ASOshots ("we", "us") helps mobile-app developers produce localized App Store screenshots through AI-driven rendering. This policy explains what personal data we collect, how we use it, and the choices you have. Plain-language summary first; detailed clauses below.
1. The short version
- We collect only what we need to run the product: account email, uploaded screenshots, generated outputs, and billing identifiers.
- Your raw screenshots are processed by third-party image models (Google Gemini) to produce the polished outputs. Inputs are not used for training without explicit opt-in.
- We never sell personal data. We don't run advertising trackers.
- You can export or delete your account data any time from account settings or by emailing privacy@asoshots.com.
2. Data we collect
Three categories:
- Account data — email, name, profile image (from Google or GitHub OAuth), account creation timestamp, plan tier, credit balance, billing identifiers.
- Project data — raw screenshots you upload, app metadata you enter (name, description, hooks), generated screenshot assets, generation logs and timestamps.
- Usage data — page views, feature usage, error reports. Used to debug issues and measure product health. No third-party advertising trackers.
3. How we use your data
- To run your account and process generations you request.
- To bill the subscription you signed up for.
- To send transactional email (welcome, generation complete, payment receipts). You can opt out of marketing emails at any time.
- To detect abuse, fraud, or service-degrading workloads.
- To debug issues and improve the product.
4. Third-party processors
Limited number of subprocessors, each contractually bound to handle your data only to operate the service:
- Google (Gemini API)— image generation. Inputs (your screenshots + prompts) are sent at generation time. Per Google's terms, paid-tier inputs are not used for model training.
- Supabase — managed Postgres + object storage. Hosts your account and project data.
- Vercel — application hosting and edge delivery.
- Stripe — subscription billing. We receive the subscription identifiers; payment card data is held by Stripe.
- Resend (or equivalent) — transactional email delivery.
5. Data retention
- Active accounts — project data is kept as long as the account is active.
- Account deletion — to delete your account, email privacy@asoshots.com from the address on the account. We process deletion requests within 30 days. Some billing records are retained as required by tax law (typically 7 years) and personal-identifying data is stripped from those records where possible.
- Inactive accounts — long-dormant accounts may be archived or deleted at our discretion to free storage. We will attempt to give you advance notice via the email on file before deletion.
6. Your rights (GDPR / KVKK / CCPA)
- Access — request a copy of every personal data point we hold about you.
- Rectification — correct inaccurate account info.
- Erasure — delete your account and all associated data (with the billing-record exception above).
- Portability — export your project data in a machine-readable format.
- Withdraw consent — opt out of any non-essential processing at any time.
To exercise any right, email privacy@asoshots.com. We respond within 30 days.
7. Security
Data in transit is encrypted with TLS 1.2+. Data at rest is encrypted at the storage layer (industry-standard AES-256 via our managed Postgres and object-storage providers). Production database access is gated behind least-privilege service-role keys; we rotate these on a periodic basis and after any suspected exposure. Sensitive operations are logged for audit.
We're a small team. We don't claim certifications we don't hold (no SOC2, no ISO 27001 — yet). We do follow the baseline security practices listed above; if you need formal attestation for procurement, contact legal@asoshots.com.
8. Children
ASOshots is intended for professional app developers. We do not knowingly collect data from anyone under 16. If you believe we have, contact us and we'll delete it.
9. Changes to this policy
We'll announce material changes with reasonable advance notice — via the email on file where we have it, and / or a banner on the dashboard when you next log in. The "effective date" at the top of this page reflects the most recent revision. Minor edits (typos, clarifications) may be made at any time without separate notice.
10. Contact
Questions, requests, or complaints: privacy@asoshots.com. EU data subjects can also lodge a complaint with their local supervisory authority.