Privacy Policy

1. Introduction

Meridian Data LLC, a Washington State limited liability company and operator of the AppGild platform ("AppGild," "we," "us," "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard information when you access or use the AppGild platform, including appgild.ai, appgild.com, and any related services (collectively, the "Platform").

By using the Platform, you consent to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Platform. This Privacy Policy is incorporated into and subject to our Terms of Service.

2. Information We Collect

2.1 Information You Provide

When you register for an account, we collect your name, email address, and display name. Builders may also provide a business name, website URL, and app-related content such as descriptions, screenshots, and listing details data. When you contact us or use the Platform's messaging system, we collect the content of those communications.

2.2 Transaction Information

When you make a purchase, we record the transaction amount, date, app purchased, license key issued, and subscription status. AppGild does not store credit card numbers, CVV codes, bank account numbers, or full payment credentials. All sensitive payment data is processed and stored exclusively by Stripe, Inc. in accordance with Stripe's Privacy Policy.

2.3 Automatically Collected Information

When you use the Platform, we automatically collect: device type and browser type, IP address (anonymized for analytics), pages visited and time spent on each page, referral source (how you arrived at the Platform), and general geographic region (country/state level, not precise location). This data is collected through Vercel Analytics (a privacy-focused, cookie-light service) and Google Analytics 4 (configured with IP anonymization enabled and without Google Signals or advertising integrations).

2.4 Authentication Data

We use Supabase Auth for authentication. Depending on the method you choose, this may include your email address (for magic links) or profile information provided by a third-party OAuth provider (such as Google). If you sign in with a password, it is handled by our authentication provider and stored only as a salted hash; we never see or store your plaintext password.

3. How We Use Your Information

We use the information we collect to: operate, maintain, and improve the Platform; process transactions and manage subscriptions; deliver license keys and app access; send transactional emails (purchase confirmations, account notifications, security alerts); facilitate communication between buyers and builders through the Platform messaging system; enforce our Terms of Service, Acceptable Use Policy, and other policies; detect and prevent fraud, abuse, and security incidents; respond to customer support requests; generate anonymized, aggregated analytics to improve the Platform; and comply with legal obligations.

We do not use your personal information for behavioral advertising or sell it to data brokers. We do not use personal information for automated decision-making or profiling that produces legal or similarly significant effects.

4. Information Sharing and Disclosure

We share personal information only in the following circumstances:

4.1 Service Providers

We use third-party service providers to operate the Platform. These providers process data on our behalf under contractual obligations to protect your information: Stripe (payment processing and builder payouts), Supabase (database hosting, authentication, and row-level security), Vercel (application hosting, edge delivery, and privacy-focused analytics), Google (Google Analytics 4 for aggregated visitor analytics with IP anonymization enabled), and Resend (transactional email delivery). Each provider has its own privacy policy and processes only the data necessary to perform its designated function.

4.2 Buyer-Builder Interactions

When you purchase an app, the builder may see your display name and the fact that a purchase was made. Builders do not receive your email address, payment details, or other personal information unless you voluntarily share it through the Platform messaging system.

4.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request; if we believe disclosure is necessary to protect the rights, property, or safety of AppGild, our users, or the public; to enforce our Terms of Service or other agreements; or to detect, prevent, or address fraud, security, or technical issues.

4.4 Business Transfers

If AppGild is involved in a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your information becomes subject to a different privacy policy.

4.5 No Sale of Personal Information

AppGild does not sell, rent, or trade your personal information to third parties for monetary or other valuable consideration. We have not sold personal information in the preceding 12 months.

4.6 Builder-Supplied Tracking Inside Apps

Apps you purchase through AppGild fall into two hosting categories: AppGild-Hosted(we serve the app's bundle from our infrastructure) and Builder-Hosted (the builder serves the app from their own infrastructure). Our policies for the two categories differ:

AppGild-Hosted apps do not include builder-supplied tracking.Our Terms of Service prohibit builders from embedding any third-party analytics, advertising pixels, or tracking tools in AppGild-Hosted apps, precisely so that AppGild does not enter the data-controller chain for any tracking performed by builder code. When you use an AppGild-Hosted app, the only analytics that may run are AppGild's own, as described elsewhere in this policy.

Builder-Hosted apps may include analytics, advertising pixels, or other third-party tracking that the builder has integrated into their code.AppGild does not control, audit, or have visibility into this tracking. Each listing's listing details contain the builder's disclosure of any tracking tools used and their purpose; the builder is responsible for the accuracy of that disclosure and for compliance with all applicable privacy laws (including providing their own privacy policy, cookie banners, and consent mechanisms where required). Before purchasing or using a Builder-Hosted app, review the listing's listing details and the builder's own privacy policy.

Your data inside builder apps.When you use an app listed on AppGild, any information you provide to that app is collected and controlled by the independent builder who operates it, under their own privacy practices — not by AppGild. AppGild is the controller only for your AppGild account and billing information on appgild.ai. AppGild does not build these apps or verify their security; review an app's listing details, and the builder's own privacy policy where provided, to understand how it handles your data.

4.7 Data Processed by AI Agents

Some listings are AI agents operated by independent builders and hosted on the builder's own infrastructure. When you use such an agent, data you provide to it may be transmitted to third-party AI model providers (for example, OpenAI, Anthropic, Google, or others) in order to produce the agent's outputs. AppGild does not host or control these builder-operated agents or their data flows. Each agent listing discloses the AI model or models it uses and what data is sent to AI providers; review those disclosures, and the builder's and the AI provider's own privacy practices, before using an agent. When you interact with an AI agent you are interacting with an AI system, and its outputs may be inaccurate, so review anything important before you rely on it.

5. Data Retention

We retain your account information for as long as your account is active or as needed to provide you with the Platform. Transaction records (purchases, license keys, payout history) are retained for a minimum of 7 years to comply with tax and financial reporting obligations. Platform messages are retained for the duration of your account plus 90 days after deletion. Anonymized analytics data is retained indefinitely as it cannot be linked back to an individual.

When you delete your account, we will remove or anonymize your personal information within 30 days, except for data we are required or permitted to retain for legal, tax, audit, or security purposes. Builder app listings that have active buyers will be archived rather than deleted, with personal information removed from public-facing content.

6. Data Security

We implement industry-standard technical and organizational security measures to protect your information, including: encrypted connections (TLS/HTTPS) for all data in transit; row-level security (RLS) policies on our database to ensure users can only access their own data; secure, token-based authentication with no stored passwords; regular security reviews of our codebase and infrastructure; and access controls limiting employee and service access to personal data on a need-to-know basis.

Despite these measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security and are not responsible for the circumvention of any privacy settings or security measures on the Platform.

7. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected users via email within 72 hours of becoming aware of the breach, or as otherwise required by applicable law. The notification will describe the nature of the breach, the types of data involved, the steps we are taking to address it, and recommendations for protecting yourself. We will also notify applicable regulatory authorities as required by law.

8. Cookies and Tracking Technologies

We use a minimal set of cookies and similar technologies:

Essential cookies are required for authentication, session management, and security. These cannot be disabled without breaking core Platform functionality. Analytics tracking is provided by Vercel Analytics (which uses a privacy-focused, cookie-light approach) and Google Analytics 4, configured with IP anonymization enabled and without Google Signals or advertising integrations. Google Analytics 4 sets first-party cookies (such as_ga) used to distinguish visitors and sessions for aggregate reporting. We do not use third-party advertising cookies, retargeting pixels, or cross-site tracking technologies, and we do not link analytics data to advertising profiles.

You can control cookies through your browser settings. Disabling essential cookies may prevent you from using the Platform.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: You may request a copy of the personal information we hold about you. Correction: You may update or correct inaccurate information through your account settings or by contacting us. Deletion: You may request deletion of your personal information, subject to our retention obligations described in Section 5. Portability: You may request a copy of your data in a structured, commonly used, machine-readable format. Opt-out: You may opt out of non-essential communications at any time by using the unsubscribe link in our emails or contacting us.

To exercise any of these rights, contact us at privacy@appgild.ai. We will respond to verified requests within 30 days. We will not discriminate against you for exercising any of your privacy rights.

10. California Residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). You have the right to know what personal information we collect, use, and disclose; the right to request deletion of your personal information; the right to opt out of the sale or sharing of your personal information (AppGild does not sell or share personal information as defined by the CCPA); and the right to non-discrimination for exercising your privacy rights.

Categories of personal information we collect include: identifiers (name, email, display name), commercial information (purchase history, transaction records), internet activity information (usage data, pages visited), and professional information (for builders: business name, expertise area). We do not collect sensitive personal information as defined by the CPRA.

To submit a verifiable consumer request, email privacy@appgild.ai with the subject line "CCPA Request." We will verify your identity using the email address associated with your account before processing any request.

11. International Users

AppGild is based in Washington State, USA. If you access the Platform from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland: we process your data on the legal bases of contractual necessity (to provide the Platform and process transactions), legitimate interests (to improve the Platform, prevent fraud, and ensure security), and consent (where you have opted in to optional communications). You may withdraw consent at any time without affecting the lawfulness of prior processing. If you believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local supervisory authority.

12. Children's Privacy

The Platform is not directed to children under the age of 18. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@appgild.ai, and we will promptly delete that information. If we become aware that we have collected personal information from a child under 18, we will take steps to delete it as soon as practicable.

13. Builder Data Responsibilities

Builders who list apps on AppGild may collect data from buyers through their apps, particularly for Creator-Hosted and External Service apps. AppGild is not responsible for the data collection, storage, or privacy practices of third-party apps listed on the Platform. Each builder is independently responsible for complying with applicable privacy laws and for providing their own privacy disclosures to users of their apps.

If you have concerns about how a builder's app handles your data, please contact the builder directly through the Platform messaging system or contact us at privacy@appgild.ai.

14. Third-Party Links and Services

The Platform may contain links to third-party websites, apps, or services that are not operated by AppGild. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through or in connection with the Platform.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify registered users of material changes via email or prominent notice on the Platform at least 14 days before the changes take effect. The "Last Updated" date at the top of this page indicates when this Privacy Policy was most recently revised. Continued use of the Platform after the effective date of changes constitutes acceptance of the updated Privacy Policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:

privacy@appgild.ai

Meridian Data LLC
522 W Riverside Ave Ste N
Spokane, WA 99201
USA

For general support inquiries, contact support@appgild.ai. For legal inquiries, contact legal@appgild.ai.