RS Gauges.
Privacy

Privacy Policy

Last updated: 2026-05-14

RSGauges (the “Service”, “we”, “us”) is operated by Perfectum LLC-FZ, a UAE free-zone company. This policy describes what personal data we collect, why we collect it, how long we keep it, and how you can have it removed. It is written in plain English; it is not legal advice. If your jurisdiction requires specific disclosures (GDPR Art. 13/14, CCPA, PDPL, etc.), email privacy@rsgauges.app for the long-form version.

1. What we collect

We collect the minimum needed to deliver the Service:

  • Device identifier. A random UUID generated on first launch of the RSGauges data field on your Garmin Edge. It contains no personal information and cannot be linked to you outside the Service.
  • Device metadata. Edge model (e.g. edge1050), firmware version, app version, system locale. Used to support the device and triage bugs.
  • Payment record. Date, amount, currency, the Stripe checkout session ID, the last 4 digits of the card, and the buyer's billing country (provided by Stripe). Full card data never reaches our servers — Stripe handles it.
  • Email (optional). If you provide an email at checkout, in the recovery flow, or in the referral program, we store it for receipts, support, and license recovery.
  • IP address & approximate country. Captured from your HTTP request at checkout and on referrer signup, used only for fraud prevention and rate limiting.
  • Referral activity (only if you join the referral program): your name, the referral code we issue, and the count of paid conversions attributed to your code.

We do not collect: GPS tracks, ride files, heart rate, power, cadence, training plans, or any data the Edge records during your activity. RSGauges runs entirely on-device.

2. Why we collect it (lawful bases)

  • Contract (GDPR Art. 6(1)(b)): to issue your lifetime license, verify it on the device, process payments and refunds, and provide support.
  • Legitimate interest (GDPR Art. 6(1)(f)): to prevent fraud, abuse, and chargebacks; to keep the Service running and secure.
  • Legal obligation (GDPR Art. 6(1)(c)): tax records and accounting (kept for 7 years per UAE Federal Tax Authority requirements).
  • Consent (GDPR Art. 6(1)(a)): joining the referral program; receiving optional product-update emails (if we ever introduce them — none today).

3. Who we share data with

Only the processors we strictly need to run the Service. Each receives the minimum data necessary, under a data-processing agreement.

  • Stripe Payments Europe Ltd. — payment processing, Stripe Tax for VAT/sales tax, fraud detection.
  • Resend (Resend.com Inc.) — transactional email delivery (receipts, license recovery, referral magic links).
  • Hetzner Online GmbH — hosting (Falkenstein, Germany).
  • Garmin Ltd. — only via the Connect IQ Store for app distribution. Garmin does not see your license or payment data; we do not see your Garmin Connect data.

We do not sell your data, share it with advertisers, or use it to train AI models.

4. How long we keep it

  • Device identifier & license records: life of the license (lifetime, by definition), then 12 months for refund-window completeness, then purged.
  • Payment records: 7 years (tax law).
  • Email logs & access logs: 90 days.
  • Referrer records: kept while the account is active; deleted on request 30 days after the last payout.

5. Your rights

You may request access, correction, export, restriction, or deletion of your data at any time. Email privacy@rsgauges.app from the address tied to your record and we'll respond within 30 days. Note that deleting your data may revoke an active license — we'll confirm this with you before acting.

You also have the right to lodge a complaint with a supervisory authority. If you're in the EEA, that's the data protection authority in your country of residence.

6. International transfers

Our infrastructure is in Germany (Hetzner). Stripe and Resend may process data in the EU and the US, under Standard Contractual Clauses and (for US transfers) supplementary measures. If you live outside the EEA, your data may transit through these jurisdictions; the protections above still apply.

7. Security

All transport is TLS 1.3. Secrets are stored encrypted at rest with restricted access. License tokens use HMAC-SHA256 signing. We log security incidents and notify affected users within 72 hours where required by law.

8. Children

RSGauges is not directed at children under 16. We don't knowingly collect data from minors.

9. Changes to this policy

When this policy changes materially, we update the “Last updated” date and — if you've given us an email — send you a notice. Continuing to use the Service after a change constitutes acceptance.

10. Contact

Perfectum LLC-FZ, c/o registered agent (UAE). Privacy enquiries: privacy@rsgauges.app. General support: support@rsgauges.app.

Disclaimer. This page is provided in good faith as a plain-English summary. It is not legal advice. Verify compliance with a qualified counsel for your jurisdiction before relying on it for regulated activity.

Read the Terms of Service →