← back to kept

Privacy Policy

Last updated: 2026-05-03 · Applies to the kept.work website

This policy explains what personal data the kept.work website collects, why, and what rights you have. It applies only to this website. The Kept desktop application is local-first by design: it stores conversations on your own device and does not transmit them to us or any third party. Nothing in this policy describes data collection by the app itself, because there isn't any.

1. Who is responsible for your data

Data controller: E-Group ICT Software Zrt.
Trading as: E-Group Labs
Registered address: 1022 Budapest, Alsó Törökvész út 2., Hungary
Privacy contact: info@egroup.hu

E-Group ICT Software Zrt. (operating under the brand E-Group Labs) is the data controller for personal data processed through this website, within the meaning of Regulation (EU) 2016/679 (GDPR) and Hungarian Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information.

2. What we collect and why

2.1 Server access logs

Like virtually every web service, our hosting infrastructure records basic technical information about each request: IP address, user-agent string, requested URL, response status, and timestamp. We use these logs to operate the site, diagnose errors, and detect abuse.

  • Legal basis: legitimate interest in operating a secure website (GDPR Art. 6(1)(f)).
  • Retention: typically 30-90 days, then deleted or anonymized.

2.2 Analytics (Google Analytics 4 via Google Tag Manager)

If you accept cookies, we load Google Tag Manager and Google Analytics 4 (property G-RFTJWY3Z0J). These services help us understand which pages are read, how visitors arrive, and roughly where in the world they are. Data collected includes anonymized IP address, browser and device characteristics, page paths, referrer, and approximate (city-level) geolocation.

  • Legal basis: your consent (GDPR Art. 6(1)(a)). You can withdraw consent at any time by clearing the kept-cookie-consent entry in your browser's local storage and reloading the page; the banner will reappear.
  • Recipients: Google Ireland Limited and, in some configurations, Google LLC in the United States.
  • International transfers: Google may process data in the United States. We rely on the EU-U.S. Data Privacy Framework and on Standard Contractual Clauses where applicable.
  • Retention: Google Analytics retains user-level event data for the period configured in our property (default: 14 months) before automatic deletion.

We have configured Google Consent Mode v2, which means analytics, advertising, ad personalization, and ad-user-data signals are denied by default and only become granted after you click "Accept" on the cookie banner.

2.3 Consent record

Whichever choice you make on the cookie banner is stored in your browser's local storage under the key kept-cookie-consent. This is necessary so that we don't show you the banner on every visit. It is not transmitted to our servers.

  • Legal basis: legitimate interest in respecting and remembering your choice (GDPR Art. 6(1)(f)).
  • Retention: until you clear your browser storage.

2.4 Embedded fonts

We load typefaces from Google Fonts (fonts.googleapis.com, fonts.gstatic.com). When your browser fetches these files, your IP address and user-agent are visible to Google. Google states that no cookies are set for font requests.

3. What we do not do

  • We do not sell or rent personal data.
  • We do not run advertising on this site, and we do not perform behavioral profiling.
  • We do not access, read, or transmit the AI conversations stored locally by the Kept desktop application. They never leave your machine via Kept.

4. Your rights under the GDPR

Insofar as we process personal data about you, you have the right to:

  • Access the data we hold about you (Art. 15).
  • Rectify inaccurate data (Art. 16).
  • Erase your data, where applicable (Art. 17).
  • Restrict processing (Art. 18).
  • Portability — receive your data in a structured, machine-readable form (Art. 20).
  • Object to processing based on legitimate interest (Art. 21).
  • Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, write to info@egroup.hu. We respond within one month of receiving a verifiable request.

5. Lodging a complaint

If you believe our processing of your personal data violates the GDPR or Hungarian data protection law, you may lodge a complaint with the Hungarian supervisory authority:

Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)
1055 Budapest, Falk Miksa utca 9–11, Hungary
naih.hu

You may also lodge a complaint with the supervisory authority of your habitual residence within the European Economic Area.

6. Children

This website is a developer-tool landing page and is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

7. Changes to this policy

We may update this policy when our processing practices change or when required by law. The "Last updated" date at the top of the page reflects the most recent revision. Material changes will be announced on this page; please check back periodically.