Back

Stanfeld Remote Assist Privacy Policy

Last Updated: April 29, 2025

At Stanfeld Consulting ApS ("Stanfeld," "we," "us," or "our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Stanfeld Remote Assist application ("Service"), available at https://help.stanfeld.dk. By using the Service, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect the following types of information to provide and improve the Service:

• Personal Information:
  • Friendly Name: When you act as a helper, you provide a friendly name (alphanumeric, 1-30 characters) to identify yourself to the remote user. This name is shared with the remote user and temporarily stored on our servers.
  • IP Address: We collect your IP address to facilitate peer-to-peer connections and for security and usage monitoring purposes. IP addresses are logged when you connect to our signaling server or fetch your public IP via a third-party service (api.ipify.org).
  • One-Time Password (OTP): When you act as a receiver, a temporary 8-digit OTP is generated to pair you with a helper. OTPs are stored on our servers until they expire (typically 2 minutes) or are used.
• Non-Personal Information:
  • Browser and Device Information: We collect metadata about your browser and device (e.g., user agent, browser type) through Google reCAPTCHA v3 to verify that you are not a bot.
  • Usage Data: We log interactions with the Service, such as button clicks and connection events, to monitor performance and improve functionality.
  • Screen Sharing Data: When you share your screen as a receiver or helper (with receiver permission), the content is transmitted directly to the other party via encrypted WebRTC. We do not store or access the content of your screen.
  • Local Screen Recording Data: When you record your own screen as a receiver, the recording is processed locally on your device and downloaded directly to your device. No recording data is transmitted to or stored on our servers.
• Third-Party Data Collection:
  • Google reCAPTCHA: When you act as a helper, Google reCAPTCHA v3 collects browser and behavioral data to verify your identity. This data is subject to Google’s Privacy Policy and Terms of Service.
  • IP Address Service: We use api.ipify.org to fetch your public IP address when you act as a helper. This service may collect additional metadata, subject to their privacy policy.

2. How We Use Your Information

We use the collected information for the following purposes:

• To Provide the Service:
  • Pair receivers and helpers using OTPs.
  • Facilitate peer-to-peer screen sharing (from receiver to helper or helper to receiver with receiver permission) and chat via WebRTC.
  • Enable local screen recording for receivers, processed and stored solely on the user’s device.
  • Display friendly names to identify helpers to receivers.
• To Ensure Security:
  • Verify users with Google reCAPTCHA to prevent automated abuse.
  • Log IP addresses to detect and prevent unauthorized access or abuse.
  • Require explicit receiver permission for helper screen sharing or session recording to protect user privacy.
• To Improve the Service:
  • Analyze usage data to identify bugs, optimize performance, and enhance user experience.
• To Comply with Legal Obligations:
  • Retain logs as required by applicable laws or to respond to legal requests.

3. How We Share Your Information

We do not sell or rent your personal information. We may share your information as follows:

• With Other Users:
  • The helper’s friendly name and IP address are shared with the receiver to establish a connection and display connection status.
  • Screen sharing content (from receiver to helper or helper to receiver, with receiver permission) and chat messages are shared directly between the receiver and helper via encrypted WebRTC or the signaling server.
• With Service Providers:
  • Google reCAPTCHA processes browser and behavioral data to verify users.
  • api.ipify.org processes requests to fetch public IP addresses.
• For Legal Reasons:
  • We may disclose information to comply with legal obligations, protect our rights, or respond to law enforcement requests.
• With Your Consent:
  • We may share information with other parties if you provide explicit consent, such as approving helper screen sharing or session recording.

4. Data Security

We implement reasonable security measures to protect your information:

• Encryption: All communications (WebSocket, WebRTC, HTTP) use encrypted protocols (WSS, HTTPS, SRTP/DTLS) to prevent unauthorized access.
• Peer-to-Peer Connection: Screen sharing is peer-to-peer by default. If your firewall blocks HOST or STUN traffic, a TURN server relays communication, with all traffic encrypted using WebRTC standards. You can check the connection type (HOST, STUN, or TURN) using the "Status" button during a session.
• Temporary Storage: OTPs are stored temporarily and expire after 2 minutes or upon use. Friendly names and IP addresses are stored only for the duration of a session.
• Local Recording: Local screen recordings are processed and stored solely on your device. No recording data is transmitted to or stored on our servers.
• Access Controls: Log files are stored securely with restricted access.
• User Consent: Helper screen sharing and session recording require explicit permission from the receiver, ensuring user control over shared content.

Despite these measures, no system is completely secure. You share sensitive information (e.g., screen content) at your own risk, and we recommend closing sensitive applications before sharing your screen.

5. Data Retention

• OTPs: Deleted after 2 minutes or upon successful connection.
• Friendly Names and IP Addresses: Retained for the duration of the session and in logs for up to 30 days for security and debugging purposes.
• Usage Logs: Retained for up to 90 days to monitor performance and security.
• Screen Recordings: Not stored on our servers; recordings are saved locally on your device and managed by you.
• reCAPTCHA Data: Subject to Google’s retention policies (see Google’s Privacy Policy).

6. Your Rights

Depending on your jurisdiction (e.g., under GDPR for EU residents), you may have the following rights:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request corrections to inaccurate information.
• Deletion: Request deletion of your personal information, subject to legal obligations.
• Objection: Object to certain processing activities.

To exercise these rights, contact us at privacy@stanfeld.dk. We will respond within 30 days or as required by law.

7. Third-Party Links

The Service includes links to third-party services (e.g., Google reCAPTCHA, api.ipify.org). These services have their own privacy policies, and we are not responsible for their practices. We encourage you to review their policies before using the Service.

8. Children’s Privacy

The Service is not intended for users under 16. We do not knowingly collect personal information from children. If you believe we have collected such information, contact us at privacy@stanfeld.dk, and we will take appropriate action.

9. International Data Transfers

Our servers are located in Denmark. If you access the Service from outside Denmark, your information may be transferred to and processed in Denmark, where data protection laws may differ. By using the Service, you consent to this transfer.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, contact us at:

Stanfeld Consulting ApS
Email: privacy@stanfeld.dk
Address: Breeltehøj 21, Hørsholm, Denmark
CVR: DK39579553

Back