Privacy policy

Last updated: 05 June 2026

This policy describes how NasRanger.com processes your personal data in connection with the NAS Ranger website and application, in accordance with the General Data Protection Regulation (GDPR).

1. Data controller

Fabien Hernoux — contact: contact@nasranger.com.

2. Data collected

• Account: name, email address, password (stored hashed).
• Licence: purchase email, reseller sale identifier, licence status.
• Devices: a hashed device identifier (non-re-identifiable fingerprint), an optional device label, activity dates. The raw hardware identifier is never transmitted or stored.
• Payment: handled entirely by Polar. We store no banking data.

The NAS Ranger application analyses your files locally on your machine: the content of your files and their names are never transmitted to our servers.

3. Purposes and legal bases

• Account and licence management, device activation — performance of the contract.
• Sending activation codes and service-related emails — performance of the contract.
• Combating licence-sharing abuse (activation limit) — legitimate interest.
• Customer support and accounting obligations — legitimate interest / legal obligation.

4. Recipients

• Polar Software, Inc. (payment, invoicing, VAT) — United States.
• DigitalOcean, LLC (hosting) — United States.

Transfers outside the EU (e.g. to Polar in the United States) are governed by appropriate safeguards (European Commission standard contractual clauses).

5. Retention period

Account and licence data are kept as long as the account exists, then deleted on request or after a reasonable period of inactivity. Activation codes expire within 15 minutes. Data required for accounting obligations are kept for the applicable legal periods.

6. Your rights

You have the rights of access, rectification, erasure, restriction, objection and portability. From your account area, you can at any time download your data or delete your account and the associated data. You can also write to us at contact@nasranger.com.

You may lodge a complaint with the CNIL (cnil.fr).

7. Security

Passwords are hashed, activation codes are never stored in clear text, exchanges take place over HTTPS, and the database is not publicly exposed. Data minimisation is applied: only the email and a hashed device identifier are kept.

8. Cookies

See the cookie policy.