Privacy

1. Data controller

The data controller for personal data collected through the website localguard.pro and the LocalGuard software is:

• Name: LocalGuard
• Contact email: [email protected]

2. What data we process and why

2.1 Data collected on the website (localguard.pro)

When browsing the website we may process:

• Account registration data: email address and password (bcrypt hashed), required to create and manage your LocalGuard account.
• Payment data: payment processing is fully delegated to the payment provider (Stripe or equivalent). LocalGuard does not store card data.
• Browsing and analytics data: with your prior consent, we use Google Analytics 4 (GA4) to collect aggregate and anonymous usage statistics. You can withdraw this consent at any time from cookie settings.
• Technical cookies: we store language and theme preferences in localStorage. They do not require consent as they are strictly necessary.

2.2 Data processed by LocalGuard software on your network

The LocalGuard software (Windows agent + Docker server) processes network activity data within your local infrastructure. This data never leaves your network. LocalGuard, as the software provider, has no access to it at any time.

In this scenario, you are the data controller for the data of your household members. LocalGuard acts exclusively as the tool provider (data processor in technical terms), without access to your data.

Locally processed activity data includes: DNS domains queried, active applications on supervised Windows devices, and screen time logs. None of this data is sent to external servers.

3. Legal basis for processing

• Contract performance (art. 6.1.b GDPR): processing of email for account management and service delivery.
• Consent (art. 6.1.a GDPR): activation of Google Analytics 4. You can withdraw this consent at any time without affecting the lawfulness of prior processing.
• Legitimate interest (art. 6.1.f GDPR): anonymous technical error logging to improve service stability.

4. Recipients and international transfers

LocalGuard may share your data with the following third parties:

• Infrastructure provider (VPS/hosting): the server hosting localguard.pro is located in the European Union.
• Google LLC (Google Analytics 4): only with prior consent. Google may transfer data to the US under the EU-US Data Privacy Framework (DPF) guarantees. See Google's privacy policy.
• Payment provider: only the data necessary to process the subscription.

We do not sell or share personal data with third parties for advertising or any other purpose.

5. Data retention

• Account data: retained while the account is active. When you delete your account, data is permanently erased within 30 days.
• Payment data: in accordance with applicable tax regulations (minimum 5 years).
• GA4 analytics data: 14 months per Google Analytics default configuration.

6. Your rights

Under the GDPR (EU 2016/679), you can exercise the following rights at any time by contacting [email protected]:

• Access: obtain confirmation of whether we process your data and a copy of it.
• Rectification: correct inaccurate or incomplete data.
• Erasure ('right to be forgotten'): request deletion of your data when no longer necessary.
• Restriction: request that we suspend processing under certain circumstances.
• Portability: receive your data in a structured, commonly used format.
• Objection: object to processing based on legitimate interest.
• Withdraw consent: at any time, without retroactive effect, for consent-based processing (GA4 analytics).

If you believe the processing violates applicable regulations, you have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).

7. Protection of minors

LocalGuard is a tool intended for adults (parents, guardians) to supervise the digital activity of their homes. We do not directly collect data from children under 14 through the website. If you are under 14, you should not create an account without the supervision of a responsible adult.

Network activity data processed locally by the software may include information about devices used by minors. In this case, the adult account holder is the data controller for that data under art. 6.1.f GDPR (protection of the minor's legitimate interests).

8. Security

We apply technical and organizational measures to protect your data: encryption in transit (HTTPS/TLS), PASETO v4 authentication tokens, bcrypt-hashed password storage, and environment separation. The LocalGuard software never transmits network data externally under any circumstances.

9. Cookies

For detailed information about the cookies we use, please see our Cookie Policy.

10. Changes to this policy

We may update this policy to reflect changes in our practices or applicable regulations. The 'last updated' date at the top of this document indicates when the last revision was made. Substantial changes will be notified by email to registered users.