of the following:
Tessellation Software LLC
58 Sylvan Road N
Westport, CT 06880-2942, U.S.A.
Attn: Privacy Officer
Via email:
Send an email to: privacy@tessellationsoftware.com with ‘Subject:’ starting with any of the following:
Privacy Inquiry
Privacy Request
Privacy Complaint
In India
Via email:
Send an email to:
Pravin Kulkarni (Data Protection Officer)
pkulkarni@tessellationdev.com
In the event you feel your issue is not addressed, after exhausting your avenues of addressing your concern or request with us, you have the right to send your issue to the Data Protection Board Of India
Send an email to:
Pravin Kulkarni (Data Protection Officer)
pkulkarni@tessellationdev.com
In the event you feel your issue is not addressed, after exhausting your avenues of addressing your concern or request with us, you have the right to send your issue to the Data Protection Board Of India
Right to be forgotten:
You have the right to have all your data erased from our server infrastructure. If you request this, you will not be able to use any remaining licenses you have and you will not be able to receive updates or upgrades to the licenses you do have.