This Privacy Policy explains how StorePush ("StorePush", "we", "us", "our") collects, uses, discloses, and safeguards information when you use our SaaS platform at storepush.dev (the "Service"). By accessing or using the Service you agree to the practices described here. If you do not agree, please discontinue use.
This Policy should be read together with ourTerms of Service.
1. Information We Collect
- Account Information: Name (if provided), email address, authentication/session identifiers, subscription status, usage limits.
- App Data: App Store metadata (versions, localizations, descriptions, release notes, keywords, screenshots, build info), review content and responses, analytics data synchronized from Apple App Store Connect (where you enable sync).
- Credentials: Apple App Store Connect API credentials (key ID, issuer ID, app/store ID, private key) necessary to perform sync and push operations. We do not use these credentials for purposes other than providing the Service's core functionality.
- Usage Data: Feature usage counters, task/job execution metadata, progress metrics, timestamps, and generated AI usage types for quota enforcement and product improvement.
- AI Processing Data: Text you submit for translation, review sentiment analysis, review response drafting, and prediction prompts is sent to integrated AI providers (e.g., OpenRouter) to generate outputs.
- Payment Data: Billing address (if collected), subscription plan, Polar customer ID. Full payment instrument details are handled directly by Polar; we do not store your full card number.
- Technical Data: IP address, device/browser characteristics, pages/components accessed, referrer, error logs, queue/job runtime traces. Collected via server logs and essential analytics.
- Support Communications: Emails and support tickets, including any metadata or diagnostic information you voluntarily provide.
2. How We Collect Information
- Directly from you when you register, configure apps, or submit content.
- Automatically via synchronization jobs from Apple App Store Connect APIs.
- Automatically through server logs and queue processing events.
- Through AI feature requests you initiate (sent to integrated AI providers).
- Via our payment processor when you subscribe or manage billing.
- From support interactions and feedback submissions.
3. Purposes of Processing
- Provide, operate, and maintain the Service and background task queue.
- Synchronize, edit, translate, and push App Store metadata and analytics.
- Generate AI translations, sentiment analyses, review responses, and predictions.
- Authenticate users and enforce usage limits & subscription entitlements.
- Process payments, manage subscriptions, and prevent fraud.
- Improve reliability, performance, and feature relevance via aggregated usage.
- Provide customer support and communicate service changes.
- Comply with legal obligations, enforce Terms, and protect rights.
4. Legal Bases (EEA/UK Users)
Where applicable: (a) Performance of a contract (core Service functions); (b) Legitimate interests (service improvement, security); (c) Consent (optional AI features where required); (d) Compliance with legal obligations (accounting, fraud prevention).
5. AI Processing
When you invoke AI features, relevant text and contextual metadata are sent to AI model providers via OpenRouter. Outputs may be cached by those providers consistent with their policies. We do not use AI outputs to build user profiles beyond feature usage counts. Do not submit sensitive personal data to AI features.
6. Data Sharing and Disclosure
- Apple App Store Connect: We exchange app metadata, analytics, and review information using your provided credentials strictly to perform synchronization and push operations you request or schedule.
- Payment Processor (Polar): Billing and subscription management; limited personal data and plan details shared.
- AI Providers (via OpenRouter): Text prompts and necessary context to produce requested AI outputs.
- Infrastructure & Hosting: Cloud hosting, database, storage, queuing, and monitoring services required to operate the Service.
- Legal & Compliance: Disclosures required by law, regulation, subpoena, or court order; enforcement of Terms and protection against fraud, abuse, or security threats.
- Business Transfers: In merger, acquisition, or asset sale scenarios, data may transfer subject to continued protection obligations.
We do not sell personal data.
7. Security
We apply reasonable technical and organizational measures (segmented infrastructure, access controls, dependency updates, monitoring) to protect data. No system is perfectly secure. You are responsible for safeguarding credentials and limiting access within your organization.
8. Data Retention
We retain data for the duration of your account plus a reasonable period for backups, auditing, and legal compliance. Upon account closure we may delete, anonymize, or aggregate data according to retention schedules. AI prompt logs may be retained for abuse monitoring and quality improvement.
9. Your Rights
Depending on jurisdiction you may have rights to access, correct, delete, port, or restrict processing of personal data, and to object to certain processing. You may also withdraw consent where processing relies on consent.
To exercise rights, contact[email protected]. We may need to verify your identity before fulfilling requests.
10. International Transfers
We may process data in jurisdictions different from your own. Where required, we rely on appropriate safeguards (such as contractual clauses) for cross‑border transfers.
11. Children
The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us for removal.
12. Changes to This Policy
We may update this Policy from time to time. Material changes will be indicated by the "Last updated" date or in‑app notices. Continued use after changes becomes acceptance.
