This is our philosophy. We apply this principle to all of our products, services and other aspects of our work.
We strongly believe that good software and services can be built without collecting a vast amount of personal data. And we feel committed to the principle of informational self-determination. We want you to remain in control, so you can decide which information you are willing to share.
If a particular feature does require the transmission of data to our servers, we follow the principle to implement it as an opt-in feature. We do not use the received data for any other purposes than providing you with the requested service. We do not share nor sell your data.
All data transmissions to our servers, website and shop are secured using strong encryption. We use industry standard TLS connections with state-of-the-art keys and certificates.
We are using full-fledged servers which are completely under our control. We do not share servers with other parties in any way. We have taken technical and organizational security measures to protect our servers and any personal data stored on these servers against unauthorized access.
If you connect to our servers, either by visiting our website or by using one of the online features of our applications, you generate requests to our servers. Our web servers maintain logs of these requests containing:
We may look at that data in aggregate to gather statistical information such as market share of macOS versions or similar. The server log files are deleted on a regular basis.
Our website does not include any tracking code. We do not track visitor behavior in any way.
Our web shop uses a session cookie to save information related to your shopping cart. The cookie is deleted automatically when you quit your web browser. The corresponding shopping cart data is deleted after a short timeout.
For billing and taxation purposes we need to store the billing contact information that was provided during the payment process (name, address, email address, IP address).
Depending on the payment method you’ve chosen, our shop is using a third party payment provider to handle all payment related services.
We never receive or have access to your credit card information or other sensitive payment data. This data is collected exclusively by our service partners.
mPAY24 is handling credit card payments as well as EPS and Giropay (the latter ones are not available in all countries).
To process your payment you get redirected to a website hosted by mPAY24. The following information is passed on to mPAY24:
If you are using MasterCard or Visa, an additional redirect to a website of your card issuer might be necessary to answer security questions (known as 3D Secure, MasterCard SecureCode, Verified by Visa or similar). The details of the verification process may differ, depending on your card issuer.
Based on your residency, PayPal offers different payment methods (credit cards, PayPal account, etc.).
To process your payment you get redirected to a website hosted by PayPal. The following information is passed on to PayPal:
In general, our applications do not require an Internet connection for regular operation. Features that do require an Internet connection are designed to be opt-in, so you can decide if you want to use them.
If automatic software update checks are enabled in the preferences window, our applications periodically (usually once a day) connect to our update server (sw-update.obdev.at) and check if a newer version is available. In addition to the previously mentioned metadata (see the “Logging” section above), a software-update query includes:
This information is used solely to determine if a newer version of the software, that’s suitable for installation on your computer, is available. We do not share or sell this data.
The Little Snitch Research Assistant is an online database providing useful information about the purpose of a connection attempt. A lookup in the database must be explicitly triggered by the user — it is never performed without the user’s consent.
When a lookup is performed, Little Snitch requests information from our database server (wtf.obdev.at). In addition to the previously mentioned metadata (see the “Logging” section above), a Research Assistant request includes:
Anonymized versions of those requests are stored and used to improve the database. We do not share or sell this data.
If the saving of geolocations of joined networks is enabled in Little Snitch Preferences > Automatic Profile Switching, Little Snitch determines the computer’s current location each time a new network is joined, using the macOS Core Location framework.
Little Snitch uses this information to show the locations of joined networks in a map. In Little Snitch 3, the map data is provided by MapBox. Little Snitch 4 uses the MapKit framework provided by macOS.
This location information is only stored locally on your computer. We do not receive this data nor are we able to track your location.
When you contact our support team for a support request, we keep a record of your communication, including your e-mail address and all information that you’ve provided to us with your request. We do not use this information for any other purpose than answering your support request.
If you have registered to one of our user forums, your registration data (username, password and email address) is stored. This information is used for the sole purpose of granting access to the forum, allowing you to post messages. We do not share, sell or otherwise use this information.
We recommend to choose a secure and unique password that you are not already using for any other service.
We do not knowingly collect personal information from children under 13. If we come to know that we have collected personal information from a child under 13, this information will be promptly deleted.