appapprovePrivacy

Privacy Policy

Last updated: 2026-04-30

Who we are

AppApprove is a managed release pipeline for Shopify Apps. This policy explains what data we collect when you use appapprove.com, why, how we use it, and what rights you have.

Data we collect

We collect three categories of data:

  • Waitlist signups: email address you submit voluntarily on the waitlist form.
  • Pre-submission check inputs: the app URL, privacy policy URL, shopify.app.toml contents, source-code snippets, and listing copy you submit on /check. These are processed in memory to generate a report and are not persisted to durable storage.
  • Telemetry: standard request logs (IP, user agent, timestamps), error traces (via Sentry when configured), and aggregated usage analytics (page views, feature adoption).

Why we collect it

  • Email: to notify you when AppApprove reaches beta and to send product updates. Unsubscribe at any time.
  • Check inputs: to run the compliance audit and return your report. Inputs are sent to AI providers (currently Google Gemini) for the listing-copy review when you provide listing copy.
  • Telemetry: to keep the service reliable, debug errors, and understand which features merchants find useful.

Third parties we share data with

  • Resend — email delivery for the waitlist and transactional messages.
  • Google (Gemini API) — AI-powered listing-copy review. Listing copy you submit is sent to Google's API for evaluation. See Google's Gemini API terms.
  • Vercel — hosting infrastructure. Standard request logs are processed under Vercel's privacy policy.
  • Sentry (if enabled) — error and performance monitoring. Error reports may include sanitized excerpts of request data.

We do not sell your data and we do not use it for advertising.

Retention

  • Email addresses: retained until you unsubscribe or request deletion.
  • Pre-submission check inputs: processed in memory, not persisted. After a report is rendered, inputs are discarded.
  • Telemetry: request logs retained for 30 days, error traces retained for 90 days.

Your rights (GDPR, CCPA)

You have the right to:

  • access the personal data we hold about you
  • correct inaccurate data
  • delete your data ("right to be forgotten")
  • port your data to another service
  • object to processing or restrict it
  • withdraw consent at any time

Email privacy@appapprove.com to exercise any of these rights. We respond within 30 days.

Cookies

AppApprove uses essential cookies for session management and CSRF protection. We do not use advertising or cross-site tracking cookies.

Changes to this policy

We will post any changes here and update the "Last updated" date. Material changes will be communicated via email to waitlist subscribers.

Contact

Questions: privacy@appapprove.com