Privacy Policy

Last updated: December 2024

1. Overview

AppGorilla, Felix Plastrotmann, Sprengelstraße 4-5, 13353 Berlin, Germany ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information about you when you use our website and services.

2. Information We Collect

Information you provide:

  • Email address (when you create an account)
  • Deal submissions (app information, pricing, descriptions)
  • Votes and interactions with deals

Information collected automatically:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Click tracking for deal links

3. How We Use Your Information

  • To provide and improve our services
  • To process deal submissions and votes
  • To send notifications about deals you're interested in
  • To track clicks for developer billing purposes
  • To analyze usage and improve user experience
  • To prevent fraud and abuse

4. Legal Basis for Processing (Art. 6 GDPR)

We process your personal data based on the following legal grounds:

  • Account data & authentication: Contract performance (Art. 6(1)(b) GDPR)
  • Deal submissions: Contract performance (Art. 6(1)(b) GDPR)
  • Click tracking for billing: Legitimate interest (Art. 6(1)(f) GDPR)
  • Analytics/usage data: Legitimate interest (Art. 6(1)(f) GDPR)
  • Fraud prevention: Legitimate interest (Art. 6(1)(f) GDPR)

5. Third-Party Services

We use the following third-party services:

  • Supabase - Authentication and database hosting
  • Vercel - Website hosting and analytics
  • Stripe - Payment processing for developers

Each of these services has their own privacy policy governing how they handle your data.

6. International Data Transfers

Supabase, Vercel, and Stripe may process data in the USA. These transfers are protected by EU Standard Contractual Clauses (SCCs). You can request copies of these safeguards by contacting us at the email address below.

7. Cookies

We use minimal, functional cookies necessary for the operation of our service:

  • Authentication cookies (to keep you logged in)
  • Session cookies (for basic functionality)

We do not use tracking cookies or third-party advertising cookies.

8. Data Sharing

We do not sell your personal information. We may share data:

  • With service providers who help us operate our platform
  • When required by law or legal process
  • To protect our rights or the safety of users
  • Aggregated, anonymized data for analytics

9. Data Retention

We retain your personal information for the following periods:

  • Account data: Until account deletion + 30 days
  • Click/analytics data: 26 months
  • Payment records: 10 years (German tax law requirement)

You can request deletion of your data at any time, subject to legal retention requirements.

10. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent
  • Lodge a complaint with a supervisory authority (for Germany: Berliner Beauftragte für Datenschutz und Informationsfreiheit, www.datenschutz-berlin.de)

To exercise these rights, contact us at: felixplastrotmann@gmail.com

11. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit and at rest, secure authentication, and regular security audits.

12. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

14. Contact Us

If you have questions about this Privacy Policy, contact us at:
Email: felixplastrotmann@gmail.com