Privacy Policy

Last updated: 2026-01-24

BETA VERSION NOTICE: This software is in Beta version. While we strive for stability and security, please be aware that bugs may exist. This Service is provided for testing and personal productivity purposes.

This Privacy Policy explains how Software Expert Kft. ("we", "us", "Provider") handles information when you use DriveCommander (the "Service").

1. Data Controller

Software Expert Kft.
Budapest, Hungary
EU VAT: HU14677036
Email: hello@codestarter.me

2. What Data We Process

2.1 Data We Do Not Store on Our Servers:

We do not store on our servers your file contents or file metadata (such as file names, IDs, paths, or folder structures).

2.2 Data Processed Locally in Your Browser:

To display the interface and perform file operations you initiate, the Service processes file metadata locally in your browser. This data remains on your device.

OAuth Access Tokens: OAuth access tokens are handled in your browser (session storage) and are not intentionally transmitted to our servers. We take measures to avoid logging or collecting authorization credentials.
User Preferences: Any local settings are stored in your browser's local storage and remain on your device.

2.3 Data That May Be Logged (Server-Side):

Web Server Logs: IP address, user-agent, request timestamps, HTTP status codes
Purpose: Security, troubleshooting, abuse prevention
Retention: Up to 30 days
Legal Basis (GDPR): Legitimate interest (Article 6(1)(f)) - security and service operation

3. How File Operations Work

All file operations (listing, copying, moving, renaming, deleting) are performed directly between your browser and the cloud provider's API:

Google Drive: Google Drive API (googleapis.com)
Microsoft OneDrive: Microsoft Graph API (graph.microsoft.com)

Your files never pass through our servers. We do not act as a proxy for file content.

4. Third-Party Services

When you use the Service, your data is processed by:

Google (for Google Drive authentication and API) - Google Privacy Policy
Microsoft (for OneDrive authentication and API) - Microsoft Privacy Statement
Hosting Provider: Standard web hosting for serving the application files

We do not use analytics services, advertising networks, or tracking pixels.

5. Cookies

DriveCommander does not set cookies for tracking or advertising. Authentication state is managed via OAuth tokens in session storage, not cookies.

6. Data Retention

OAuth tokens: Cleared when you close your browser session
Server logs: Up to 30 days
Your files: Remain in your cloud storage account, subject to your provider's policies

7. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the right to:

Access: Request information about data we process
Rectification: Correct inaccurate data
Erasure: Request deletion of your data
Restriction: Limit how we process your data
Portability: Receive your data in a portable format
Object: Object to processing based on legitimate interest

Since we do not store personal data beyond temporary server logs, most rights are automatically satisfied. To exercise your rights or for questions, contact us at hello@codestarter.me.

8. Revoking Access

You can revoke DriveCommander's access to your cloud storage at any time:

Google: myaccount.google.com/permissions
Microsoft: account.microsoft.com/privacy/app-access

9. Data Security

We use HTTPS encryption for all connections. OAuth tokens remain in your browser and are not transmitted to our servers. We follow industry-standard security practices for our hosting infrastructure.

10. International Transfers

Your file operations connect directly to Google (US) or Microsoft (US/EU) servers. Our web hosting may be located in the EU or US. Standard server logs may be processed in locations where our hosting provider operates.

Where processing involves transfers outside the EEA, we rely on appropriate safeguards made available by our providers (e.g., Standard Contractual Clauses), where applicable.

11. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date reflects the latest revision.

13. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Hungary: Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH) - naih.hu

14. Contact

Software Expert Kft.
Budapest, Hungary
EU VAT: HU14677036
Email: hello@codestarter.me