Privacy Policy

Updated May 1, 2026

This Privacy Policy explains how the operator of Montra (“we”, “us”, “the operator”) handles personal data in connection with the Montra macOS application (the “App”) and the website at getmontra.app and dl.getmontra.app (together, the “Site”).

This Policy is drafted to comply with the Swiss Federal Act on Data Protection (revised FADP, in force since 1 September 2023). To the extent that the European General Data Protection Regulation (GDPR) applies to visitors based in the European Economic Area or the United Kingdom, references to “personal data” and “data subject rights” shall be read accordingly.

Controller

The operator of Montra. Contact: support@getmontra.app.

Montra is operated as an independent, non-commercial software project. Privacy enquiries — including requests to identify the responsible person under applicable law — should be sent to the contact address above and will receive a response within 30 days.

We are not required to designate a Data Protection Officer under the FADP, and have not done so.

1. Summary

  • The App stores everything locally on your Mac. It does not transmit personal data to us or to any third party.
  • The Site collects the minimum necessary to operate, secure, and improve it.
  • We do not sell, rent, or share personal data with advertisers.
  • We use Cloudflare as our hosting and analytics provider. Cloudflare processes limited technical data on our behalf.
  • We are operated as a one-person side project. Information practices reflect that scale.

2. Data the App processes

The App stores profiles, captured window layouts, application preferences, and diagnostic logs as plain files on your local Mac, typically under ~/Library/Application Support/Montra and ~/Library/Logs/Montra. These files never leave your device unless you choose to share them (for example, by attaching a log file to a support email).

The App does not include analytics SDKs, crash reporters, ad networks, or remote update channels at this time. If a future release adds remote functionality (such as Sparkle-based auto-updates), this Policy will be updated before the feature ships, and the change will be visible in the file history of this page.

3. Data the Site processes

When you visit the Site or download the .dmg, our hosting provider Cloudflare automatically records technical data needed to deliver the request, including:

  • Your IP address.
  • Your user-agent string (browser, operating system).
  • The URL requested and HTTP status returned.
  • Approximate location (country / region) inferred from the IP address.
  • Date and time of the request.

This data is processed by Cloudflare on our behalf to operate the Site, prevent abuse, and produce aggregate traffic statistics. Cloudflare retains it according to its own retention schedules.

We additionally enable Cloudflare Web Analytics, a privacy-respecting analytics product that:

  • Does not set cookies.
  • Does not generate persistent device or browser fingerprints.
  • Does not track users across third-party sites.

Web Analytics provides us with aggregate page-view, referrer, and country counts only.

4. Data you send us by email

If you write to us, we receive your email address, your message, and any attachments. We process this information solely to handle your enquiry. Email correspondence is stored in our standard mailbox and may be retained for as long as necessary to operate the App and respond to follow-ups, typically up to 24 months.

5. Cookies and similar technologies

The App does not use cookies. The Site does not set first-party cookies. Cloudflare may set short-lived security cookies (for example __cf_bm) to detect bots and abuse; these are strictly necessary for the Site to function and contain no advertising identifiers.

6. Recipients and processors

We rely on the following processors:

  • Cloudflare, Inc. (United States, with a global edge network and EU data centres) — hosting (Cloudflare Pages), download distribution (R2), DNS, CDN, security (WAF), and analytics. Cloudflare acts as our processor under a Data Processing Addendum and offers EU Standard Contractual Clauses where applicable.
  • GitHub, Inc. (United States) — source code hosting and release artefact hosting on private repositories. GitHub may receive your IP address if you click a GitHub-hosted link from the Site.

We do not share personal data with any other third party. We do not sell personal data.

7. International transfers

Cloudflare and GitHub are based in the United States and operate global infrastructure. Where data is transferred outside Switzerland or the EEA, we rely on the recipient’s contractual safeguards (Standard Contractual Clauses, where applicable) and on the Swiss Federal Council’s adequacy decisions and equivalents.

8. Retention

  • App data on your Mac: retained until you delete it. Uninstalling the App and removing ~/Library/Application Support/Montra and ~/Library/Logs/Montra removes all locally stored data.
  • Server logs (Cloudflare): retained per Cloudflare’s defaults. We do not export or archive these logs.
  • Web Analytics aggregates: retained per Cloudflare’s defaults; no personally identifying detail.
  • Email correspondence: typically up to 24 months from last contact, longer where legally necessary.

9. Your rights

Under the FADP and, where applicable, the GDPR, you have the right to:

  • Request access to personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to lawful exceptions.
  • Object to or request restriction of processing.
  • Receive your data in a portable format, where technically feasible.
  • Withdraw any consent you previously gave (without affecting the lawfulness of processing carried out before withdrawal).

To exercise any of these rights, write to support@getmontra.app. We respond within 30 days. We may need to verify your identity before acting on a request.

If you believe we have mishandled your data, you may also lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch, or with your local supervisory authority if you are in the EEA or the United Kingdom.

10. Security

We rely on Cloudflare’s edge security, Apple’s macOS sandboxing, and our use of code signing and notarization to reduce risk. No system is perfectly secure. You are responsible for keeping your Mac, your local backups, and your email account secure on your end.

11. Children

The App and the Site are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us so we can delete it.

12. Changes to this Policy

We may update this Policy from time to time. The “Updated” date at the top reflects the latest revision. Material changes will be highlighted on the Site or by other reasonable means. Continued use of the App or the Site after a change constitutes acceptance of the revised Policy, to the extent permitted by law.

13. Governing law and jurisdiction

This Policy is governed by Swiss law. Any disputes that cannot be resolved informally are subject to the exclusive jurisdiction of the competent courts at the operator’s domicile in Switzerland, subject to mandatory consumer-protection rules in the user’s country of residence.

14. Contact

Privacy enquiries, deletion requests, or any other question about this Policy: support@getmontra.app.