Privacy Policy

Data We Collect

• •Account information — name, email address, profile picture (via Google OAuth or manual sign-up).
• •Application data — URL, name, icon, package name, feature configuration, build files (AAB/APK).
• •Payment data — processed by Stripe. We never store your credit card information.
• •Usage data — login logs, builds launched, pages visited (anonymized analytics).

Cookies and Tracking Technologies

WebWrap uses cookies strictly necessary for the service: authentication session (NextAuth), language preference, and cookie consent. We do not use any advertising cookies or third-party trackers. Session cookies expire when you close your browser or after 30 days of inactivity.

How We Use Your Data

Your data is used solely to provide and improve the WebWrap service: creating your applications, managing your builds, processing payments, and sending you account-related notifications.

Data Sharing

We never sell your data. We share data only with providers necessary for the service: Stripe (payments), Supabase (database and storage), Vercel (hosting), Google Cloud (Firebase, Play Store).

Data Retention

Your account data is retained as long as your account is active. Build files (AAB, APK) are retained for 90 days after creation. Build logs are deleted after 30 days. Upon account deletion, all your personal data is erased within 30 days, except data we are legally required to retain (invoices, transactions).

International Data Transfers

Your data may be processed in the European Union (Hetzner — Germany, Supabase — AWS eu-west-1) and in the United States (Vercel, Stripe, Google Cloud). For transfers outside the EU, we rely on the European Commission's Standard Contractual Clauses (SCC) and our processors' compliance certifications.

Security

Your data is protected by encryption in transit (HTTPS/TLS) and at rest. Passwords are hashed with bcrypt. Access tokens are stored securely.

Your Rights

You can access, modify, or request deletion of your data at any time by contacting us at support@webwraper.com.

GDPR Rights (European Residents)

• •Right of access — obtain a copy of your personal data.
• •Right to rectification — correct inaccurate or incomplete data.
• •Right to erasure — request deletion of your data.
• •Right to portability — receive your data in a structured, machine-readable format.
• •Right to object — object to the processing of your data on legitimate grounds.
• •Right to restriction — request restriction of processing in certain cases.
• •Right to withdraw consent — at any time, without affecting the lawfulness of prior processing.

Children's Privacy

WebWrap is not intended for persons under 16 years of age. We do not knowingly collect personal data from minors. If we discover that data from a minor has been collected, we will delete it immediately. If you are a parent and believe your child has provided us with data, contact us at support@webwraper.com.

Data Breach Notification

In the event of a data breach likely to result in a high risk to your rights and freedoms, we will inform you within 72 hours of discovering the incident, in accordance with the GDPR. We will also notify the relevant supervisory authority (CNIL).

Changes to This Policy

We may update this privacy policy periodically. In case of a substantial change, we will inform you by email and via a notification on the dashboard. The last updated date will always be indicated at the top of this page.

Contact

For any questions regarding this policy, contact us at support@webwraper.com.