WORK IN PROGRESS - THIS IS NOT THE FINAL VERSION OF THIS PRIVACY POLICY Terms of Service, Privacy Policy, and Cookie Policy --- Effective Date: 2026-07-02 Last Updated: 2026-07-02 Welcome to msg.mrks.se ("we," "our," or "us"). By accessing or using our applications, you agree to be bound by the terms and policies outlined in this document. If you do not agree to these terms, please do not use our service. This document is divided into three parts: Terms and conditions, Privacy policy and Cookie policy. PART 1: TERMS AND CONDITIONS --- 1. Acceptable Use You may use our service for any purpose you wish, provided that your use is entirely legal and what you believe to be moral. You agree not to use the services to facilitate illegal activities, distribute illegal material, harass others, or engage in any behavior that violates applicable laws or what can reasonably be assumed to be moral. 2. No Guarantee of Service (As-Is) Our service is provided on an "as is" and "as available" basis. We do not guarantee any uptime, reliability, or continuous availability of the application. We are not liable for any disruptions, delays, or data loss that may occur while using the service. 3. Account Termination We reserve the absolute right to suspend, restrict, or completely delete any account, at any time, for any reason, and without any prior notice. 4. Limitation of Liability To the maximum extent permitted by law, we and our operators shall not be liable for any direct, indirect, incidental, special, or consequential damages resulting from your use of, or inability to use, the service. PART 2: PRIVACY POLICY --- We are committed to data minimization and user privacy. Because our chat application is fully encrypted, we do not have access to the content of your messages or the contents of the files you send. 1. Data We Collect and Why We only collect the absolute minimum data required to keep the service functional and secure. This data includes: - IP Addresses & Login Attempts: We log IP addresses and login attempts strictly for security purposes, authentication, and rate limiting to prevent abuse (e.g., DDoS attacks, brute-force logins or bot account creation). - Metadata (File Sizes): We collect the size of the files you transfer. We do not and cannot access the files themselves. This is used strictly for load balancing, server capacity management and abuse detection. - Who you are sending messages to In order to distribute your messages and attached files to other users we, upon your request, collect the information necessary to distribute your message, including the *encrypted* message contents, the user you are sending the message to and any metadata necessary to fulfill your request (e.g group id and name). 2. Legal Basis for Processing Under the GDPR, our legal basis for collecting this minimal data is our Legitimate Interest (Article 6(1)(f) GDPR) in securing our platform, preventing abuse, and ensuring the technical stability of the service, as well as the Performance of a Contract (Article 6(1)(b) GDPR) to provide you with the chat functionality you requested. 3. Data Sharing We do not sell, rent, or share your data with any third-party marketing or advertising companies. Data may only be shared if legally compelled by a valid court order (though we can only provide the metadata we actually possess, and the encrypted contents of messages). 4. Data Retention Security logs containing IP addresses and login attempts are routinely deleted and are kept only for as long as necessary to fulfill the security and rate-limiting purposes outlined above, which is typically 30 days. 5. Your GDPR Rights Under the GDPR, you have the right to access, rectify, or erase your personal data (such as your IP address logs). You also have the right to restrict or object to our processing of your data. To exercise these rights, please contact us at dpo@mrks.se. PART 3: COOKIE POLICY --- 1. How We Use Cookies Our application uses cookies strictly for essential technical purposes. We do not use cookies for tracking, analytics, or advertising. 2. Essential Session Cookies We place a single session cookie on your device. This cookie is strictly necessary to authenticate your session, keep you logged in while you use the application, and ensure secure communication between your device and our servers. 3. Cookie Consent Because the cookie we use is strictly necessary for the service to function (an exempt cookie under the EU ePrivacy Directive), we do not require your explicit consent via a cookie banner to place it on your device. However, we believe in full transparency, which is why it is disclosed here. You can configure your browser to block this cookie, but doing so will mean you cannot log in or use the application in any meaningful way. Contact Us --- If you have any questions about these terms or how we handle your data, you can contact us at: Email: dpo@mrks.se Data Controller: [TODO]