Privacy Policy

“OLED Guard,” “we,” “us,” and “our” refer to the operator of the OLED Guard Pro desktop application and the website at oledguard.com, established in Ireland. For privacy questions, write to privacy@oledguard.com. Our supervisory authority for data-protection matters is the Irish Data Protection Commission (DPC, dataprotection.ie). If you live in another EU/EEA member state, you also have the right to lodge a complaint with your national supervisory authority.

This policy applies to:

• The OLED Guard Pro desktop application for Windows (Free and Pro editions, distributed through the Microsoft Store and Steam), and any background services it installs.
• The marketing website at oledguard.com and its sub-paths.

It does not cover Microsoft Store, Steam, or any third-party storefront you use to purchase OLED Guard Pro. Those storefronts have their own privacy policies; review them separately.

OLED Guard Pro is engineered around a hard rule: telemetry that could identify a user, their machine, or their screen contents must never leave the device. Concretely:

3.1 Stays on your machine, never transmitted

• Screen capture frames. Frames acquired through DXGI Desktop Duplication are processed in GPU memory and immediately discarded. They are never saved to disk and never transmitted.
• Per-pixel exposure histogram. The cumulative wear model the app builds for each connected display lives in your local app-data folder. It contains no images and no personally identifiable information.
• Configuration and presets. Stored in your local app-data folder.
• Diagnostic logs. When enabled (off by default), logs are written locally for troubleshooting. They are not uploaded.
• App profiles. The list of foreground applications the app uses to switch presets stays local. Window titles and process names are not transmitted.
• Display identification. Monitor make, model, EDID, and DDC/CI capabilities are read from your hardware for the app’s own use only.

3.2 What the app may transmit

• Update checks. The Microsoft Store and Steam clients handle updates on our behalf. We do not run our own update server.
• License validation. Pro entitlement is validated by the storefront (Microsoft Store / Steam), not by us. We never receive your storefront identity.
• Crash reports. If Windows offers to send a crash dump after a hard fault, that goes to Microsoft, not to us. We have no telemetry pipeline for crashes.

The website is a static export hosted on Vercel. It collects the following:

4.1 Vercel Web Analytics & Speed Insights

We use Vercel Web Analytics and Speed Insights to count anonymous page views and measure page performance. Vercel processes a hashed visitor ID derived from your IP and User-Agent that resets every 24 hours; we do not receive your IP address. No cross-site tracking, no advertising IDs, no cookies. You can opt out by enabling “Do Not Track” or by blocking va.vercel-scripts.com in your browser; the site continues to work with analytics blocked.

4.2 Feedback form

The feedback form at /feedback uses two services:

• hCaptcha challenges verify you are a human before the form submits. hCaptcha sees your IP, User-Agent, and the challenge interaction. See hCaptcha’s privacy policy.
• Web3Forms delivers the message contents to our team mailbox. Web3Forms holds the email content transiently. See Web3Forms’ privacy policy.

We retain feedback messages for as long as needed to act on them, plus a reasonable period for follow-up — typically up to twelve months — after which they are deleted from our mailbox unless required for an open support thread or a legal matter.

4.3 Hosting and CDN

The site is served by Vercel’s edge network. Vercel processes request logs for security and abuse prevention; their privacy policy governs that processing.

4.4 Cookies and similar technologies

The site sets no first-party cookies. We use no advertising cookies, no behavioural tracking cookies, and no fingerprinting. hCaptcha may set its own cookies on its iframe domain when you submit the feedback form; those are governed by hCaptcha’s policy.

If you are in the United Kingdom or the European Economic Area, our legal bases under Article 6(1) GDPR are:

• Legitimate interests (Art. 6(1)(f)) for anonymous analytics, security logging, and running the feedback form. Our interest is operating and improving a privacy-respecting product. We have weighed this against your rights and consider the impact minimal because the data is non-identifying.
• Performance of a contract (Art. 6(1)(b)) for delivering the desktop app you purchased.
• Consent (Art. 6(1)(a)) when you submit the feedback form — sending the form is your active consent to process the message.

You have the following rights with respect to the limited personal data we hold:

• Access, correction, deletion. Email privacy@oledguard.com. Because the desktop app keeps everything locally, the simplest way to exercise your right to deletion of in-app data is to uninstall the app and remove its app-data folder.
• Object to processing. Block analytics in your browser (see §4.1).
• Data portability. The limited data we receive (feedback messages) can be supplied to you on request.
• Lodge a complaint. Irish residents may complain to the Data Protection Commission. Other EU/EEA residents may complain to their national supervisory authority. UK residents may complain to the Information Commissioner’s Office (ICO).

California residents have the same access and deletion rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA. We do not “sell” or “share” personal information as those terms are defined under California law.

• Analytics data: anonymous, retained by Vercel under their policy (typically up to 13 months in aggregate form).
• Feedback messages: up to 12 months in our mailbox unless extended for an open thread.
• Server access logs: held by Vercel for security purposes per their retention rules.

OLED Guard Pro is not directed to children under 13 (or under 16 where local law applies a higher threshold). We do not knowingly collect personal information from children. If you believe a child has submitted personal data through our website, contact us and we will delete it.

The website is served only over HTTPS. The desktop app is signed and distributed only through Microsoft Store and Steam. We follow industry-standard practices for the small amount of data we do receive. No method of electronic transmission or storage is fully secure, however, and we cannot guarantee absolute security.

We may update this policy as the product or applicable law changes. When we do, we update the “Effective” date at the top. Material changes will also be announced on the changelog. Continued use of OLED Guard Pro after a change indicates acceptance of the revised policy.

For privacy-related requests, email privacy@oledguard.com. For security-disclosure reports, email security@oledguard.com. For everything else, the feedback form is the fastest channel.