Privacy Policy

AppAds Verify is operated by Patch and Prompt LLC, a Texas limited liability company ("we," "us," or "our"). This policy describes what data we collect when you use appadsverify.com, why we collect it, how it is stored, and your rights with respect to that data. AppAds Verify is not affiliated with, endorsed by, or sponsored by Google LLC or any of its products including AdMob.

We built this tool to diagnose app-ads.txt configuration issues. We have no interest in collecting data beyond what is strictly necessary to operate the service. This policy reflects that.

1. What we collect and why

Email address. We collect your email address when you create an account or sign in. We use it solely to send you a passwordless magic link for authentication, and to send monitoring alert emails if you enable monitoring for an app. We do not use your email for marketing without explicit opt-in, and we do not sell or share it with third parties for any purpose.

Scan inputs. When you run a scan, we store the Google Play Store URL or package name you provide, and optionally your AdMob publisher ID if you enter one. These are stored to display your scan history and to execute scheduled monitoring scans if you subscribe.

Scan results. We store the diagnostic results produced by each scan: HTTP status codes, redirect chains, robots.txt analysis output, app-ads.txt file structure, and named findings. We do not store the raw body of fetched files. Scan results are associated with your account if you are signed in, or stored anonymously if you run a free scan without an account.

Billing data. If you subscribe to the Pro plan, your payment is processed by Stripe. We do not receive or store your card number, CVC, or billing address. We store your email address, your Stripe customer ID, your subscription status, and the app ID associated with your subscription. Stripe's privacy policy governs how Stripe handles payment data.

Session data. When you sign in, we create a session record in our database containing your user ID and an expiry timestamp. A session token is stored in a secure, HTTP-only cookie in your browser. We do not use persistent tracking cookies or advertising cookies of any kind.

Server logs. Our hosting provider (Railway) generates standard server logs that may include IP addresses, request paths, and timestamps. These logs are used for debugging and infrastructure monitoring only. We do not use them for behavioral profiling.

2. What we do not collect

• We do not use Google Analytics, Meta Pixel, or any third-party analytics or advertising trackers.
• We do not collect device fingerprints, hardware identifiers, or behavioral telemetry.
• We do not collect location data beyond what is implicit in an IP address in server logs.
• We do not store passwords. Authentication is passwordless via magic link.
• We do not store the raw body of files fetched during scans.

3. Third-party services

We use the following third-party services to operate AppAds Verify. Each service receives only the data necessary for its function.

• Resend (resend.com): transactional email delivery. Receives your email address and the content of magic link and monitoring alert emails. Governed by Resend's privacy policy.
• Stripe (stripe.com): payment processing. Receives your email address and handles all payment card data directly. We never see your card details. Governed by Stripe's privacy policy.
• Railway (railway.app): cloud hosting for the application server, database, Redis queue, and background worker. Our database and application run on Railway's infrastructure. Governed by Railway's privacy policy.

We do not use any advertising networks, data brokers, or data enrichment services.

4. Data retention

We retain your data for as long as your account is active. Scan results and job records are retained indefinitely at this time; we have not yet implemented automated deletion schedules. If you would like your data deleted, contact us at admin@patchandprompt.com and we will delete your account, scan history, and associated billing records within 30 days.

Anonymous scan results (scans run without an account) are not linked to any identifiable person and are retained indefinitely as aggregate diagnostic data.

5. Data security

All data is transmitted over HTTPS. Our database is hosted on Railway with access restricted to the application server and worker processes. Session tokens are stored in secure, HTTP-only cookies and are validated on every authenticated request. We do not store plaintext credentials of any kind.

No method of transmission or storage over the internet is 100% secure. We apply reasonable technical measures but cannot guarantee absolute security.

6. Your rights

You may request access to, correction of, or deletion of your personal data at any time by emailing admin@patchandprompt.com. We will respond within 30 days. If you are located in the European Economic Area or United Kingdom, you may also have rights under GDPR or UK GDPR including the right to data portability and the right to lodge a complaint with a supervisory authority. If you are a California resident, you may have rights under the CCPA including the right to know what personal information we have collected and the right to request deletion.

7. Children

AppAds Verify is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us and we will delete it promptly.

8. Changes to this policy

We may update this policy as the service evolves. If we make material changes, we will update the effective date at the top of this page. Continued use of the service after a change constitutes acceptance of the updated policy. We will not retroactively weaken the privacy protections described here without explicit notice.

9. Contact

Patch and Prompt LLC
admin@patchandprompt.com