Privacy Policy

1. Introduction

Trezors Live ("we", "our", or "us") is a macOS application published by Michal Zavody (RYVEX s. r. o., Slovakia). We are committed to protecting your privacy and ensuring the security of your data.

This Privacy Policy explains what information we collect, how we use it, your rights regarding your data, and how we protect your privacy when you use our macOS application Trezors Live (the "App").

By using Trezors Live, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use the App.

2. Information We Collect

2.1 Information You Provide Directly

We do not require an account to use Trezors Live. The App operates entirely offline and stores all data locally on your Mac. However, you may voluntarily provide:

• Portfolio Data: Information you manually enter, including cryptocurrency holdings, transaction history (buy/sell records), notes, price alerts, and custom settings.
• Contact Information: If you choose to contact us for support via email, we may receive your email address and any information you voluntarily include in your message.

2.2 Financial Data

The App displays and processes cryptocurrency portfolio values and transaction history that you manually enter. This financial data:

• Is stored locally only on your Mac using Apple's SwiftData framework
• Is never transmitted to our servers as a financial profile
• Is not shared with third parties for advertising or marketing purposes
• Remains under your exclusive control

2.3 Data Collected Automatically

When you use the App, certain information may be collected automatically:

• Device Information: Device model, macOS version, app version, and device identifiers (IDFV - Identifier for Vendor) for analytics purposes.
• Usage Data: App performance metrics, feature usage statistics, crash reports, and diagnostic information through Firebase Crashlytics and Performance Monitoring.
• Network Information: IP address (processed by third-party services like CoinGecko and Firebase), browser/user agent strings.

3. How We Use Your Information

We use the collected information for the following purposes:

• App Functionality: To provide portfolio tracking, display real-time cryptocurrency prices, and enable core features of the App.
• Analytics and Improvement: To understand how users interact with the App, identify crashes and performance issues, and improve user experience.
• Configuration: To deliver app configuration values via Firebase Remote Config.
• Communication: To respond to your support requests and inquiries (only if you contact us voluntarily).
• Legal Compliance: To comply with applicable laws, regulations, and legal obligations.

4. Data Storage and Retention

4.1 Local Storage

All portfolio data, transactions, settings, and user-generated content is stored locally on your Mac using Apple's SwiftData framework within the App's sandbox. This data:

• Remains on your device unless you explicitly export it
• Is not synchronized to any cloud service by default
• Is deleted when you remove the App from your Mac (unless you exported copies elsewhere)

4.2 Retention Periods

• Local Portfolio Data: Stored indefinitely until you delete the App or manually remove data.
• Firebase Analytics Data: Retained according to Google's data retention policies (typically 14 months for analytics data).
• Support Communications: Retained for as long as necessary to resolve your inquiry, typically up to 2 years.
• Crash Reports: Retained for up to 90 days via Firebase Crashlytics.

5. Third-Party Services

The App integrates with the following third-party services to provide functionality:

5.1 CoinGecko API

• Purpose: Fetching real-time cryptocurrency market prices and metadata
• Data Sent: Coin identifiers (e.g., "bitcoin", "ethereum") needed to look up prices
• Data NOT Sent: Your portfolio amounts, transaction history, or financial profile
• Location: Singapore
• Privacy Policy: https://www.coingecko.com/en/privacy

5.2 Google Firebase

• Services Used:
  • Firebase Remote Config (app configuration)
  • Firebase Crashlytics (crash reporting)
  • Firebase Performance Monitoring (performance analytics)
  • Firebase Analytics (usage statistics)
• Data Collected: Device installation identifiers, device model, OS version, app version, crash logs, performance metrics
• Location: United States (data may be transferred globally)
• Privacy Policy: https://firebase.google.com/support/privacy
• Google Privacy: https://policies.google.com/privacy

6. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence:

• CoinGecko: Singapore (data protection laws may differ from your jurisdiction)
• Google Firebase: United States and other countries where Google operates

We ensure that appropriate safeguards are in place for international data transfers, including compliance with EU Standard Contractual Clauses where applicable.

7. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on:

• Legitimate Interest: To provide app functionality, improve user experience, and ensure app stability (analytics, crash reports).
• Contract Performance: To deliver the services you request through the App (portfolio tracking, price data).
• Consent: Where required by law, we will obtain your explicit consent before processing your data.
• Legal Obligation: To comply with applicable laws and regulations.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

8.1 GDPR Rights (EU/EEA Users)

• Right to Access: Request a copy of your personal data we hold.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data.
• Right to Data Portability: Request transfer of your data to another service provider (via CSV export functionality).
• Right to Object: Object to processing of your personal data for certain purposes.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
• Right to Lodge a Complaint: File a complaint with your local data protection authority.

8.2 CCPA Rights (California Residents)

• Right to Know: Request disclosure of categories and specific pieces of personal information collected.
• Right to Delete: Request deletion of personal information.
• Right to Opt-Out: Opt-out of the "sale" or "sharing" of personal information (we do not sell personal data).
• Right to Non-Discrimination: Receive equal service and price, even if you exercise your privacy rights.

8.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at zavody@deliziasr.sk. We will respond to your request within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption in Transit: All network communications use HTTPS/TLS encryption.
• Local Storage Security: Data stored in macOS App Sandbox with system-level protections.
• No Sensitive Credentials: The App does not store private keys, seed phrases, or exchange API credentials.
• Minimal Data Collection: We collect only the data necessary for app functionality.
• Regular Updates: We maintain the App with security patches and updates.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

10. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
• Notify affected users without undue delay if the breach poses a high risk to their rights and freedoms
• Take immediate steps to contain the breach and mitigate potential harm

11. Cookies and Tracking Technologies

We do not use cookies, web beacons, or similar tracking technologies for advertising or cross-app tracking purposes.

The App may use:

• Local Storage: To save your preferences and portfolio data locally on your device
• Device Identifiers: IDFV (Identifier for Vendor) for analytics and crash reporting via Firebase

These technologies are used solely for app functionality and improvement, not for tracking you across apps or websites owned by other companies.

12. Automated Decision-Making

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

All portfolio calculations and price displays are based on data you manually enter and publicly available market data from CoinGecko.

13. Children's Privacy

Trezors Live is not directed at children under the age of 18. The App is rated 17+ on the Mac App Store due to cryptocurrency-related content.

We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us, and we will take steps to delete such information.

14. App Store Privacy Nutrition Labels

The information collected and used by Trezors Live is reflected in the App Store Privacy Nutrition Labels. You can view these labels on the Mac App Store page.

Data Not Collected:

• Contact Information (unless voluntarily provided via email)
• Location Data
• Browsing or Search History
• Exchange or Wallet Credentials
• Payment or Banking Information
• Sensitive Information (health, financial accounts, etc.)

Data Used to Track You: None

Data Linked to You:

• Usage Data (analytics via Firebase)
• Identifiers (device ID for analytics)
• Financial Info (locally stored portfolio data, not transmitted)

15. Data We Do NOT Collect

For clarity, we explicitly do NOT collect:

• ❌ Contact information (unless you email us voluntarily)
• ❌ Location data or GPS coordinates
• ❌ Browsing or search history outside the App
• ❌ Exchange or wallet credentials (private keys, API keys, seed phrases)
• ❌ Payment or banking information
• ❌ Biometric data
• ❌ Health or medical information
• ❌ Government-issued identification

16. Third-Party Links

This Privacy Policy contains links to third-party websites (CoinGecko, Google Firebase, Google Privacy Policy). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review their privacy policies.

17. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

We may share information only in the following circumstances:

• Service Providers: With trusted third-party service providers (CoinGecko for market data, Firebase for analytics) strictly necessary for app functionality.
• Legal Requirements: If required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).
• Business Transfers: In connection with a merger, acquisition, or sale of assets, where user information may be transferred as a business asset (users will be notified via email or prominent notice).
• Protection of Rights: To protect and defend our rights, property, or safety, or that of our users or the public.

18. Your Choices and Controls

You have the following choices regarding your data:

• Export Data: Export your portfolio data to CSV format at any time via File → Export (⌘E).
• Delete Data: Remove the App from your Mac to delete all locally stored data. Data is stored in the App's sandbox and is removed with the App.
• Offline Mode: Use the App without an internet connection. Live prices will not update, but locally stored data remains available.
• Limit Analytics: Contact us to opt-out of Firebase analytics collection (note: this may limit our ability to diagnose crashes).
• Do Not Track: The App does not track you across third-party websites or services.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Will Notify You:

• We will update the "Last updated" date at the top of this page
• For material changes, we will notify you via in-app notification or email (if you have provided your email)
• Changes become effective immediately upon posting

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, please discontinue use of the App and delete it from your Mac.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We respond to privacy inquiries in English within two business days.

Data Controller (for GDPR purposes):
Michal Zavody (RYVEX s. r. o.)
Nám.kpt.Nálepku 371/8
Vráble, Nitriansky kraj 952 01
Slovakia