Sallar Lite - Terms of Use

Effective date: 2026-05-16 Last updated: 2026-05-18 Operator: Astral Hodling OÜ, Lõõtsa tn 5, 11415 Tallinn, Estonia Contact: contact@sallar.io

---

1. Acceptance of these Terms

These Terms of Use form a legally binding agreement between you and Astral Hodling OÜ, governing your access to and use of the Sallar Lite mobile application ("App") and any associated services we make available through the App.

By installing, opening, or using the App, you confirm that you have read, understood, and agreed to these Terms and to our Privacy Policy. If you do not agree, do not install or use the App.

---

2. About the service

Sallar Lite is a utility application that allows you to connect a compatible device to a distributed network operated by us and to contribute idle compute time for practical workloads such as network operations and, where available, AI-related workflows including dataset labeling.

The App is not a financial product. It does not provide trading, brokerage, investment, deposit, withdrawal, custody, or payment functionality.

Any participation indicators, uptime counters, activity metrics, or similar mechanics surfaced inside the App, where present, are informational only and describe network mechanics.

We may modify, suspend, or discontinue the App, any feature of the App, or any service made available through the App at any time, with or without notice, subject to applicable law.

---

3. Eligibility

By using the App, you represent and warrant that:

• you are at least sixteen (16) years old, or the minimum age required to consent to the processing of personal data in your country of residence, whichever is higher;
• you have the legal capacity to enter into these Terms;
• you are not barred from receiving the App or related services under applicable law, including export-control and sanctions laws;
• any information you provide to us is true, accurate, and complete.

The App is not intended for children. We do not knowingly provide the App to users under the age of sixteen (16).

---

4. Device pairing and App profile

To use the network features of the App, you may need to pair your device with a mother node using a one-time pairing code or QR code provided by us or by a network operator authorised by us.

The App generates a device identifier at first setup to recognise the same installation across sessions. You may optionally provide an email address for service communication and support, as described in our Privacy Policy.

You are responsible for:

• keeping your pairing code, device, and any access credentials confidential;
• any activity originating from your paired device or App installation;
• notifying us promptly at contact@sallar.io of any unauthorised pairing, loss of device, or suspected compromise.

We may suspend, unpair, or refuse pairing of any device that we reasonably believe to be associated with abuse, fraud, security risk, technical manipulation, or a violation of these Terms.

---

5. Acceptable use

You agree not to, and not to permit any third party to:

• use the App for any unlawful, fraudulent, deceptive, or abusive purpose;
• violate any applicable law, regulation, or third-party right while using the App;
• access or attempt to access any account, device, network, or service that you are not authorised to access;
• interfere with, disrupt, overload, or impair the App, the network, or any related infrastructure, including by submitting automated, fraudulent, manipulated, or artificially generated workload signals;
• falsify, replay, inject, alter, suppress, or manipulate any workload result, execution output, device signal, uptime signal, participation signal, runtime response, or technical measurement;
• inspect, extract, copy, retain, disclose, reconstruct, modify, or use any workload data, workload output, runtime data, temporary processing data, or technical materials processed through the App outside the intended operation of the App, unless expressly authorised by us in writing;
• reverse-engineer, decompile, disassemble, or otherwise attempt to extract the source code or design of the App, except to the minimum extent expressly permitted by mandatory applicable law;
• copy, modify, distribute, sell, sublicense, rent, lease, or create derivative works of the App, except to the minimum extent expressly permitted by mandatory applicable law;
• circumvent any technical protection, security, measurement, attestation, workload-verification, or participation mechanism implemented in the App or in the network;
• introduce viruses, worms, trojans, ransomware, spyware, or any other malicious code into the App or any associated infrastructure;
• use the App to scan, probe, exploit, attack, overload, or interfere with any third-party system;
• use the App to participate in any denial-of-service activity;
• use the App to operate an unauthorised proxy, VPN, traffic relay, tunnelling service, anonymisation service, spam infrastructure, or similar service;
• use the App in any safety-critical environment where its failure could lead to death, personal injury, or material physical or environmental damage;
• sell, lease, sublicense, share, or otherwise transfer your App profile, pairing code, App account, or any associated access credentials to any third party;
• use the App, the network, related materials, or any data obtained through them for the purpose of building, training, supporting, benchmarking, or competing with a similar product or service;
• frame, mirror, scrape, or embed the App or any associated web resources within another product, website, or interface without our prior written consent;
• access the App through automated or non-human means, including bots, scrapers, scripts, headless agents, emulators, farms, or any other automated system, except as explicitly permitted by us in writing.

We may investigate suspected violations and take any action we consider appropriate, including warning, throttling, limiting workloads, unpairing, suspending, or terminating your access to the App and reporting the conduct to competent authorities.

---

6. Network participation

The App allows your device to contribute compute time to a distributed network operated by us. Any participation indicators, uptime counters, workload counters, activity metrics, or similar indicators displayed in the App describe network mechanics only.

We reserve the right to adjust, recalculate, freeze, pause, reset, exclude, or invalidate such mechanics at our discretion, subject to applicable law, including where we reasonably believe that metrics are inaccurate, manipulated, abusive, technically invalid, or inconsistent with service integrity.

You acknowledge that distributed compute participation is variable by nature and depends on:

• device capability;
• trust level;
• hardware attestation status;
• operating system limitations;
• network conditions;
• available workloads;
• geographic region;
• compliance requirements;
• security requirements;
• other factors outside our full control.

We may assign, limit, reject, throttle, prioritise, or pause workloads based on:

• device capability;
• reliability;
• attestation level;
• trust score;
• connection stability;
• region;
• workload type;
• security requirements;
• legal requirements;
• network integrity.

You may stop participating in the network through the controls made available in the App, by closing the App where supported by the operating system, by unpairing the device where available, or by uninstalling the App. Some operating-system processes, logs, cached files, or pending technical operations may continue briefly as required for safe shutdown, fraud prevention, diagnostics, or legal compliance.

Your participation in the network does not create any employment, contractor, partnership, agency, franchise, joint venture, fiduciary, or representative relationship between you and us. You are not authorised to act on our behalf, bind us, represent us, or make statements for us.

---

7. Hardware, device requirements, and resource usage

The App may use the following resources of your device while you are actively participating in the network:

• processor and memory cycles to run compute workloads;
• network bandwidth to maintain the connection with the network and to transfer workload-related data;
• storage for temporary workload data, logs, configuration files, cached files, or security materials;
• Wi-Fi and CPU wake locks to keep the device responsive during a participation session;
• a system foreground notification while a participation session is active;
• device security features used for attestation, identity, pairing, or workload verification, where available.

You are responsible for:

• ensuring that running the App on your device is permitted under the terms of your mobile carrier, device manufacturer, operating-system provider, employer, school, institution, or any other applicable policy;
• any data, electricity, bandwidth, roaming, network, or other costs that may result from operating the App on your device;
• any battery consumption that may result from compute participation;
• monitoring your device while participating and stopping participation if the device becomes unstable, behaves unexpectedly, or is no longer suitable for continued operation.

The App may increase battery consumption, processor load, memory use, and bandwidth use while a participation session is active.

The App uses Android Hardware Key Attestation, where available, to establish a device identity at pairing. On compatible Apple devices, the App may use Apple App Attest, DeviceCheck, Secure Enclave-related mechanisms, or other platform security mechanisms where available and implemented. Devices without hardware-backed attestation may still pair, but the network may decline, restrict, or limit some workloads for such devices.

Security, attestation, pairing, and workload-verification mechanisms are designed to reduce risk, but they do not guarantee that all tampering, modification, emulation, abuse, fraud, unauthorised use, or technical manipulation will be detected.

---

8. Intellectual property

The App, the Sallar Lite name, the Sallar brand, the Sallar logos, the user interface, the source code of the App, the client-side libraries we distribute, the network protocols we publish, and all related materials are and remain the exclusive property of Astral Hodling OÜ and our licensors and are protected by intellectual property and other applicable laws.

Subject to your compliance with these Terms, we grant you a limited, personal, non-exclusive, non-transferable, non-sublicensable, revocable licence to install and use the App on a compatible device for your own non-commercial use.

Nothing in these Terms transfers ownership of the Materials, any intellectual property rights, or any goodwill to you.

Open-source components included in or with the App are licensed under their respective open-source licences. Where required, the applicable open-source notices and licence texts are made available in or through the App.

---

9. Third-party services and stores

The App may be distributed through third-party application stores, including Google Play and the App Store. Your installation and use of the App through such stores may also be subject to the applicable store’s own terms. These Terms govern only your relationship with us in relation to the App and do not modify any rights you may have under store-specific terms.

Where the App is downloaded through the Apple App Store, you acknowledge that Apple is not a party to these Terms, has no obligation to provide maintenance or support for the App, and is not responsible for any claims relating to the App, except to the extent required by applicable law or applicable Apple terms.

Where the App is downloaded through Google Play, you acknowledge that Google is not a party to these Terms and is not responsible for providing support, maintenance, or services relating to the App, except to the extent required by applicable law or applicable Google terms.

The App relies on third-party operating-system services provided by the device manufacturer and the platform vendor, and on infrastructure operated by us or by service providers acting on our behalf. We are not responsible for failures, downtime, modifications, restrictions, policy changes, store review outcomes, operating-system limitations, or interruptions of such third-party services beyond our reasonable control.

---

10. Availability and changes to the service

We aim to keep the App and the network available and reliable, but we do not warrant uninterrupted, error-free, or secure access. The App and the network may be temporarily unavailable for maintenance, upgrades, security responses, abuse prevention, capacity management, legal compliance, or other operational reasons.

We may, at any time and at our discretion:

• add, modify, remove, or replace features of the App or any part of the network, including features previously made available to you;
• change the eligibility criteria, supported devices, supported operating-system versions, supported regions, or workload availability;
• throttle, rate-limit, restrict, or temporarily suspend participation where reasonably necessary for stability, fairness, security, compliance, workload integrity, fraud prevention, or service integrity;
• discontinue the App or any part of the network, in whole or in part, on a temporary or permanent basis;
• migrate, replace, or sunset any service component, including backend infrastructure, network protocols, workload systems, authentication providers, attestation mechanisms, or device-verification systems used by the App.

To the maximum extent permitted by applicable law, we will not be liable to you or to any third party for any modification, discontinuance, interruption, downgrade, sunset, throttling, workload limitation, workload rejection, or unavailability of the App, the network, or any feature, even if the unavailability is permanent.

We will provide reasonable notice of material changes where feasible, including through in-App messaging, the App store listing, our website, or another appropriate communication channel, but such notice is not a precondition to taking any of the actions listed above.

---

11. Disclaimers

To the maximum extent permitted by applicable law, the App and any related services are provided as is and as available, without warranties of any kind, whether express, implied, statutory, or otherwise.

We disclaim all warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, non-infringement, accuracy, uninterrupted availability, security, compatibility, workload availability, or freedom from error.

We do not warrant that:

• the App will meet your specific requirements;
• the App will operate uninterrupted, timely, secure, or error-free;
• any information obtained through the App will be accurate or reliable in every case;
• participation in the network will produce any specific result;
• your device will be eligible for any particular workload;
• your device will remain compatible with future versions of the App or network;
• all abuse, fraud, tampering, emulation, or unauthorised use will be detected;
• the App will prevent battery consumption, performance impact, network charges, or other costs connected with participation.

Nothing in these Terms excludes or limits any warranty or consumer right that cannot be excluded or limited under applicable mandatory law.

---

12. Limitation of liability

To the maximum extent permitted by applicable law:

• in no event will Astral Hodling OÜ, its affiliates, its officers, its employees, its agents, or its licensors be liable for any indirect, incidental, special, exemplary, consequential, or punitive damages, or for any loss of profits, loss of revenue, loss of goodwill, loss of opportunity, loss of expected savings, business interruption, data loss, data corruption, device performance issue, network cost, bandwidth cost, electricity cost, or other indirect loss arising out of or in connection with your use of, or inability to use, the App;
• our total aggregate liability arising out of or in connection with these Terms or the App will not exceed one hundred euros (EUR 100) or, if higher, the amount you have paid to us in the twelve (12) months immediately preceding the event giving rise to the claim.

Nothing in these Terms excludes or limits liability that cannot be excluded or limited under applicable mandatory law, including liability for fraud, fraudulent misrepresentation, death or personal injury caused by negligence, gross negligence, or wilful misconduct.

---

13. Your indemnity

To the maximum extent permitted by applicable law, you agree to defend, indemnify, and hold harmless Astral Hodling OÜ, its affiliates, and their respective officers, employees, agents, and licensors from and against any claim, demand, loss, damage, liability, cost, and expense, including reasonable legal fees, arising out of or related to:

• your violation of these Terms;
• your misuse of the App or the network;
• your unauthorised use, manipulation, automation, resale, transfer, or abuse of the App, your App profile, your pairing code, or any network feature;
• your violation of any applicable law or any right of any third party;
• any workload signal, workload result, execution output, device signal, usage signal, runtime response, or technical data submitted from your device that is fraudulent, manipulated, unauthorised, harmful, or unlawful.

---

14. Suspension and termination

You may stop using the App at any time. You may also delete your App profile and associated personal data through the paths described in our Privacy Policy.

We may, at any time and at our discretion, suspend, restrict, throttle, unpair, limit workloads, reject workloads, or terminate your access to the App or to network features if we reasonably believe that:

• you have violated these Terms or any applicable law;
• your use creates a security, fraud, abuse, integrity, operational, legal, regulatory, or compliance risk;
• your device, App installation, pairing, workload signal, workload result, execution output, uptime signal, participation signal, runtime response, or technical data appears manipulated, invalid, unreliable, compromised, automated, or technically unsafe;
• continued provision of the App to you is no longer technically, operationally, commercially, or legally feasible.

Where reasonably possible and not prohibited by law or by legitimate security, fraud-prevention, compliance, or operational considerations, we will provide notice of the suspension or termination.

Termination of these Terms does not affect any rights or obligations that have accrued before termination.

Sections of these Terms that, by their nature, should survive termination - including those relating to intellectual property, disclaimers, limitation of liability, indemnity, governing law, dispute resolution, and miscellaneous provisions - will survive any termination of these Terms.

---

15. Changes to these Terms

We may update these Terms from time to time. The most recent version and effective date will always be shown at the top of this page.

Material changes will be communicated in-App where reasonably possible, through the App store listing, our website, or through another appropriate communication channel.

Your continued use of the App after the effective date of the updated Terms constitutes your acceptance of the updated Terms. If you do not agree with the updated Terms, you must stop using the App.

---

16. Governing law and disputes

These Terms and any non-contractual obligations arising out of or in connection with them are governed by the laws of Estonia, without regard to its conflict-of-laws principles.

Subject to any mandatory rights you may have as a consumer under the law of your country of residence, any dispute, claim, or controversy arising out of or in connection with these Terms or the App will be submitted to the exclusive jurisdiction of the competent courts of Estonia.

If you are a consumer resident in the European Union, you may also be entitled to bring proceedings before the courts of your country of residence and to rely on mandatory provisions of the law of your country of residence.

If you are a consumer resident in the European Union, you may also have access to local consumer protection bodies or alternative dispute resolution mechanisms available under applicable law. We encourage you to contact us first so we can try to resolve your concern directly.

---

17. Miscellaneous

These Terms, together with the Privacy Policy and any other notices we provide in or through the App, constitute the entire agreement between you and us regarding the App and supersede any prior agreements between us on the same subject matter.

If any provision of these Terms is held to be invalid, illegal, or unenforceable, the remaining provisions will remain in full force and effect, and the invalid provision will be replaced by a valid one that most closely reflects the original intent of the parties.

Our failure to enforce any provision of these Terms is not a waiver of our right to enforce that or any other provision in the future.

You may not assign or transfer these Terms or any of your rights or obligations under them, in whole or in part, without our prior written consent. We may assign these Terms to an affiliate or to a successor in connection with a merger, acquisition, restructuring, or transfer of business.

No employment, agency, partnership, joint venture, franchise, fiduciary, representative, or contractor relationship is created between you and us as a result of these Terms, your use of the App, or your participation in the network.

---

18. Contact

For any question, request, or notice regarding these Terms, contact:

Astral Hodling OÜ Lõõtsa tn 5 11415 Tallinn Estonia

Email: contact@sallar.io

Sallar Lite - Privacy Policy

Effective date: 2026-05-16 Last updated: 2026-05-18 Operator: Astral Hodling OÜ, Lõõtsa tn 5, 11415 Tallinn, Estonia Contact: contact@sallar.io

---

1. Scope

This Privacy Policy applies to the Sallar Lite mobile application ("App") and any associated services we make available through the App.

The App may be distributed through third-party application stores, including Google Play and the App Store.

This Privacy Policy explains what personal data we collect through the App, how we use it, how long we keep it, with whom we may share it, and what rights you have in relation to your data.

This Privacy Policy should be read together with our Terms of Use.

---

2. About us

The data controller responsible for the processing of personal data is Astral Hodling OÜ, a company registered in Estonia with its registered office at Lõõtsa tn 5, 11415 Tallinn, Estonia.

For any privacy-related question, request, or complaint, you can contact us at contact@sallar.io.

---

3. Information we collect

When you use the App, we may collect the following categories of data:

• App installation and device identifier data, including a device identifier generated by the App at first setup. This is used to recognise the same App installation across sessions and support the basic operation of the service. Lawful basis: performance of a contract under Article 6(1)(b) GDPR.
• Optional contact data, including an email address if you choose to provide one for service communication, support, security notices, privacy requests, or legal notices. Providing an email address is optional. Lawful basis: your consent under Article 6(1)(a) GDPR where you voluntarily provide the email address; performance of a contract under Article 6(1)(b) GDPR where communication is necessary to provide the App or respond to your service request; our legitimate interests in service communication and support under Article 6(1)(f) GDPR; or compliance with a legal obligation under Article 6(1)(c) GDPR where applicable.
• Pairing data, including pairing status, pairing method, mother node identifier, pairing code metadata, QR pairing metadata, paired-device status, unpairing events, and related timestamps. Lawful basis: performance of a contract under Article 6(1)(b) GDPR and our legitimate interests in service security and integrity under Article 6(1)(f) GDPR.
• Diagnostic data, including crash reports, error logs, App version, operating system version, device model, and basic technical metadata needed to troubleshoot and improve the App. Lawful basis: our legitimate interests in operating, maintaining, securing, troubleshooting, and improving the App under Article 6(1)(f) GDPR.
• Operational and network participation data, including session start and stop events, basic activity counters, participation status, uptime-related signals, workload status, execution status, runtime responses, workload result metadata, error states, and technical measurements needed to operate, verify, secure, and troubleshoot the App and the network. Lawful basis: performance of a contract under Article 6(1)(b) GDPR where processing is necessary to provide App and network functionality, and our legitimate interests in service operation, security, fraud prevention, and reliability under Article 6(1)(f) GDPR.
• Device security and trust data, including hardware attestation status, platform security results, device integrity signals, device-verification results, pairing-verification data, and workload-verification signals where available and implemented. Lawful basis: our legitimate interests in security, fraud prevention, service integrity, and network reliability under Article 6(1)(f) GDPR. We do not use this data to identify you biometrically.
• Connection and security log data, including IP address, connection timestamps, request metadata, server logs, security logs, authentication events, and infrastructure events needed to operate, secure, monitor, and protect the App and related backend services. Lawful basis: our legitimate interests in service security, abuse prevention, fraud prevention, and infrastructure reliability under Article 6(1)(f) GDPR.
• Support communication data, including messages, requests, verification details, and related correspondence when you contact us for support, account, privacy, or security matters. Lawful basis: performance of a contract under Article 6(1)(b) GDPR, our legitimate interests in handling support and privacy requests under Article 6(1)(f) GDPR, or compliance with a legal obligation under Article 6(1)(c) GDPR where applicable.

We do not knowingly collect special categories of personal data as defined in Article 9 GDPR, including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for identification, health data, sex life, or sexual orientation.

---

4. What we do not collect

The App does not collect, process, or transmit:

• precise or coarse geolocation;
• contacts, calendar entries, SMS, or call logs;
• photos, videos, files, or other private content from your device;
• payment information or credit card data;
• biometric or health data;
• microphone audio;
• camera images or video content;
• advertising identifiers.

Where the camera is used, it is used solely to read a one-time pairing code on-device. Camera images are not stored, uploaded, or transmitted by the App.

The App does not access private files, photos, videos, messages, contacts, browsing history, or personal content stored on your device.

Workloads processed through the App may involve technical, operational, public, synthetic, encrypted, or otherwise limited data selected by us or by authorised network operators. Such workload data is processed only for the intended operation of the App and the network. We may process workload metadata and technical verification data for security, verification, troubleshooting, and service integrity.

---

5. How we use your information

We use the information we collect to:

• provide, operate, and maintain the App;
• recognise the same App installation across sessions;
• enable device pairing, unpairing, and basic service functionality;
• connect your device to a mother node where applicable;
• assign, limit, reject, verify, or troubleshoot workloads;
• verify device integrity, pairing status, attestation status, and workload execution where available and implemented;
• operate, secure, monitor, and maintain the network and related backend services;
• detect, prevent, investigate, and respond to fraud, abuse, technical manipulation, unauthorised access, service misuse, or security incidents;
• communicate with you about service-related matters, including security notices, updates, support, privacy requests, and legal notices;
• improve the reliability, stability, and performance of the App;
• comply with applicable legal obligations.

We do not use your information for advertising, behavioural profiling, or automated decision-making that produces legal or similarly significant effects concerning you.

---

6. Sharing your information

We do not sell or rent your personal information.

We may share your information only where necessary with the following recipients:

• hosting, infrastructure, database, storage, security, logging, monitoring, and email service providers acting on our behalf under written contract;
• technical providers that help us operate, secure, verify, troubleshoot, or maintain the App, the network, and related backend services;
• public authorities, courts, regulators, or law enforcement bodies where required by applicable law;
• professional advisers where necessary for legal, compliance, accounting, security, or dispute-resolution purposes;
• successors in interest in the context of a merger, acquisition, restructuring, or transfer of business, subject to equivalent privacy protections.

All service providers processing personal data on our behalf are required to follow appropriate confidentiality, security, and data-protection obligations.

We do not share App data with advertising networks, data brokers, or third-party analytics providers.

---

7. Third-party platforms and operating-system services

The App may be distributed through third-party application stores, including Google Play and the App Store.

Google, Apple, device manufacturers, and operating-system providers may process certain data independently when you download, install, update, review, or use the App through their platforms or operating systems. Their processing is governed by their own terms and privacy policies.

The App may also rely on platform-level services, operating-system security mechanisms, app-store infrastructure, crash handling, update delivery, device integrity checks, or other technical services provided by the relevant platform vendor or device manufacturer.

This Privacy Policy governs only our processing of personal data through the App and related services operated by us or by service providers acting on our behalf.

---

8. Where the data lives and how long we keep it

Personal data is primarily processed within the European Economic Area on infrastructure operated by us or by service providers acting on our behalf.

Where personal data is transferred outside the EEA, we rely on appropriate safeguards, including Standard Contractual Clauses issued by the European Commission under Article 46(2)(c) GDPR, or on an adequacy decision adopted under Article 45 GDPR. A copy of the relevant safeguards is available on request.

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy:

• App installation, profile, and pairing data - for as long as the App installation or related service profile remains active, plus a limited retention period after deletion where necessary for security, fraud prevention, legal, or technical reasons.
• Email address - for as long as needed to provide service communication or support, unless you withdraw consent or request deletion, subject to legal or security-related retention requirements.
• Diagnostic data - up to 90 days, after which it is deleted or anonymised, unless a longer period is necessary for security investigation, fraud prevention, legal compliance, or dispute resolution.
• Operational and network participation data - up to 12 months, after which it is deleted or anonymised, unless a longer period is necessary for workload verification, service integrity, security investigation, fraud prevention, legal compliance, or dispute resolution.
• Device security and trust data - for as long as necessary to maintain device trust, pairing integrity, workload verification, security, fraud prevention, and service integrity, and generally no longer than 12 months after the related App profile becomes inactive, unless a longer period is necessary for investigation, legal compliance, or dispute resolution.
• Connection and security logs - up to 12 months, unless a longer period is necessary for security investigation, fraud prevention, abuse prevention, legal compliance, or dispute resolution.
• Support communication data - for as long as necessary to handle your request and maintain appropriate records of the communication, generally no longer than 24 months after the matter is closed, unless a longer period is required by law or necessary for dispute resolution.
• Backup copies - retained only for a limited rolling backup period and are not used for active processing.

---

9. Your rights

Subject to applicable law, you have the right to:

• access the personal data we hold about you under Article 15 GDPR;
• request correction of inaccurate or incomplete data under Article 16 GDPR;
• request deletion of your data under Article 17 GDPR;
• restrict certain processing activities under Article 18 GDPR;
• object to processing carried out on the basis of legitimate interest, including direct marketing, under Article 21 GDPR;
• receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller where technically feasible, where the conditions under Article 20 GDPR apply;
• withdraw consent at any time where processing is based on consent under Article 7(3) GDPR.

To exercise any of these rights, contact us at contact@sallar.io.

We respond to verified requests within the timeframes required by applicable law. Under GDPR, this is generally one month from receipt of the request, extendable by two further months where necessary due to complexity or number of requests.

If you are located in the European Economic Area or the United Kingdom, you also have the right to lodge a complaint with your local data protection authority. As the controller is established in Estonia, you may also contact the Estonian Data Protection Inspectorate, known as Andmekaitse Inspektsioon.

If you reside in a jurisdiction that grants additional rights beyond those listed above, please contact us and we will honour the rights mandated by applicable law.

---

10. Account and data deletion

You may request deletion of your App profile, installation-related data, and associated personal data at any time through either of the following paths:

• In-app: open the App, go to Settings → Delete account, and confirm the deletion request.
• By email: send a request to contact@sallar.io from the email address associated with your App profile, if one was provided. We may ask for verification details to prevent unauthorised deletion.

We process verified deletion requests within thirty (30) days.

After deletion, your personal data is removed from active systems. Backup copies are purged on a rolling cycle and are inaccessible to active operations in the meantime.

Uninstalling the App from your device does not automatically delete all data already processed by our backend systems. To delete your App profile and associated personal data, you should use the deletion paths described above.

Some limited information may be retained where required by law or where necessary for legitimate purposes such as fraud prevention, security, abuse prevention, workload verification, accounting, dispute resolution, or compliance with legal obligations. Any such retention is limited to what is necessary.

---

11. Security

We apply administrative, technical, and organisational safeguards designed to protect your information against unauthorised access, alteration, disclosure, loss, or destruction.

These safeguards include:

• encryption of data in transit;
• access controls;
• restricted internal access;
• infrastructure monitoring;
• security logging;
• fraud and abuse detection;
• technical measures designed to protect the App and related backend services.

Where available and implemented, the App may use Android Hardware Key Attestation, Apple App Attest, DeviceCheck, Secure Enclave-related mechanisms, or other platform security mechanisms to support device identity, pairing integrity, workload verification, and network security.

No security measure is perfect. While we work to protect your information, we cannot guarantee absolute security.

In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with Article 33 GDPR.

Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, in accordance with Article 34 GDPR.

---

12. Children

The App is not directed to children under the age of 16, and we do not knowingly collect personal data from children.

If you believe that a child has provided us with personal data, contact us at contact@sallar.io and we will take appropriate steps to delete the information in accordance with applicable law.

---

13. Third-party advertising and analytics

The App does not embed third-party advertising, third-party analytics, or tracking technologies.

We do not sell personal data to advertising networks or data brokers.

---

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

The most recent version and effective date will always be shown at the top of this page. Material changes will be communicated in-app where reasonably possible or through another appropriate communication channel.

The updated Privacy Policy will apply from the effective date indicated in the updated version.

---

15. Contact

For any question, request, or complaint regarding this Privacy Policy or our handling of your personal data, contact:

Astral Hodling OÜ Lõõtsa tn 5 11415 Tallinn Estonia

Email: contact@sallar.io