Privacy Policy

1. Information We Collect

Information You Provide

• Account Information: Name, email address, password, account type (developer/creator)
• Profile Information: Bio, avatar, social media links, portfolio items, company details
• Payment Information: Processed securely via Stripe; we do not store credit card numbers
• Campaign Data: Campaign details, budgets, requirements, applications, submissions
• Communications: Messages with other users, support requests, feedback
• Verification Data: Information provided for identity verification

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, interactions
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, referring URLs
• Cookies: Essential session cookies and preference cookies

Information from Third Parties

• Social Media: Public profile information when you link social accounts
• Stripe: Payment status, account verification status
• Analytics: Aggregated usage patterns

2. How We Use Your Information

We use your information for the following purposes:

• Service Provision: Operate and maintain the platform, process transactions
• Matching: Connect developers with appropriate creators based on criteria
• Communications: Send notifications, updates, and respond to inquiries
• Security: Detect, prevent, and address fraud, abuse, and security issues
• Improvements: Analyze usage patterns to improve our services
• Legal Compliance: Comply with applicable laws and enforce our terms
• Escrow Services: Manage payment holds and releases
• Dispute Resolution: Investigate and resolve disputes between users

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area, our legal bases for processing are:

• Contract: Processing necessary to perform our contract with you
• Legitimate Interest: Fraud prevention, security, service improvement
• Consent: Where you have given explicit consent (e.g., marketing)
• Legal Obligation: Compliance with applicable laws

4. Information Sharing

We do not sell your personal information. We may share information in these circumstances:

• Other Users: Profile information visible to platform users as part of normal functionality
• Service Providers: Third parties who assist our operations (Stripe, Supabase, Vercel, email services)
• Legal Requirements: When required by law, court order, or government request
• Safety: To protect rights, privacy, safety, or property of users or the public
• Business Transfers: In connection with merger, acquisition, or sale of assets
• With Consent: When you have given explicit permission

5. Data Retention

We retain your information for as long as necessary to provide our services and fulfill the purposes described in this policy. Specifically:

• Account Data: Retained while your account is active, plus 30 days after deletion
• Transaction Data: Retained for 7 years for tax and legal compliance
• Communications: Retained for 2 years after the conversation ends
• Log Data: Retained for 90 days

6. Data Security

We implement industry-standard security measures to protect your personal information:

• All data encrypted in transit using TLS 1.3
• Data at rest encrypted using AES-256
• Payment information handled directly by PCI-compliant Stripe
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Employee training on data protection

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data ("right to be forgotten")
• Portability: Request your data in a machine-readable format
• Restriction: Request restriction of processing
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time where consent was the basis

To exercise these rights, contact us at privacy@appshout.co

8. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

• Right to Know: What personal information we collect and how it's used
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: We do not sell personal information
• Non-Discrimination: Exercise rights without discriminatory treatment

To submit a request, contact us at privacy@appshout.co or use the settings in your account dashboard.

9. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission for transfers from the EEA.

10. Cookies

We use the following types of cookies:

• Essential Cookies: Required for platform functionality and authentication
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how users interact with our platform

We do not use advertising or tracking cookies. You can manage cookies through your browser settings.

11. Children's Privacy

AppShout is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or platform notification at least 30 days before taking effect. Continued use of the platform after changes constitutes acceptance.

13. Contact Us

For questions or concerns about this privacy policy or our data practices:

• Email: privacy@appshout.co
• Address: AppShout, Inc., Georgia, USA

For EEA residents, you also have the right to lodge a complaint with your local data protection authority.