PATRONUS PROTECT - PRIVACY POLICY

Effective date: May 13, 2026
Version: 1.0
Applies to: Patronus Protect for macOS (application bundle identifier
com.patronus.desktop), the Patronus Network Extension, the
local helper processes, and the backend endpoints operated
by us in support of the application.

TABLE OF CONTENTS

1. Introduction and Scope

2. Definitions

3. Controller and Contact Details

4. Description of the Application

5. Summary of Data Flows

6. Categories of Personal Data, Purposes, Legal Bases and Recipients

7. Detailed Description of Processing Activities
   7.1 Device Registration and First Launch
   7.2 Update Delivery
   7.3 Telemetry (Usage and Performance Statistics)
   7.4 Crash and Error Reporting (Sentry)
   7.5 Local MITM Proxy and TLS Inspection
   7.6 Optional Sign-In (Clerk)
   7.7 Locally Processed Content and On-Device PII Detection

8. Local Storage on Your Device

9. Sub-Processors and Recipients

10. International Data Transfers

11. Retention Periods

12. Security of Processing

13. Your Rights under the GDPR

14. Additional Rights for California Residents (CCPA/CPRA)

15. Additional Rights for United Kingdom Residents

16. Children's Privacy and Minimum Age

17. Automated Decision-Making and Profiling

18. Multi-User Devices

19. Third-Party AI Providers

20. Complete Uninstallation and Data Removal

21. Changes to this Privacy Policy

22. Contact for Privacy Questions and Data Protection Requests

23. INTRODUCTION AND SCOPE

1.1 Purpose of this Privacy Policy

This Privacy Policy informs you, as a natural person whose personal data is
processed in connection with your use of Patronus Protect (the "Application"
or "Patronus Protect"), about the nature, scope, purpose, legal basis and
recipients of that processing, as well as about your rights under the
applicable data protection laws.

It is designed to satisfy the information obligations of Articles 12, 13 and
14 of the EU General Data Protection Regulation (Regulation (EU) 2016/679,
the "GDPR"), the equivalent provisions of the United Kingdom General Data
Protection Regulation as amended by the Data Protection Act 2018 ("UK GDPR"),
the California Consumer Privacy Act of 2018 as amended by the California
Privacy Rights Act ("CCPA/CPRA"), and applicable provisions of the Brazilian
Lei Geral de Protecao de Dados ("LGPD") and comparable laws in other
jurisdictions where the Application is made available.

1.2 What this Policy covers

This Privacy Policy covers personal data processed:

• locally on your device by the Application, including its Network
  Extension, helper processes, local proxy worker and SQLite audit
  database;

• by us as the controller in connection with backend services we operate
  in support of the Application (in particular our device registration,
  update and telemetry endpoints);

• by our sub-processors acting on our documented instructions (see
  section 9).

1.3 What this Policy does not cover

This Privacy Policy does not apply to:

• third-party artificial intelligence ("AI") services and websites that
  you access through, or whose traffic is inspected by, the Application
  (for example OpenAI, Anthropic, Google or Microsoft). Those providers
  are independent controllers in respect of the data you submit to them.
  Please consult their respective privacy notices;

• other software running on your device, including the macOS operating
  system itself and any system-level diagnostics that Apple, Inc. may
  collect in accordance with your macOS privacy settings;

• external websites linked to from within the Application or from our
  documentation.

2. DEFINITIONS

For the purpose of this Privacy Policy, the following terms have the meanings
set out below. Where applicable, definitions correspond to those of Article 4
of the GDPR.

• "Personal Data" means any information relating to an identified or
  identifiable natural person.

• "Processing" means any operation performed on personal data, whether
  or not by automated means, such as collection, recording, organisation,
  storage, alteration, retrieval, consultation, use, disclosure,
  transmission, restriction, erasure or destruction.

• "Controller" means the natural or legal person which alone or jointly
  determines the purposes and means of the processing of personal data.

• "Processor" means a natural or legal person which processes personal
  data on behalf of the controller.

• "Sub-Processor" means a processor engaged by us to carry out specific
  processing activities on our behalf.

• "Device-Token" means the cryptographically signed bearer token issued
  by our backend to your installation of the Application and used to
  authenticate subsequent requests to the update and telemetry endpoints.

• "Audit Database" means the local SQLite database stored on your device
  at ~/Library/Application Support/com.patronus.desktop/patronus.db with
  file mode 0600, which holds the audit records of inspected requests.

• "Root CA" means the self-signed root certification authority created
  locally on your device during initial setup and added to the macOS
  System Keychain in order to enable TLS inspection by the local proxy.

• "MITM Proxy" means the local man-in-the-middle proxy component of the
  Application that decrypts, inspects, optionally modifies and re-encrypts
  outgoing TLS traffic to supported AI services on your device.

• "Inspected Hosts" means the supported AI service hostnames whose TLS
  traffic is decrypted and inspected by the MITM Proxy. The current list
  is enumerated in section 7.5.

3. CONTROLLER AND CONTACT DETAILS

3.1 Identity of the controller

The controller within the meaning of Article 4(7) GDPR is:

Casdo Labs, a German civil-law partnership (Gesellschaft
buergerlichen Rechts), comprising Benedikt Veith,
Dominik Hommer and Moritz Trautmann
Heiliggeistgasse 8
93047 Regensburg
Germany

Represented by: Benedikt Veith, Dominik Hommer and Moritz
Trautmann (each with individual authority to
represent)
Commercial register: Casdo Labs is currently an unregistered
German civil-law partnership; no commercial
register entry exists. Registration as a
registered partnership (eGbR - eingetragene
Gesellschaft buergerlichen Rechts) is intended;
details will be added upon registration.
VAT identification: No VAT identification number has been issued;
one will be added once VAT liability arises.

General contact: team@patronus.studio
Website: https://patronus.studio

Casdo Labs operates the product Patronus Protect as a German civil-law
partnership (GbR). A future conversion of Casdo Labs into a limited-liability
company (in particular a Casdo Labs GmbH) is contemplated; the final
particulars (legal form, commercial register entry, VAT identification number)
will be added to this Privacy Policy and to the legal notice ("Impressum") of
the website once available.

3.2 EU representative

Casdo Labs is itself established in Germany and therefore within
the European Union. Accordingly, no separate representative within the
meaning of Article 27 GDPR is required, and none has been designated.
Should the controller at any point in time be established outside the
European Union and fall within the scope of Article 27 GDPR, an EU
representative will be designated and named in this Privacy Policy.

3.3 Data protection officer

The controller is, at the date of this Privacy Policy, not required to
appoint a data protection officer. In particular, the thresholds of
section 38 of the German Federal Data Protection Act (BDSG) are not met,
and the criteria of Article 37 GDPR do not apply. The appointment of a
data protection officer is therefore not legally mandated. Should this
change, the contact details of the appointed officer will be added to
this Privacy Policy. All privacy enquiries may at any time be addressed
to team@patronus.studio with the subject line "Privacy".

4. DESCRIPTION OF THE APPLICATION

Patronus Protect is a security application for macOS that enables individuals
and organisations to use third-party AI services in a controlled and policy-
compliant manner. The Application performs the following core functions on
your device:

• it detects requests to a configurable set of supported AI services;

• it inspects the content of those requests and the corresponding responses
  for prompt-injection attempts, exfiltration patterns, and personal data
  falling within the scope of policy rules;

• it can mask or block such content before it is transmitted to the AI
  service, or warn the user;

• it records audit information about inspected requests in a local audit
  database for later review by the user.

The application bundle is signed and notarised by Apple, Inc. and distributed
directly as a disk image (DMG). Patronus Protect is not distributed through
the Mac App Store. Application versions covered by this Privacy Policy are
the macOS application 1.0.3, the Network Extension 1.0.25, and the Tauri
runtime 0.1.2 included in the release.

All content inspection takes place exclusively on your device. The content
of your prompts and of the AI responses does not leave your device on the
way to us or our sub-processors (see section 5).

5. SUMMARY OF DATA FLOWS

5.1 Data that never leaves your device

The following data is processed exclusively locally on your device and is
neither transmitted to us nor to any sub-processor or other third party:

• the content of your prompts to AI services and of the responses
  returned by those AI services;

• full audit logs of inspected requests stored in the Audit Database;

• the categories, positions and (in audit mode) values of personal data
  detected by the on-device detectors enumerated in section 7.7;

• the list of hostnames you actually contact and of the AI models you
  actually use;

• your configured protection rules, discovered Model Context Protocol
  ("MCP") servers and tool inventory;

• file paths or file names from your local system.

5.2 Data we or our sub-processors receive

We or our sub-processors receive only the categories of data set out in
section 6 below and, in further detail, in sections 7.1 to 7.6. As a guiding
principle, we receive only counters, aggregates, technical identifiers and
operational metadata; we do not receive prompt or response content, nor any
hostname list reflecting your AI usage.

6. CATEGORIES OF PERSONAL DATA, PURPOSES, LEGAL BASES AND RECIPIENTS

The following table-style overview summarises the personal data we process
when you use the Application. Full details, including a description of each
processing operation, are set out in section 7.

Category: Device and registration data
Description: Locally generated device identifier ("device_id", a
random UUID), edition code, plan code, platform,
processor architecture, operating-system version,
application version.
Purpose: Operation of the Application; issuance of a device token;
authentication of backend requests.
Legal basis: Article 6(1)(b) GDPR (performance of a contract for the
provision of the Application).
Recipients: Patronus Worker (Cloudflare, Inc.).
Retention: Until uninstallation or deregistration of the device;
operational logs at the sub-processor for up to 30 days.
Category: Authentication tokens
Description: Cryptographically signed Device-Token; bearer tokens
used to authenticate backend requests.
Purpose: Authentication of update and telemetry requests.
Legal basis: Article 6(1)(b) GDPR.
Recipients: Patronus Worker (Cloudflare, Inc.).
Retention: Token validity period; revoked on uninstallation.
Category: Telemetry aggregates
Description: Counters and aggregates emitted approximately every five
minutes (initial_setup, policy_summary, policy_inventory,
usage_stats, ai_request_summary, performance_sample),
together with technical fields such as device_id,
tenant_id, identity_scope, clerk_user_id, clerk_org_id,
edition_code, plan_code, app_version, os_version.
Purpose: Improvement of detection quality and performance;
identification of stability problems; product planning.
Legal basis: Article 6(1)(f) GDPR (legitimate interest in product
improvement and stability); see also section 7.3 for the
opt-out mechanism.
Recipients: Patronus Worker (Cloudflare, Inc.) -> Tinybird Co. (EU).
Retention: Up to 24 months in aggregated form; raw events deleted
earlier.
Category: Update requests
Description: Platform, processor architecture, release channel,
currently installed application version, IP address as
visible from the HTTPS connection.
Purpose: Delivery of signed update manifests and update artifacts.
Legal basis: Article 6(1)(b) GDPR and Article 6(1)(f) GDPR (legitimate
interest in delivering up-to-date and security-patched
software).
Recipients: Patronus Worker and Patronus R2 object storage
(Cloudflare, Inc.).
Retention: Operational logs at the sub-processor for up to 30 days.
Category: Crash and error reports
Description: Scrubbed stack traces, error codes, runtime and
component tags, application and operating-system version.
Purpose: Detection and correction of programming errors and
crashes.
Legal basis: Article 6(1)(f) GDPR (legitimate interest in stable,
defect-free software).
Recipients: Functional Software, Inc. (Sentry), EU region (Frankfurt).
Retention: 90 days, in accordance with the sub-processor's default
retention configuration.
Category: Authentication data (optional sign-in only)
Description: E-mail address, organisation or team affiliation,
authentication session, identity tokens.
Purpose: Verification of your account credentials, association of
the device with a tenant in business deployments.
Legal basis: Article 6(1)(b) GDPR.
Recipients: Clerk, Inc.
Retention: For the duration of the account; thereafter pursuant to
the retention policy of Clerk, Inc.

The transmissions described above DO NOT contain: the content of your
prompts or of the AI responses, the hostnames or domains you actually
contacted, the names or contents of your protection rules, your file paths
or file names, the values of personal data detected on your device, or any
biometric or precise geolocation data.

7. DETAILED DESCRIPTION OF PROCESSING ACTIVITIES

7.1 Device Registration and First Launch

Purpose: Issuance of a cryptographically signed Device-Token used to
authenticate subsequent requests to the update and telemetry
endpoints, and association of the installation with a tenant.

Data flow: Upon first launch, the Application sends an HTTPS request to
our worker endpoint ("POST /register"). The request contains
the locally generated device_id (a random UUID), the edition
code, and, if you choose to sign in, an optional Clerk session
token. The endpoint responds with a tenant_id and a signed
Device-Token.

Legal basis: Article 6(1)(b) GDPR (pre-contractual and contractual
measures necessary to provide the Application).

Recipients: Cloudflare, Inc. (see section 9.1).

Retention: Until uninstallation of the Application or revocation of the
Device-Token; operational logs at the sub-processor are kept
in accordance with that sub-processor's standard retention
policy, currently up to 30 days.

7.2 Update Delivery

Purpose: Delivery of the latest stable, security-patched version of
the Application and of the model and signature components it
relies upon.

Data flow: The Application periodically retrieves signed update
manifests from the Patronus Worker endpoints
(/manifests/..., /files/..., /updater/...?target=...). The
request includes the platform, processor architecture, release
channel and currently installed application version, along
with the IP address visible from the HTTPS connection. Update
artifacts are delivered from Cloudflare R2 object storage.

Update manifests are signed with an Ed25519 key; the Application verifies the signature before any artifact is applied.

Legal basis: Article 6(1)(b) GDPR (delivery of the contractually agreed
services) and Article 6(1)(f) GDPR (legitimate interest in
delivering current and secure software).

Recipients: Cloudflare, Inc. (Workers and R2).

Retention: Operational logs at the sub-processor for up to 30 days.

7.3 Telemetry (Usage and Performance Statistics)

Purpose: Continuous improvement of the detection and performance
quality of the Application, identification of stability
problems and prioritisation of future functionality.

Data flow: While the Application is active, aggregate events are
transmitted at intervals of approximately five minutes to the
Patronus Worker. The events are limited to counters and
aggregates (initial_setup, policy_summary, policy_inventory,
usage_stats, ai_request_summary, performance_sample) and a
small set of technical fields: device_id, tenant_id,
identity_scope (anonymous or authenticated), clerk_user_id and
clerk_org_id where applicable, edition_code, plan_code,
app_version and os_version. The Worker forwards the events to
Tinybird Co. for aggregation and analysis in the EU.

What is NOT transmitted: the content of prompts or responses; hostnames or
domains you actually contacted; names or contents of
protection rules; file paths or file names; values of detected
personal data.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in product
improvement and stability). The balancing test under
Article 6(1)(f) GDPR weighs in our favour because the
processing is limited to non-content aggregates, does not
permit re-identification of natural persons beyond the
pseudonymous device_id, and is necessary in order to operate
a security product responsibly. You may at any time object
to this processing for reasons relating to your particular
situation pursuant to Article 21(1) GDPR.

Right to object / opt-out: At the date of this version of the Privacy
Policy, telemetry can be disabled by setting the environment
variable PATRONUS_TELEMETRY_DISABLED to one of "1", "true",
"yes" or "on" before launching the Application. A user-
interface opt-out toggle is planned for a future version.
Example, in the macOS Terminal:

launchctl setenv PATRONUS_TELEMETRY_DISABLED 1 open -a "Patronus Protect" You may, in addition, address an objection in free form to team@patronus.studio; we will configure your installation to be excluded from telemetry processing on reception. Please note that crash and error reporting (see section 7.4) is governed separately and is not disabled by the above environment variable.

Recipients: Cloudflare, Inc. (Worker ingest); Tinybird Co. (analytics).

Retention: Up to 24 months in aggregated form; raw events deleted earlier.

7.4 Crash and Error Reporting (Sentry)

Purpose: Detection and correction of programming errors and crashes in
the Application.

Data flow: In the event of an error or crash, technical information
(stack trace, error class, runtime and component tags,
application and operating-system version) is transmitted to
Sentry. Before each transmission, the report is passed through
a scrubbing routine which removes potentially sensitive fields
and known content patterns. The Sentry destination is
configured to the EU region (DSN host
o4511307764727808.ingest.de.sentry.io), which is hosted in
Frankfurt, Germany.

What is NOT transmitted: the content of prompts or responses, audit data,
or the contents of the local Audit Database.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in operating
stable, defect-free software). You may at any time object to
this processing for reasons relating to your particular
situation pursuant to Article 21(1) GDPR.

Recipients: Functional Software, Inc. (Sentry), EU region.

Retention: 90 days, in line with Sentry's default retention.

7.5 Local MITM Proxy and TLS Inspection

Purpose: In order for the Application to inspect the content of your
AI communications, the outbound TLS traffic to supported AI
services is decrypted locally on your device, analysed,
optionally modified (for example by masking detected personal
data) and re-encrypted before being forwarded to the
respective AI service.

Mechanism: During initial setup, the Application creates a self-signed
root certification authority (the "Patronus Protect Root CA")
on your device and installs it in the macOS System Keychain
(/Library/Keychains/System.keychain) using the command
"security add-trusted-cert". This step requires your
administrator password and your explicit consent. The
Application then operates a local proxy worker and a macOS
Network Extension (Application Proxy Provider) that
intercepts traffic to the supported hosts.

Significance: As long as this Root CA is installed and trusted, the
Application is technically able to decrypt TLS connections
from your device to the inspected hosts. Should the
corresponding private key be compromised, a third party in
possession of that key could decrypt TLS traffic between
your device and any host accepting the Root CA. We therefore
strongly recommend that you remove the Root CA from the
System Keychain whenever you discontinue use of the
Application; see section 20.

List of inspected AI hosts (as of release 1.0): OpenAI / ChatGPT,
Anthropic / Claude, Google Gemini / NotebookLM / Vertex AI,
Microsoft Copilot / Bing, GitHub Copilot, Azure OpenAI /
AI Foundry, Mistral, Perplexity, Cohere, DeepSeek, Groq,
OpenRouter, x.ai, Together AI, Fireworks AI, Vercel AI,
Cloudflare AI Gateway, AWS Bedrock, JetBrains AI, Alibaba
Qwen / DashScope, Moonshot / Kimi, MiniMax, Deutsche Telekom
Omega, ChatGLM / BigModel, DeepL, Notion AI, and further
services. The complete and authoritative list, comprising
approximately fifty-six (56) hostnames, is contained in the
source file
services/desktop-proxy/mitm_worker/detect/signatures/ai_hosts.py
of the Application. Connections to hosts not on the list are
not inspected by the MITM Proxy.

Legal basis: Article 6(1)(a) GDPR (explicit consent), obtained during
initial configuration. Your consent is freely given,
specific, informed and unambiguous; it may be withdrawn at
any time with effect for the future. Withdrawal of consent
is effected by uninstalling the Application and removing the
Root CA (see section 20). The lawfulness of processing
carried out before withdrawal is not affected.

Recipients: None outside your device. The decrypted plaintext is
processed exclusively on your device.

Retention: Decrypted plaintext is held in memory only for the time
needed for inspection. Audit records describing the inspected
request (without the prompt or response content, unless you
have explicitly configured audit content retention) are
stored in the local Audit Database for seven (7) days on a
rolling basis.

7.6 Optional Sign-In (Clerk)

Purpose: Optional association of your installation with a Patronus
account, in particular for cross-device functionality and for
tenant assignment in business deployments.

Data flow: If you choose to sign in, your e-mail address, organisation
or team affiliation and authentication session are processed
by Clerk, Inc. We receive only pseudonymous identifiers from
Clerk (clerk_user_id, clerk_org_id) and never your password
or other credentials.

Legal basis: Article 6(1)(b) GDPR (performance of the contract for the
provision of an account).

Recipients: Clerk, Inc. (USA).

Voluntary nature: Sign-in is not required to use the Application in its
Free Edition. Without sign-in, the Application operates in
anonymous mode (identity_scope = "anonymous").

7.7 Locally Processed Content and On-Device PII Detection

Purpose: Detection of typical categories of sensitive personal data
within the content of your AI requests, in order to mark such
data for your awareness or to mask it before it is transmitted
to the AI service.

Categories detected on device: e-mail addresses, telephone numbers, credit
and debit card numbers (Luhn-validated), International Bank
Account Numbers ("IBAN", Mod-97-validated), German tax
identification number, German social-security number, vehicle
licence plates, US Social Security numbers ("SSN"), United
Kingdom National Insurance numbers, and further context-based
patterns such as dates of birth.

Mechanism: In protective mode, detected values are replaced with
placeholders prior to transmission to the AI service; in
audit mode, only the category and position of the finding are
recorded in the local Audit Database, not the value itself,
unless you have explicitly configured otherwise.

Off-device transmission: None. Neither the original values nor the
redacted values are transmitted to us or to any sub-processor
or third party other than the AI service that you have chosen
to contact.

Legal basis: Insofar as personal data is processed locally on your device,
the processing is necessary in order to operate the security
functionality of the Application (Article 6(1)(b) GDPR), and
is in any event under your exclusive technical control on
your device.

8. LOCAL STORAGE ON YOUR DEVICE

8.1 Storage locations

The Application stores the following data locally on your device:

• Audit Database: ~/Library/Application Support/com.patronus.desktop/
  patronus.db (file mode 0600, readable and writable
  only by your user account);

• Application logs: ~/Library/Logs/com.patronus.desktop/;

• Cache: ~/Library/Caches/com.patronus.desktop/;

• Root CA trust store: /Library/Keychains/System.keychain (the macOS
  System Keychain).

8.2 Local retention defaults

The default local retention periods, which are configurable in the
Application's settings, are:

• Audit and activity logs: 7 days, rolling deletion;

• Application logs: 7 days, rolling deletion;

• Live-session data: 5 minutes after inactivity (in memory
  and in the database);

• Configuration and rules: until uninstallation or manual deletion;

• Locally cached models and
  signatures: until replaced by an update or
  uninstallation.

9. SUB-PROCESSORS AND RECIPIENTS

We engage the sub-processors listed below to process personal data on our
behalf and on our documented instructions, in accordance with Article 28
GDPR. We have concluded a written data processing agreement with each
sub-processor that imposes the data protection obligations of Article
28(3) GDPR, including flow-down obligations to any further sub-processors.

9.1 Cloudflare, Inc.

Role: Provision of the Worker runtime (device registration,
update and telemetry endpoints) and of the object
storage (Cloudflare R2) for update artifacts.
Registered office: San Francisco, California, United States of America.
Processing region: Worldwide Cloudflare edge; EU jurisdictional buckets
are used for object storage where available. The
backend endpoint is reachable under a dedicated
Casdo Labs domain (currently provisioned at
https://cloudflare-cdn.benedikt-85c.workers.dev and
being migrated to the patronus.studio domain).
Categories of data: device_id, IP address from the HTTPS connection,
application and operating-system version, telemetry
aggregates, update requests.
Transfer mechanism: Cloudflare is certified under the EU-US Data Privacy
Framework, the UK Extension to the EU-US DPF and the
Swiss-US DPF. Supplementarily, the Standard
Contractual Clauses of the European Commission
(Decision (EU) 2021/914) are incorporated by
reference in our Data Processing Addendum with
Cloudflare.
Privacy notice: https://www.cloudflare.com/privacypolicy/

9.2 Tinybird Co.

Role: Aggregation and analytics for telemetry events.
Registered office: Madrid, Spain (European Union).
Processing region: EU; hosting on Google Cloud Platform in the region
europe-west2 (London), with EU data residency.
Categories of data: Telemetry aggregates (see section 7.3).
Transfer mechanism: Intra-EU processing; no third-country transfer.
Privacy notice: https://www.tinybird.co/privacy

9.3 Functional Software, Inc. (Sentry)

Role: Crash and error reporting.
Registered office: San Francisco, California, United States of America.
Processing region: EU region (Frankfurt, Germany). Our installation is
configured to the EU DSN host
o4511307764727808.ingest.de.sentry.io, and Sentry has
contractually undertaken that EU data at rest remains
in the EU.
Categories of data: Scrubbed stack traces, error classes, runtime and
component tags, application and operating-system
version.
Transfer mechanism: Intra-EU processing of customer data at rest. To the
extent any onward access from the United States may
occur (for example for support purposes), Sentry's
Data Processing Addendum incorporates the Standard
Contractual Clauses (Module 2).
Privacy notice: https://sentry.io/privacy/

9.4 Clerk, Inc.

Role: Authentication and identity management; only relevant
where you have actively signed in.
Registered office: San Francisco, California, United States of America.
Processing region: United States of America.
Categories of data: E-mail address, organisation or team affiliation,
authentication session and identity tokens.
Transfer mechanism: Clerk is certified under the EU-US Data Privacy
Framework, the UK Extension to the EU-US DPF and the
Swiss-US DPF. Supplementarily, the Standard
Contractual Clauses (Modules 2 and 3) are
incorporated by reference in Clerk's Data Processing
Addendum.
Privacy notice: https://clerk.com/legal/privacy

9.5 Apple, Inc.

Role: Notarisation of application bundles (Apple Notary
Service); provision of operating-system level
services in connection with application launches and
certificate validation; provision of any system-level
crash reports that the user has independently opted
into sharing with Apple via the macOS settings.
Registered office: Cupertino, California, United States of America.
Categories of data: Application bundle hashes during the notarisation
check; on first launch, macOS may contact Apple for
certificate revocation and notarisation status
checks; system-level diagnostic data, if and to the
extent enabled by your macOS settings, is processed
by Apple under its own privacy policy.
Transfer mechanism: Apple's own data transfer mechanisms apply. We have
no contractual relationship with Apple in respect of
data Apple processes as an independent controller.
Privacy notice: https://www.apple.com/legal/privacy/

A current list of our sub-processors is also available on request from the
contact set out in section 22.

10. INTERNATIONAL DATA TRANSFERS

10.1 Transfers outside the European Economic Area

Personal data processed under this Privacy Policy may be transferred to,
or accessed from, countries outside the European Economic Area ("EEA"),
the United Kingdom or Switzerland. Specifically:

• Cloudflare, Inc. and Clerk, Inc. are established in the United States.
  Both providers are, at the date of this Privacy Policy, certified
  under the EU-US Data Privacy Framework, the UK Extension thereto and
  the Swiss-US Data Privacy Framework. Personal data transferred to
  these providers is therefore covered by an adequacy decision of the
  European Commission within the meaning of Article 45 GDPR.

• To the extent and for as long as the Data Privacy Framework is not, or
  is no longer, applicable, Cloudflare and Clerk additionally apply the
  Standard Contractual Clauses of the European Commission (Decision
  (EU) 2021/914) as appropriate safeguards within the meaning of
  Article 46(2)(c) GDPR. The UK International Data Transfer Addendum
  issued by the UK Information Commissioner's Office applies to
  transfers within the scope of the UK GDPR.

10.2 Schrems II and supplementary measures

In accordance with the judgement of the Court of Justice of the European
Union of 16 July 2020 in case C-311/18 ("Schrems II") and the European Data
Protection Board's Recommendations 01/2020, we have, in respect of each
transfer to a third country, assessed whether the law and practice of the
recipient country could prevent the data importer from complying with its
obligations under the chosen transfer mechanism, and we apply technical and
organisational supplementary measures where appropriate, including in
particular encryption in transit, minimisation of transferred data to
pseudonymous identifiers and aggregates and contractual undertakings by the
data importer to challenge disproportionate government access requests.

10.3 Intra-EU processing

Telemetry aggregates are processed at a sub-processor with EU hosting
(Tinybird Co., in the Google Cloud Platform region europe-west2 in London).
Crash and error reports are processed in the EU region of Sentry (Frankfurt,
Germany).

11. RETENTION PERIODS

We retain personal data only for as long as is necessary to fulfil the
purposes set out in this Privacy Policy or for as long as required to
satisfy applicable statutory retention obligations. The following retention
periods apply by default:

• Local audit and activity logs on your device: 7 days, rolling.

• Local application logs on your device: 7 days, rolling.

• Local live-session data: 5 minutes after
  inactivity.

• Local configuration and protection rules: until manual
  deletion or
  uninstallation.

• Device-Token / registration records at our backend: until
  deregistration
  or uninstallation
  of the
  Application.

• Raw telemetry events at the backend: no more than
  30 days.

• Aggregated telemetry at Tinybird: up to 24 months.

• Crash and error reports at Sentry: 90 days.

• Authentication records at Clerk (where applicable): for the
  duration of the
  account.

Where any statutory retention obligation requires us to keep personal data
for a longer period (for example tax law or commercial book-keeping rules
where the controller is established in Germany), the affected data is
restricted in processing pursuant to Article 18(1)(a) GDPR and used only
for the purposes that justify the retention.

12. SECURITY OF PROCESSING

Taking into account the state of the art, the costs of implementation and
the nature, scope, context and purposes of processing as well as the risk
of varying likelihood and severity for the rights and freedoms of natural
persons, we implement appropriate technical and organisational measures to
ensure a level of security appropriate to the risk pursuant to Article 32
GDPR. These measures include in particular:

• encryption of all transmissions between the Application and our
  backend, and between the Application and inspected AI services on the
  public network, using Transport Layer Security ("TLS") in current and
  secure cipher configurations;

• integrity protection of update manifests by way of Ed25519 digital
  signatures verified by the Application before installation;

• restrictive file-system permissions (file mode 0600) on the local
  Audit Database, which can be read and written only by your user
  account;

• cryptographic bearer tokens (Device-Tokens) for authentication of
  backend requests;

• a scrubbing routine for crash and error reports that removes
  potentially sensitive fields prior to transmission to Sentry;

• storage of the Root CA private key only on your device, under macOS
  Keychain access controls;

• logical separation of tenants in our backend, separation of duties
  and need-to-know access controls in our development, build and
  deployment pipelines;

• regular updates of dependencies and timely roll-out of security
  patches.

13. YOUR RIGHTS UNDER THE GDPR

If the GDPR applies to the processing of your personal data, you have, in
relation to that personal data, the following rights:

13.1 Right of access (Article 15 GDPR). You have the right to obtain
from us confirmation as to whether or not personal data concerning
you is being processed, and, where that is the case, access to the
personal data and the information specified in Article 15 GDPR.

13.2 Right to rectification (Article 16 GDPR). You have the right to
obtain the rectification of inaccurate personal data concerning you
and to have incomplete personal data completed.

13.3 Right to erasure (Article 17 GDPR). You have the right to obtain
the erasure of personal data concerning you where one of the
grounds listed in Article 17(1) GDPR applies. Personal data stored
locally on your device is erased by you independently through
uninstallation of the Application (see section 20).

13.4 Right to restriction of processing (Article 18 GDPR). You have the
right to obtain the restriction of processing in the cases listed
in Article 18(1) GDPR.

13.5 Right to data portability (Article 20 GDPR). Insofar as the
processing is based on consent or on a contract and is carried out
by automated means, you have the right to receive the personal
data concerning you in a structured, commonly used and machine-
readable format and to transmit those data to another controller.

13.6 Right to object (Article 21 GDPR). You have the right to object,
on grounds relating to your particular situation, at any time to
processing of personal data concerning you that is based on
Article 6(1)(e) or (f) GDPR, including profiling based on those
provisions. This applies in particular to our telemetry processing
(section 7.3) and crash and error reporting (section 7.4).

13.7 Right to withdraw consent (Article 7(3) GDPR). Insofar as the
processing is based on your consent (in particular the consent to
TLS inspection by the local MITM Proxy, section 7.5), you have the
right to withdraw your consent at any time with effect for the
future. The lawfulness of processing based on consent before its
withdrawal is not affected.

13.8 Right to lodge a complaint with a supervisory authority
(Article 77 GDPR). You have the right to lodge a complaint with a
data protection supervisory authority, in particular in the
Member State of your habitual residence, place of work or place
of the alleged infringement.

Requests under sections 13.1 to 13.7 can be addressed to us in writing or
in electronic form at the contact set out in section 22. We will respond
without undue delay and, in any event, within one month of receipt of the
request, in accordance with Article 12(3) GDPR. Where necessary for the
verification of your identity, we may request additional information.

14. ADDITIONAL RIGHTS FOR CALIFORNIA RESIDENTS (CCPA / CPRA)

This section provides additional information for residents of the State of
California pursuant to the California Consumer Privacy Act of 2018, as
amended by the California Privacy Rights Act and the regulations effective
1 January 2026.

14.1 Categories of personal information collected

In the twelve (12) months preceding the effective date of this Privacy
Policy, we have collected or may collect the following categories of
"personal information" as defined under the CCPA:

• Identifiers: device_id, tenant_id, IP address, e-mail address (only
  on optional sign-in), Clerk user and organisation identifiers (only
  on sign-in).

• Internet or other electronic network activity information: aggregate
  counts of inspected requests, performance metrics, application and
  operating-system version, edition and plan codes.

• Geolocation information: country-level location inferred from the IP
  address of the HTTPS connection; we do not collect precise geolocation
  data.

• Inferences: we do not draw inferences from your personal information
  to create profiles reflecting your preferences, characteristics,
  psychological trends, predispositions, behaviour, attitudes,
  intelligence, abilities or aptitudes.

14.2 Sources, business purposes and disclosures

The personal information is collected directly from your installation of
the Application (or from Clerk for authentication data on sign-in). The
business purposes for which we collect each category are set out in
sections 6 and 7. We disclose categories of personal information only to
the sub-processors listed in section 9 and only for the limited business
purposes described therein.

14.3 No sale or sharing of personal information

We do NOT sell personal information within the meaning of Cal. Civ. Code
section 1798.140(ad), and we do NOT share personal information for
cross-context behavioural advertising within the meaning of Cal. Civ.
Code section 1798.140(ah). Accordingly, the disclosure of a "Do Not Sell
or Share My Personal Information" link is provided here by way of
declaration:

We do not sell or share your personal information. You may at any time
confirm or reinforce this position by writing to
team@patronus.studio with the subject line
"Do Not Sell or Share - California".

14.4 Sensitive personal information

We do not use or disclose sensitive personal information for purposes
beyond those permitted by Cal. Civ. Code section 1798.121 and the
implementing regulations. The Device-Token and the e-mail address (on
sign-in) are the only items that may fall within the broader definitions
of "sensitive personal information" in section 1798.140(ae); they are used
exclusively for authentication and account administration.

14.5 California consumer rights

Subject to verification of your identity, you have the right to:

• know what personal information we have collected, used, disclosed
  and (if any) sold or shared about you, including the specific pieces
  of personal information (Cal. Civ. Code section 1798.110 / 1798.115);

• request deletion of personal information we have collected from you
  (Cal. Civ. Code section 1798.105);

• request correction of inaccurate personal information (Cal. Civ.
  Code section 1798.106);

• opt out of any sale or sharing (already declared in 14.3);

• limit the use or disclosure of sensitive personal information (Cal.
  Civ. Code section 1798.121);

• not be subject to discrimination or retaliation for exercising any
  of these rights.

You may exercise these rights, or have an authorised agent exercise them
on your behalf, by contacting team@patronus.studio. We will
respond within the time periods required by the CCPA.

14.6 Retention

We retain each category of personal information only for the period set
out in section 11.

15. ADDITIONAL RIGHTS FOR UNITED KINGDOM RESIDENTS

If you are resident in the United Kingdom, the UK GDPR and the Data
Protection Act 2018 apply to the processing of your personal data. Your
rights are equivalent to those set out in section 13 of this Privacy
Policy.

You have, in addition, the right to lodge a complaint with the United
Kingdom Information Commissioner's Office (ICO), Wycliffe House, Water
Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom; https://ico.org.uk.
With effect from 19 June 2026, you also benefit from a statutory right to
file complaints directly with us about our handling of your personal data.
We will acknowledge any such complaint within thirty (30) days of receipt
and provide a substantive response within the same period.

International transfers from the United Kingdom rely on the UK Addendum
to the EU Standard Contractual Clauses or, where the recipient is so
certified, on the UK Extension to the EU-US Data Privacy Framework, as
described in section 10.

16. CHILDREN'S PRIVACY AND MINIMUM AGE

The Application is not directed at children. We do not knowingly process
personal data of children under the age of sixteen (16). The Application
is intended exclusively for use by natural persons aged sixteen (16) and
above, and, in business deployments, by natural persons who are employees
or contractors of an organisation that has procured the Application.

To the extent the Children's Online Privacy Protection Act ("COPPA")
applies, we declare that the Application is not directed at children
under the age of thirteen (13) within the meaning of 16 C.F.R. Part 312
and that we do not knowingly collect personal information from such
children. If you become aware that a child has provided personal data to
us without parental consent, please contact us at the address set out in
section 22; we will delete the data promptly.

17. AUTOMATED DECISION-MAKING AND PROFILING

We do not engage in automated decision-making, including profiling within
the meaning of Article 22(1) GDPR, that produces legal effects concerning
you or similarly significantly affects you. The on-device PII detectors
and policy evaluators described in sections 7.5 and 7.7 are run on your
device under your control; they do not produce externally communicated
decisions about you.

18. MULTI-USER DEVICES

The Application is intended to be installed and operated on a device by
the natural person who has administrative control over that device. The
Root CA is installed in the macOS System Keychain and is therefore
effective for all user accounts on that device.

If you share the device with co-users, you are responsible for informing
those co-users of the existence of the Application, of the installed Root
CA and of the consequent ability of the Application to inspect their AI
communications, and for obtaining their consent before they use any
inspected AI service from the device. If a co-user does not consent, the
Application must not be installed on the shared device or must be
uninstalled and the Root CA removed (see section 20).

19. THIRD-PARTY AI PROVIDERS

The Application ultimately forwards your AI requests to the AI services
that you have chosen to use (such as OpenAI, Anthropic or Google). Each
such provider is an independent controller in respect of the personal data
you submit to them, and their respective privacy notices and terms of
service govern their processing of that data. We have no controller-
processor or joint-controller relationship with these AI providers in
respect of the prompts and responses you exchange with them. We do not
receive any of the prompt or response content.

Where you use the Application within an organisation, your employer or
client may have entered into separate contractual arrangements with the
AI providers (for example, business or enterprise terms with data
processing addenda). Those arrangements apply independently of this
Privacy Policy.

20. COMPLETE UNINSTALLATION AND DATA REMOVAL

Because the Application is distributed as a notarised disk image and not
through the Mac App Store, complete removal of the Application and of the
data it has stored on your device requires the following manual steps.
Performing all of the steps below also constitutes a withdrawal of your
consent to the local TLS inspection described in section 7.5.

Step 1 - Quit the Application and its helper processes.
Quit Patronus Protect from its dock icon or menu bar. If the macOS
Network Extension prompts for confirmation, allow it to unload.

Step 2 - Move the application bundle to the Trash.
Drag /Applications/Patronus Protect.app to the Trash and empty the
Trash.

Step 3 - Delete the local data directories.
In Finder, choose "Go" > "Go to Folder..." and delete the following
directories, including all of their contents:

~/Library/Application Support/com.patronus.desktop/ ~/Library/Logs/com.patronus.desktop/ ~/Library/Caches/com.patronus.desktop/

Step 4 - Remove the Patronus Protect Root CA from the System Keychain.
This step is essential. Until the Root CA is removed, any party in
possession of the corresponding private key could theoretically
intercept TLS connections from your device. To remove the Root CA:

(a) Open Keychain Access (Applications > Utilities > Keychain Access); (b) Select the "System" keychain in the left-hand sidebar; (c) In the "Category" sidebar, select "Certificates"; (d) Locate the entry named "Patronus Protect Root CA" (or a name beginning with "Patronus"); (e) Right-click and choose "Delete...". You will be prompted for an administrator password. Alternatively, you may remove the certificate from the macOS Terminal using the command: sudo security delete-certificate -c "Patronus Protect Root CA" \ /Library/Keychains/System.keychain

Step 5 - Sign out and deregister (optional).
If you had signed in, you may revoke your device registration by
contacting team@patronus.studio with the subject line
"Deregister Device".

Upon completion of the above steps, no further personal data is processed
on your device or transmitted to us in connection with the Application.
Personal data already received by us or our sub-processors prior to
uninstallation is retained for the periods set out in section 11.

21. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time, for example to
reflect changes in functionality, in our sub-processors or in applicable
law. The current version is identified by the version number and effective
date at the head of the document and is available at all times from the
Application's "About" dialog and from
https://patronus.studio/privacy.

Where a change materially affects the rights of data subjects, we will
inform you in a suitable manner before the change takes effect, in
particular by an in-Application notice on next launch. Your continued use
of the Application after the new version of the Privacy Policy has come
into effect constitutes acknowledgement of the new version; it does not
constitute consent within the meaning of Article 6(1)(a) or Article 7
GDPR where consent is required, in which case we will request a new
consent in an unambiguous form.

22. CONTACT FOR PRIVACY QUESTIONS AND DATA PROTECTION REQUESTS

For any questions or requests in relation to this Privacy Policy or in
relation to the processing of your personal data, including the exercise
of your rights under sections 13, 14 and 15 above, please contact us at:

Postal address:
Casdo Labs
Attn.: Privacy
Heiliggeistgasse 8
93047 Regensburg
Germany

E-mail: team@patronus.studio
Web form: https://patronus.studio/privacy/contact

If we ever, for any reason, are unable to satisfy your concerns, you have
the right to lodge a complaint with the competent data protection
supervisory authority, as set out in sections 13.8 and 15.

Last updated: May 13, 2026.