Legal

Privacy Policy

Effective date: April 19, 2026 · Last updated: April 19, 2026

This Privacy Policy explains how AppGenie ("AppGenie", "we", "us", or "our") collects, uses, discloses, and safeguards personal information when you visit getappgenie.com or use the AppGenie AI app builder (the "Service"). By using the Service you agree to the collection and use of information in accordance with this Policy.

We designed AppGenie to collect the minimum data needed to operate the Service reliably and securely. We do not sell your personal information. We do not use your prompts or generated code to train general-purpose AI models.

1. Information we collect

We collect information in the following categories:

Account and identity

  • Name, email address, and profile image (from your account or OAuth provider).
  • Authentication data: hashed passwords (when you sign up with email/password), session tokens, OAuth identifiers from Google.
  • User role and account status flags used to operate the Service.

Usage and telemetry

  • Pages and features visited within the Service, timestamps, and session identifiers.
  • API requests, error logs, and pipeline events (e.g. which generation stage ran, how long it took, success or failure).
  • Browser type, operating system, device identifiers, and IP address (received via Cloudflare headers).

Project content

  • The natural-language prompts you submit to the AI builder.
  • Generated code, project state, version history, and any files you upload or attach to a project.
  • Project metadata such as project name, settings, and creation timestamps.

Payment information (when paid plans are enabled)

  • Payment is processed by Polar, which acts as our merchant of record and handles PCI-compliant card processing and sales tax collection. AppGenie does not store full card numbers.
  • We retain a Polar customer identifier, the plan you are subscribed to, billing email, and high-level invoice metadata.

Communications

  • Support emails you send to us and our replies.
  • Transactional emails (verification, magic link, password reset, billing) sent through our email provider.

2. How we use your information

  • To provide, operate, and maintain the Service, including running the AI generation pipeline.
  • To create and authenticate your account, including session management and email verification.
  • To detect, prevent, and respond to fraud, abuse, or violations of our Terms.
  • To deliver transactional emails (verification, magic link, password reset, billing notices).
  • To improve the Service through aggregated, de-identified analysis (we do not use raw prompts or generated code for product analytics).
  • To comply with legal obligations and enforce our Terms.

3. AI prompts, generated code, and model training

We do not use your prompts, generated code, or project content to train general-purpose AI models. Your project content is processed by AI model providers (see Section 4) only for the purpose of generating output for that request.

We may store your prompts and generated artifacts so you can view your version history, resume a project, and so we can debug failures. You can delete a project at any time from your account.

You retain ownership of the code AppGenie generates for you. Our Terms govern the license between you and us; this Policy governs how we handle that data.

4. Third-party processors

We rely on the following sub-processors to operate the Service. Each is bound by its own data processing terms.

  • Microsoft Azure — application hosting (Azure Container Apps), database (PostgreSQL Flexible Server), and AI inference (Azure AI Foundry).
  • Cloudflare — edge network, DNS, DDoS protection, and TLS termination.
  • Google — Google OAuth for sign-in (only if you choose to sign in with Google).
  • Resend — transactional email delivery.
  • Polar — payment processing and merchant of record for paid plans (when enabled). Polar handles checkout, card processing, invoicing, and sales tax.

We will update this list when we add or remove sub-processors that handle personal data.

5. Cookies and similar technologies

We use first-party cookies that are strictly necessary to operate the Service, including session cookies for keeping you signed in and CSRF protection cookies. We do not use advertising cookies or third-party tracking pixels at this time.

If we add product analytics in the future, we will update this Policy and provide a cookie consent control where required by law.

6. Data retention

  • Account data — retained while your account is active. Deleted within 30 days of account deletion, except where we must retain it for legal, fraud prevention, or accounting reasons.
  • Project content — retained while your account is active or until you delete the project.
  • Server logs — retained for up to 90 days for debugging, abuse prevention, and security analysis.
  • Backups — encrypted database backups may retain copies of data for up to 35 days after deletion.
  • Email logs — Resend delivery metadata retained per Resend's policy.

7. International data transfers

AppGenie is operated from the United States and India. Our Azure resources are deployed primarily in the United States and EU regions. By using the Service you acknowledge that your information may be transferred to and processed in countries other than your own. Where required, we rely on Standard Contractual Clauses with our sub-processors for transfers out of the EEA, UK, and Switzerland.

8. Security

We use industry-standard safeguards to protect your information, including TLS in transit, encryption at rest for managed databases, scoped credentials in a managed secret store, role-based access control, and IP-restricted ingress to backend services. No method of transmission or storage is perfectly secure; you use the Service at your own risk.

9. Your rights

Depending on where you live, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal information we hold about you.
  • Correction — ask us to correct information that is inaccurate or incomplete.
  • Deletion — ask us to delete your account and personal information, subject to legal exceptions.
  • Portability — request a machine-readable export of your account data.
  • Withdraw consent — where we process data based on consent, you may withdraw it at any time.
  • Object or restrict — ask us to restrict or stop certain processing.
  • Lodge a complaint — with your local data protection authority.

To exercise any of these rights, email [email protected]. We will respond within 30 days, or sooner if required by your jurisdiction.

California residents (CCPA/CPRA): AppGenie does not sell or share personal information for cross-context behavioural advertising. You have the right not to be discriminated against for exercising your privacy rights.

10. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes we will update the "Last updated" date at the top of this page and, where required by law, notify you by email or in-app notice. Continued use of the Service after a change indicates acceptance of the updated Policy.

12. Contact us

For privacy questions, requests, or complaints, contact us at: