Privacy Policy

1. What we collect

When you create an account we store the basics: your name, email address, and profile picture from the OAuth provider (Google or GitHub) you signed in with. We do not see your OAuth password.

When you submit a build we store the project files you upload, the metadata you provide (app name, package name, version, theme), and the generated outputs (APK, AAB, icons, store assets).

2. How we use it

We use your data exclusively to deliver the service — running the build, returning the artifact, and surfacing your history in the dashboard. We do not sell your data, share it with advertisers, or use it to train models.

3. Retention

Uploaded source files and build artifacts are retained for the duration of your plan's retention window (5 days on Free, 30 days on Pro). Account profile data is retained until you delete your account.

4. Third-party processors

We rely on the following sub-processors to operate the service:

• Vercel (web hosting + edge network)
• Supabase / Neon (Postgres database)
• AWS S3 or Cloudflare R2 (build artifact storage)
• Google & GitHub (OAuth authentication)
• OpenAI (only when AI store-asset generation is invoked)
• Stripe (billing, for paid plans)

5. Security

All traffic is HTTPS-only. Passwords are never stored (we use OAuth exclusively). Build secrets like signing keystores are encrypted at rest. See our security page for details.

6. Your rights

You can export or delete your account and all associated data at any time from Settings. For GDPR / CCPA requests email privacy@web2apk.ai.

7. Changes

Material updates to this policy will be announced in-product 30 days before they take effect.