StoreGuard logoStoreGuard

Privacy Policy

Your privacy matters to us

Last updated October 10, 2025

StoreGuard (“we”, “us”, “our”) provides automated compliance scanning for mobile apps. This Privacy Policy explains how we handle the information you share with us when using storeguard.dev, the dashboard, and connected services.

Information we collect

  • Account details such as email address and name provided during sign-up.
  • Workspace configuration, app metadata, scan history, and generated reports.
  • Source code bundles uploaded directly or retrieved via GitHub when you connect a repository.
  • Billing and subscription details processed through Polar.sh; card data is never stored on our servers.
  • Usage analytics captured via Umami to understand feature adoption without cookies.

How we use your data

  • Authenticate your workspace and authorise scans.
  • Run automated analysis through our Supabase infrastructure and AI providers (Anthropic, OpenAI) to surface policy risks.
  • Deliver notifications, invoices, and product updates relevant to your account.
  • Improve StoreGuard by understanding anonymised usage patterns and product performance.

Data retention & security

ZIP uploads and Git repositories are processed inside temporary, access-controlled environments and purged at the end of every scan. Completed scans and generated reports are retained indefinitely for Pro workspaces and for 30 days on the free plan. We enforce Row Level Security (RLS) across Supabase tables and require service-role credentials for worker operations. GitHub personal access tokens are encrypted at rest and never returned in API responses.

Your rights

You can export or delete your workspace data at any time from the dashboard. Requests are processed automatically via our GDPR endpoints and honoured within 48 hours. You may also contact us directly for access, correction, or portability requests.

Third-party services

StoreGuard relies on Supabase (hosting and authentication), BullMQ/Redis (job orchestration), Anthropic/OpenAI (AI analyzers), Polar.sh (billing), and Umami (privacy-first analytics). These providers only receive the minimum information needed to deliver StoreGuard features.

Contact

Questions or privacy requests can be emailed to contact@storeguard.dev. We typically respond within 24 hours for Pro workspaces and 48 hours for the free plan.