Sign in
what's the app

Privacy Policy

Last updated: January 14, 2026

Welcome to whatsthe.app ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account, we collect your email address, name, and profile information.
  • Authentication Data: If you sign in with Google, we receive your Google profile information (name, email, profile picture).
  • API Credentials: If you connect revenue tracking services (RevenueCat, Apple App Store Connect, Google Play, Stripe, Adapty), we store encrypted API keys to fetch your app metrics.
  • Communication Data: Messages you send through our chat system, offer submissions, and email correspondence.
  • Transaction Information: Details related to app listings, offers, and acquisition deals.

1.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on the platform, and interaction patterns.
  • Device Information: Browser type, operating system, device type, and screen resolution.
  • Log Data: IP address, access times, and referring URLs.
  • Cookies: We use cookies and similar technologies for authentication, preferences, and analytics.

1.3 Third-Party Data

  • Revenue Metrics: With your authorization, we fetch app revenue data from connected services (RevenueCat, Apple, Google Play, Stripe, Adapty).
  • Public App Store Data: App ratings, reviews, and publicly available app information.

2. How We Use Your Information

  • Provide Services: Display verified app metrics, facilitate buyer-seller communications, and process transactions.
  • Authentication: Verify your identity and maintain secure access to your account.
  • Communication: Send transactional emails, notifications about offers, and important updates.
  • Improvement: Analyze usage patterns to improve our platform and user experience.
  • Security: Detect and prevent fraud, abuse, and security threats.
  • Legal Compliance: Comply with applicable laws and respond to legal requests.

3. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All API keys and sensitive credentials are encrypted using AES-256-GCM encryption before storage.
  • Read-Only Access: We only use API keys to read revenue metrics. We cannot modify, update, or delete anything in your connected accounts.
  • Secure Transmission: All data is transmitted over HTTPS/TLS encrypted connections.
  • Access Controls: Strict access controls limit who can access sensitive data.
  • Regular Audits: We regularly review and update our security practices.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data in the following circumstances:

  • Public Listings: App metrics you choose to display publicly are visible to other users.
  • Buyer-Seller Communications: When you engage in transactions, relevant information is shared between parties.
  • Service Providers: We use trusted third-party services (Supabase, Resend, Plausible Analytics) that process data on our behalf.
  • Legal Requirements: We may disclose information if required by law or to protect our rights and safety.
  • Business Transfers: In the event of a merger or acquisition, user data may be transferred to the new entity.

5. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication services.
  • Google OAuth: Authentication provider for "Sign in with Google" functionality.
  • Resend: Email delivery service for transactional emails.
  • Plausible Analytics: Privacy-focused website analytics (no personal data collected).

Each service has its own privacy policy governing their use of data.

6. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update or correct inaccurate information.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Request your data in a portable format.
  • Withdraw Consent: Disconnect API integrations or revoke permissions at any time.
  • Opt-Out: Unsubscribe from marketing communications.

To exercise these rights, contact us at daveatt.attias@gmail.com.

7. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Required for authentication and core functionality.
  • Preference Cookies: Remember your settings (e.g., dark mode preference).
  • Analytics: We use Plausible Analytics, which does not use cookies and does not collect personal data.

You can manage cookie preferences through your browser settings.

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account deletion, we may retain certain data for legal compliance, dispute resolution, or legitimate business purposes for up to 90 days. Anonymized analytics data may be retained indefinitely.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where applicable.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Back to HomeTerms of Service
Privacy Policy|Terms of Service