Privacy Policy

Last updated: March 6, 2026

1. Introduction

AppScreens ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website and services at appscreens.store ("the Service").

2. Data We Collect

Account Information

When you create an account, we collect your email address, name, and password (hashed). If you sign in with Google, we receive your name, email, and profile picture from Google.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card details. Stripe may collect payment information in accordance with their privacy policy.

Usage Data

We may collect anonymized usage data such as pages visited, features used, and device information to improve the Service.

Cookies

We use essential cookies for authentication (JWT session cookies). We do not use third-party tracking cookies.

3. How We Use Your Data

We use your personal data to:

  • Provide and maintain the Service
  • Manage your account and subscription
  • Process payments through Stripe
  • Send transactional emails (account confirmation, password resets, billing)
  • Improve the Service based on usage patterns

We do not sell your personal data to third parties. We do not send marketing emails unless you explicitly opt in.

4. Data Storage and Security

Your data is stored on secure servers provided by Railway (database) and Vercel (web hosting). Passwords are hashed using bcrypt. All connections use HTTPS/TLS encryption.

5. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — payment processing
  • Google OAuth — optional sign-in
  • Cloudflare — DNS, CDN, and DDoS protection
  • Railway — database and API hosting
  • Vercel — web application hosting

6. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — receive your data in a structured, machine-readable format
  • Object — object to processing of your data
  • Withdraw consent — at any time, without affecting prior processing

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it.

8. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal data from children. If we learn that we have collected data from a child under 16, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top reflects the latest revision.

10. Contact

If you have questions about this Privacy Policy or your data, contact us at [email protected].