AppAdSwap

Privacy Policy

Last updated: 09.12.2025 · AppAdSwap (personal operator, Germany)

1. Data Controller

The data controller responsible for this service is:

Luis Krin
Germany

Contact: krinapps25@gmail.com

2. Data We Collect

We collect the following categories of data when you use AppAdSwap:

Account data: User ID, email address (via Supabase).
App metadata: app name, description, URL, logo URL, CTA text.
Usage & analytics: (hashed) IP address, user agent, impressions, clicks, viewport duration.
Payment metadata: payment status and subscription information from Stripe (we do not store card numbers).
Cookies & session data: session cookies for authentication (Supabase) and preferences.

3. Purpose of Processing & Legal Basis

We process personal data to:

Provide and operate the AppAdSwap service.
Track impressions and clicks for credit allocation.
Prevent fraud and abuse (rate-limiting, heuristics).
Process payments and subscriptions via Stripe.
Comply with legal obligations (tax, bookkeeping).

Legal bases include contract performance, legitimate interests (fraud prevention, analytics), and consent where applicable (cookies).

4. Third-Party Services

We rely on processors to operate the platform:

Supabase — authentication and database.
Vercel — hosting and serverless functions.
Stripe — payment processing (PCI-compliant).

These processors may store or process technical logs. We use appropriate legal safeguards (SCCs, data processing agreements) as required.

5. Data Retention

We retain data as follows:

Account data: until you delete your account (or longer if required by law).
Impressions & clicks: retained for analytics, fraud prevention, and operational integrity.
Payment records: retained according to legal obligations (accounting, tax).

6. Your Rights

Under the GDPR you have the right to:

Request access to your personal data.
Request rectification or deletion.
Request restriction of processing.
Object to processing on grounds related to your situation.
Request data portability.
Withdraw consent where processing is consent-based.

To exercise these rights, contact: krinapps25@gmail.com.

7. Data Security

We use industry standard measures including:

Encrypted connections (HTTPS).
Access controls and least privilege for the database.
Secure third-party processors (Supabase, Vercel, Stripe).

No system is 100% secure; we will notify affected users and authorities in case of a data breach as required by law.

8. Contact & Complaints

For privacy inquiries or to exercise your rights, contact:

Luis Krin
krinapps25@gmail.com

If you believe your rights under data protection law have been violated, you may also lodge a complaint with a supervisory authority in your country (in Germany: the relevant Landesdatenschutzbehörde).