Legal

    Privacy Policy

    Applies to FolderManifest desktop app, website, trial signups, purchases, and support.

    Last updated: June 25, 2026

    FolderManifest is designed to protect your privacy. The desktop application runs entirely on your device — all file scanning and manifest generation happen locally, and your file names, paths, and contents never leave your computer. The app includes optional, anonymous usage analytics (on by default; switch them off anytime in Settings → Privacy) that report only bucketed product metrics, never your files. When you visit our website to sign up for a trial or make a purchase, we also collect certain metadata to improve our service, prevent fraud, and understand our customers. This policy explains everything clearly.

    1. What the app does locally

    • FolderManifest runs entirely on your device. All scanning, manifest generation, and verification happens locally on your computer.
    • File contents are never uploaded or transmitted to us. The app only reads file metadata (names, sizes, paths, timestamps, checksums) to build reports.
    • Any temporary data the app creates is stored on your device and can be deleted by you at any time.
    • Your file data never leaves your device. File names, paths, contents, and checksums are processed locally and are never transmitted to us — there is no exception to this. (The app does include optional, anonymous usage analytics covered in Section 3.)

    2. What we do not collect from the app

    • We do not collect personal information or any file data from the app. The optional usage analytics described in Section 3 report only bucketed product metrics — never personal or file information.
    • We do not receive your files, file lists, folder structures, or scan results.
    • The app does not include third-party analytics SDKs or tracking libraries; any usage analytics are first-party and sent only to our own servers.
    • The app does not report which folders you scan, the names of your files, or what you do with your manifests.

    3. Optional connected features

    Some editions or features may require internet access. If you leave them disabled, nothing in this section applies. When enabled:

    • License activation / seat limits: the app may send a license ID and a privacy-safe device fingerprint (hashed identifier) to our license server to activate a seat and validate your plan. We store minimal activation records (license ID, hashed device ID, timestamps).
    • Update checks: the app may contact our update server to check for a newer version. Standard web server logs (IP address, user-agent, timestamp) may be generated.
    • Crash reports: if you opt in, we may collect a crash log containing technical diagnostics. File contents are never collected.
    • Usage analytics (on by default, opt-out): to understand which features help and why trials convert, the app sends anonymous, bucketed product metrics — which tools you run, broad counts and timings, session length, your app version and plan, and onboarding milestones. These never include file names, paths, contents, checksums, or any personal data. Events are linked only to your license ID and the same hashed device identifier used for activation. You can turn this off at any time in Settings → Privacy; when it is off, nothing is queued or sent. Analytics data is retained for 90 days.
    • You can use the app without connected features. Enabling them later limits data flows to what is necessary for that feature.

    4. Website & purchases (Stripe)

    • What we receive: your email, product/plan purchased, and transaction identifiers.
    • What our processor (Stripe) handles: payment card data and billing details. We do not receive full card numbers.
    • How we use data: to fulfill your order, deliver license/activation details, provide support, prevent fraud, and communicate about your purchase.
    • Service providers: we work with reputable processors (hosting/CDN, email, payment) under agreements that restrict their use of your data.

    5. Website analytics & metadata during signups/purchases

    Important distinction: The FolderManifest desktop app itself does not collect or transmit any data. However, when you visit our website to sign up for a trial or make a purchase, we collect certain metadata to improve our service, prevent fraud, and analyze sales performance.

    • Geographic data: We derive approximate location (country, city, region) from your IP address using IP geolocation services. This helps us understand our geographic reach and prevent fraud.
    • Device & browser information: We collect information about your device type (desktop/mobile/tablet), browser, operating system, and screen resolution. This helps us optimize our website for your device.
    • Usage metrics: We track how long you spend on our site before signing up or purchasing, which pages you visit, and your referral source (e.g., Google search, Twitter, direct link). This helps us measure marketing effectiveness and improve our website.
    • Referral tracking: We capture UTM parameters (utm_source, utm_medium, utm_campaign, etc.) from URLs to understand which marketing campaigns and channels are most effective.
    • Session data: We track session start time, duration, and pages visited during your session. This helps us understand user behavior and optimize the signup flow.
    • Optional free-tool report emails: If you ask us to email a free-tool report, we process your email address, tool type, session ID, and a bounded summary of the result you saw. This is optional and is not required to view results. If you separately opt in, we may send up to two short follow-up emails about FolderManifest Desktop; each follow-up includes an unsubscribe link.
    • Legal basis: We process this metadata based on our legitimate business interests in understanding our customer base, preventing fraud, improving our website, and measuring marketing effectiveness.
    • Optional company data: For business email addresses, we may optionally use third-party services to look up company information (name, industry, size) to better understand our customer segments.
    • No cookies: We do not use tracking cookies for this metadata collection. All data is collected passively from your browser and network connection.
    • You can object: If you object to this metadata collection, please contact us at hello@arced-international.com. We will process your objection in accordance with applicable privacy laws.

    6. Sharing

    We do not sell personal information or metadata. We share only with service providers as needed to operate the website, payments, updates, licensing, or as required by law.

    7. Security

    We use reasonable technical and organisational measures to protect data we control. No method is 100% secure; please secure your own device and backups.

    8. Your rights

    Depending on where you live (for example, EU/UK, California), you may have rights to access, correct, delete, or receive a copy of your personal information, or to object/restrict certain processing. Contact us at hello@arced-international.com to exercise these rights. If your request relates to Stripe's records, we may direct you to Stripe to complete it.

    9. Children

    The app and site are not directed to children under 13 (or under 16 in some regions). We do not knowingly collect data from children.

    10. Data retention

    • Desktop app: With usage analytics off, we receive nothing from the app — all data stays on your device. With analytics on, we receive only bucketed, anonymous product metrics (never file data), retained for 90 days.
    • Website metadata: Metadata collected during signups and purchases is retained for 2 years from collection, after which it is deleted or anonymized. IP addresses are anonymized (last octet replaced with .0) after 30 days.
    • Purchases & activations: We retain purchase and activation records for legal, accounting, and fraud-prevention purposes, then delete or anonymize them as required by law and business necessity.

    11. International transfers

    If you access our services from outside the U.S., your information may be processed in the U.S. where laws may differ. We apply appropriate safeguards where required.

    12. Changes

    We may update this policy. When we do, we will refresh the "Effective Date" and, if changes are material, provide reasonable notice.

    13. Contact

    ARCED International LLC • 30 N Gould St, STE R, Sheridan, WY 82801, USA • hello@arced-international.com