Builder docs
Keeping your users’ data safe
If your app remembers anything about the people who use it (saved entries, uploaded files, profiles, history), you’re responsible for making sure one user can never see another user’s data. AppGild doesn’t do this for you, and we don’t check it. This guide shows you how builders handle it.
Do you even need this?
- Probably not if your app is a single-session tool: a calculator, a one-off generator, a form that emails a result and stores nothing per person. There’s no shared data to leak.
- Yes, you do if your app saves data tied to each user on a shared backend (a database, cloud storage). The moment two different customers have data in the same place, you need to keep them apart.
The one rule
Every time your app reads or writes data, it must check who’s asking and only return that person’s data. Never rely on hiding a button, a page, or a URL; anyone can change a URL.
How builders actually do it
- Add user accounts. Just like any App Store app, have users sign in. That gives every request an identity to check against. Email magic links or Google sign-in are simple to add.
- Use a backend with built-in per-user rules. The easiest path:
- Supabase with Row Level Security: you write a rule once (“a user can only see rows where
user_id= their own id”) and the database enforces it on every query. - Firebase with Security Rules: the same idea for Firestore / Storage.
- Or enforce it yourself on your server: every query filters by the logged-in user’s id.
- Supabase with Row Level Security: you write a rule once (“a user can only see rows where
- Never trust the browser. Validate and authorize on the server, not in client-side JavaScript. A determined user can edit anything the browser sends.
- Don’t leak ids or records. Don’t return other users’ data, ids, or emails in your API responses, even “by accident.”
- Protect the data itself. Always serve over HTTPS. Encrypt sensitive data at rest. Don’t log passwords, tokens, or other people’s data.
If you’re not sure your app does this safely, it isn’t ready to list.When in doubt, add accounts and per-user authorization before you launch. You’ll confirm in your listing details whether your app stores user data and how you keep each user’s data private.
FAQ
Does AppGild check my app's security?
No. AppGild reviews listings for clarity and policy compliance, not security, quality, or functionality. The security of your app and your users’ data is your responsibility; see Terms § 5.2.
My app doesn't store anything per user. Do I still need accounts?
No. If nothing one user does is visible to another user, there’s nothing to isolate. Accounts matter once you store data tied to individual users on a shared backend.
What's the simplest secure setup?
Users sign in (magic link or Google), data lives in Supabase with Row Level Security scoping every row to its owner’s user_id. That one rule, enforced by the database, covers the most common way apps leak data.