Privacy policy
AppValidate Privacy Policy
Last updated 14 July 2026
We collect only what we need to produce your report: your email address (to send you the private link) and the idea, audience, and competitors you describe. To generate the report we send those inputs, and public data we gather about the topic, to third-party AI providers (Anthropic, OpenAI, Google Gemini, and Perplexity) and to DataForSEO for search data. We do not train AI models on your data, and these providers do not train their models on it under the API terms we use. We do not sell your data, and you can ask us to delete everything at any time by emailing hello@appvalidate.io.
1. Who we are
This Privacy Policy describes how AppValidate ("we", "us", or "our") collects, uses, and shares information when you use the Service at appvalidate.io. AppValidate is operated by AfterLaunch Technologies, with its principal place of business at D-704, Neelkanth Business Park, Mumbai 400086, India.
For any privacy question or request, contact us at hello@appvalidate.io.
2. Information we collect
2.1 Information you provide
- Email address: so we can email you the private link to your report, and so you can optionally sign in to see reports you have bought.
- Your idea input: the product idea, the target audience, and any competitor names you type into the form.
- Communications: any messages you send us by email.
2.2 Information collected automatically
- Usage data: the pages you visit and the actions you take, so we can run and improve the Service.
- Device information: browser type, operating system, and IP address, used for security and rate limiting.
- Cookies: essential cookies for the optional sign-in session only. We do not use advertising or tracking cookies.
2.3 Information generated by the Service
- Your report: the demand, competition, AI-answer, community, verdict, and build-contract content we generate for your idea.
- Research data: the public search results and community threads we gather about your topic to produce the report.
2.4 Payment information
Payments are handled by Dodo Payments, our merchant of record. You enter your payment details on their checkout, not on ours. We receive confirmation that a payment succeeded and a payment identifier so we can link your report to your purchase. We never see or store your full card details.
3. How we use information
We use information to:
- Produce and deliver your report
- Email you the private link and, if you sign in, list the reports you have bought
- Take payment (through our merchant of record)
- Run, secure, and improve the Service, including detecting abuse and preventing fraud
- Respond to your support messages
- Comply with our legal obligations
4. AI processing
To produce your report, the Service sends your inputs (your idea, audience, and competitor names) together with public data we gather about the topic to third-party AI providers, which act as our sub-processors:
- Anthropic (Claude): primary analysis and report writing
- OpenAI: AI-answer analysis
- Google (Gemini): AI-answer analysis
- Perplexity: AI-answer analysis
- DataForSEO: Google search results and AI Overview data used to measure demand and competition
When you use the Service:
- Your inputs and the public topic data described above may be sent to these providers for processing
- We do NOT train any AI or machine-learning model on your data
- These providers do NOT train their models on your data either. We use their API tiers, which exclude your content from model training under their published terms
- The outputs are returned to us, stored in our database, and made available to you as your report
You can read these providers' privacy policies at anthropic.com, openai.com, policies.google.com, perplexity.ai, and dataforseo.com.
5. How we share information
We share information only as described here:
- Service providers: we use third parties to operate (hosting via Vercel, database and sign-in via Supabase, email via Resend, background jobs via Inngest, AI via Anthropic, OpenAI, Google, and Perplexity, search data via DataForSEO, and payments via Dodo Payments). They process data on our behalf under their own privacy obligations. Dodo Payments acts as merchant of record, which means they handle applicable taxes on our behalf.
- Legal compliance: where required by law, regulation, court order, or to protect rights and safety.
- Business transfers: if we are acquired or merge, your information may transfer, and we would notify you.
We do NOT:
- Sell your personal information to anyone
- Share your information with advertisers
- Use your data to train external AI models
6. Data retention
- Your report and the input that produced it: retained so you can return to your private link and, if you sign in, see your past reports. Deleted on request.
- Email and communications: retained while relevant to support and record-keeping.
- Server logs and security data: retained for a short period for security and abuse prevention.
- Payment records: retained as required by law (typically several years for tax compliance).
7. Your rights
Depending on where you live, you may have rights to:
- Access: request a copy of your data
- Correction: update inaccurate data
- Deletion: request deletion of your data
- Portability: receive your data in a machine-readable format
- Object: object to specific processing
- Withdraw consent: where processing is based on consent
For EU and UK users these rights are guaranteed under the GDPR; for California users under the CCPA; elsewhere, similar rights may apply under local law.
To exercise any right, email hello@appvalidate.io. We will respond within 30 days.
8. Data security
We use industry-standard practices:
- TLS encryption in transit
- Encryption at rest for databases
- Access controls limiting who can read sensitive data
- Regular review of our infrastructure
No system is perfectly secure. If we discover a security incident affecting your data, we will notify you and the authorities as required by law.
9. International data transfers
We are based in India. Our infrastructure and AI providers may store and process data in other countries, including the United States and the European Union. For EU and UK users, we rely on Standard Contractual Clauses or equivalent legal mechanisms for transfers outside the EU and UK.
10. Children's privacy
The Service is for business use by adults. We do not knowingly collect information from anyone under 18. If you believe we have, contact us and we will delete it.
11. Cookies
We use essential cookies only, for the optional sign-in session and for security. We do not use advertising, third-party analytics, or behavioural tracking cookies.
12. Changes to this policy
We may update this Privacy Policy. Material changes will be reflected by updating the "last updated" date above. Continued use after a change constitutes acceptance.
13. Contact
For privacy questions, requests, or concerns, email hello@appvalidate.io.
AfterLaunch Technologies, D-704, Neelkanth Business Park, Mumbai 400086, India.
Annex: sub-processors
Last updated 14 July 2026. The third parties that process data on our behalf:
- Vercel: hosting (United States)
- Supabase: database, sign-in, storage (United States)
- Resend: email delivery (United States)
- Inngest: background job orchestration (United States)
- Anthropic: AI analysis and report writing (United States)
- OpenAI: AI-answer analysis (United States)
- Google (AI Studio): AI-answer analysis (United States)
- Perplexity: AI-answer analysis (United States)
- DataForSEO: search results and AI Overview data (United States)
- Dodo Payments: payment processing, merchant of record (United States)
This list may change as our infrastructure evolves. Material changes are communicated per Section 12.