R2 Desk ProR2 Desk PRO
Buy Private Beta$29 / R2CONTROL / first 100
Navigation
Buy Private Beta$29 / R2CONTROL / first 100Read docs
Legal

Privacy Policy

Product: R2 Desk ProWebsite: r2desk.greeff.devController: greeff.devLast Updated: March 7, 2026Version: 1.1

Privacy Policy

This Privacy Policy explains what information R2 Desk Pro and the public marketing website at r2desk.greeff.dev collect, how it is handled, and what rights you have over it. The desktop application is designed with a privacy-first architecture: it operates locally on your device, holds no server-side user accounts, and does not transmit product usage data to greeff.dev by default. The marketing website may use consent-based analytics as described below. This policy is written to be read, not to obscure.

1. Who We Are

R2 Desk Pro is developed and maintained by greeff.dev, a software studio operated by Pio Greeff, based in South Africa. References to "greeff.dev", "we", "us", or "our" in this policy refer to this entity.

Contact for privacy matters:
Web: https://greeff.dev/contact
Email: pio@greeff.dev

2. The Core Principle: Local-First by Design

R2 Desk Pro is a local desktop application. It does not have a user account system, a backend database, or a cloud sync service. By default:

  • The desktop application does not collect usage analytics.
  • The desktop application does not transmit telemetry to greeff.dev by default.
  • No personal data from your storage operations leaves your device.
  • greeff.dev has no visibility into how you use the application, what buckets you manage, or what files you transfer.

The sections below describe the limited, specific cases where data handling occurs in the desktop application and on the public website.

3. Data Stored Locally on Your Device

R2 Desk Pro stores the following data on your device only:

3.1 Cloud Storage Credentials
Your R2 or S3-compatible access key IDs and secret access keys are stored exclusively in your operating system's native secure credential store — the macOS Keychain, Windows Credential Manager, or Linux Secret Service (libsecret). This storage is managed by your operating system and is encrypted at the OS level. greeff.dev never has access to these values.

3.2 Profile Metadata
Non-sensitive profile configuration data — including custom endpoint URLs, bucket preferences, profile names, and display settings — is stored in the application data directory on your device. This data does not include your secret access keys.

3.3 Application Settings
Your preferences, UI configuration, transfer settings, and security settings (such as auto-lock timeout) are stored locally in the application data directory.

3.4 Activity and Transfer Logs
A local activity log is maintained for your operational visibility (e.g., transfer history, sync results). This log is stored on your device, is subject to your configured retention limit, and is never transmitted to greeff.dev except in the specific diagnostic scenario described in Section 5.

3.5 Multipart Upload Session Files
If a large file upload is interrupted, a session recovery file is stored locally to enable resume. These files contain bucket names, object keys, file metadata, and multipart upload IDs. They do not contain your secret access keys. Session files are deleted automatically on upload completion or explicit discard.

4. Data Transmitted During Normal Operation

When you use R2 Desk Pro to interact with your cloud storage, the application communicates directly and exclusively with your configured R2 or S3-compatible endpoint. This communication:

  • Is encrypted in transit using TLS 1.2 or higher.
  • Passes directly between your device and your storage provider (Cloudflare R2, or your configured S3-compatible service).
  • Does not route through any greeff.dev infrastructure.
  • Is governed by your storage provider's own privacy policy and terms of service.

greeff.dev is not a party to these communications and has no access to the data transferred.

5. Diagnostic Data (Opt-In and User-Controlled)

R2 Desk Pro includes an optional diagnostic export feature for support purposes.

5.1 How it works. When you choose to export a diagnostic bundle (via Settings or the About panel), the application generates a JSON file on your device containing: application version and platform information, anonymized settings (with sensitive fields redacted), recent activity log entries, and error log data.

5.2 What is redacted. Before the diagnostic file is written to disk, the application applies automatic redaction to remove AWS access key patterns, secret key patterns, bearer tokens, and any value matching the format of a stored credential. You should review the exported file before sharing it.

5.3 You control it entirely. The diagnostic file is created locally and is only shared if you choose to send it to greeff.dev (e.g., by attaching it to a support request). greeff.dev never requests access to your device or pulls diagnostic data without your action.

5.4 Retention. Any diagnostic files received by greeff.dev in the course of providing support are retained only as long as necessary to resolve your request, after which they are permanently deleted.

6. Update Check

R2 Desk Pro performs a single, anonymous HTTPS request per session to check for available software updates. This request:

  • Is sent to a greeff.dev-controlled endpoint.
  • Contains only: the current application version string and the operating system platform identifier (e.g., "windows", "macos", "linux").
  • Does not include your identity, license email, device identifier, or any personal data.
  • Returns a JSON payload containing the latest version number and release notes.
  • Times out after 3 seconds and fails silently if unavailable.

No IP address logging is performed beyond what is inherent in standard web server access logs, which are retained for a maximum of 30 days for operational security purposes and are not used for analytics.

7. License Activation

If you activate R2 Desk Pro using a license key or license file:

7.1 Offline verification. License validation is performed entirely on-device using cryptographic signature verification. No activation request is sent to greeff.dev's servers. The application does not "phone home" to validate your license.

7.2 Purchase data. At the time of purchase, your name and email address are collected by our payment processor (Gumroad or Lemon Squeezy) for the purpose of issuing your license and processing payment. This data is subject to the payment processor's own privacy policy. greeff.dev receives your email address for the purpose of license delivery and support.

7.3 Retention of purchase data. Purchase records (name, email, license tier, purchase date) are retained for a minimum of 5 years to comply with applicable tax and record-keeping obligations. You may request access to or deletion of your purchase record subject to these legal retention requirements.

8. Website Analytics and Tracking Boundaries

8.1 Desktop application. R2 Desk Pro itself contains no analytics SDKs, no advertising SDKs, no crash reporting services, and no third-party tracking code.

8.2 Marketing website analytics. The public marketing website at r2desk.greeff.dev may, subject to your consent where required by applicable law, use Usercentrics for consent management and Google Analytics to understand website traffic and page usage.

8.3 What website analytics may include. Website analytics may include page views, referrers, approximate location derived from IP, browser and device details, and interactions with public website content. This website analytics data does not give greeff.dev visibility into desktop application activity, configured buckets, object names, files transferred, or credentials.

8.4 Cookies and consent choices. Analytics cookies and similar technologies on the marketing website are managed through Usercentrics. You can accept, reject, or revise your choices at any time through the site's cookie settings controls.

8.5 Advertising and sharing. greeff.dev does not use website analytics to build advertising profiles and does not sell, share, or license your personal data to third parties for advertising or profiling purposes.

9. Children's Privacy

R2 Desk Pro is a professional developer tool not directed at children. We do not knowingly collect personal information from individuals under the age of 18. If you believe a minor has provided personal information in connection with a support request or purchase, contact us at pio@greeff.dev and we will delete it promptly.

10. Security Measures

greeff.dev implements the following measures relevant to the limited personal data it handles:

  • License and purchase records are stored in access-controlled systems with encryption at rest.
  • Support communications are handled via encrypted email.
  • Diagnostic files received for support are stored temporarily in isolated, access-controlled storage and deleted after resolution.
  • We do not store your cloud storage credentials at any point.

No system can be guaranteed fully secure. If you believe a security vulnerability in R2 Desk Pro could affect the privacy of your data, please report it at https://greeff.dev/contact.

11. Your Rights

Depending on your jurisdiction, you may have the following rights regarding personal data greeff.dev holds about you (primarily purchase records):

11.1 Right of access. You may request a copy of the personal data greeff.dev holds about you.

11.2 Right to correction. You may request correction of inaccurate personal data.

11.3 Right to deletion. You may request deletion of your personal data, subject to legal retention requirements (e.g., tax records).

11.4 Right to object. You may object to processing of your personal data in certain circumstances.

11.5 South African residents. If you are based in South Africa, you have rights under the Protection of Personal Information Act, 2013 (POPIA). You may lodge a complaint with the Information Regulator of South Africa at https://inforegulator.org.za.

11.6 EEA/UK residents. If you are based in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the right to lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact us at https://greeff.dev/contact or pio@greeff.dev. We will respond within 30 days.

12. Data Retention Summary

Data TypeLocationRetention
Cloud storage credentialsYour OS keychainUntil you delete the profile
Profile metadata and settingsYour device (local)Until you uninstall or reset the app
Activity and transfer logsYour device (local)Subject to your configured retention limit
Multipart session filesYour device (local)Until upload completes or is discarded
Diagnostic bundles (if sent to us)greeff.dev secure storageUntil support request is resolved
Purchase recordsPayment processor + greeff.devMinimum 5 years (legal obligation)
Update check logsgreeff.dev server logsMaximum 30 days
Website analytics events (marketing site only)Google AnalyticsRetained according to the Google Analytics retention period configured for the property
Consent preferences (marketing site only)UsercentricsRetained according to Usercentrics configuration and applicable compliance requirements

13. Changes to This Policy

If we make material changes to this Privacy Policy, we will update this page and, where appropriate, notify users via the Software's update notification system or by email to the address associated with a license. The "Last Updated" date at the top of this document reflects the most recent revision. Continued use of the Software or the website after the effective date constitutes acceptance of the revised policy.

14. Contact

For privacy inquiries, data requests, or concerns:

Web: https://greeff.dev/contact
Email: pio@greeff.dev
Response time: We aim to respond to all privacy requests within 10 business days.