Privacy Policy

This Privacy Policy describes how AI Apps Portal ("we", "our", or "us") collects, uses, and shares your personal information when you visit or use aiappsportal.com (the "Site"). We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: AI Apps Portal
Contact: privacy@aiappsportal.com

Information We Collect

Account Information

When you create an account on the Site, we collect:

• Email address (required for account creation and login)
• Name (if provided during registration)
• Password (stored securely using industry-standard hashing)
• OAuth tokens (if you sign in with Google)

Legal Basis: Performance of contract (Article 6(1)(b) GDPR) - This information is necessary to provide you with an account and our services.

Analytics Information (with your consent)

When you accept cookies, we collect analytics information through Google Tag Manager and Google Analytics, including:

• Pages you visit and how you interact with the Site
• Referral sources (how you found our Site)
• Browser type and device information
• Anonymized IP address

Legal Basis: Consent (Article 6(1)(a) GDPR) - We only collect this information after you accept our cookie banner. You can withdraw consent at any time by clearing your cookies.

Product Analytics (Legitimate Interest)

We collect aggregate, anonymous statistics about product views and interactions to operate and improve our directory:

• Product page view counts (aggregated, not linked to individuals)
• Click-through rates to external product websites
• Traffic source categories (e.g., from search engines, social media)
• Date-based trends in product popularity

Important: We do NOT collect IP addresses, user identifiers, or any personal data for product analytics. All metrics are aggregated and anonymous.

Legal Basis: Legitimate Interest (Article 6(1)(f) GDPR) - We need these statistics to understand which AI tools are popular, improve our content curation, and operate our business effectively. The data is completely anonymous and poses minimal privacy impact.

Payment Information

When you purchase a premium subscription, payment processing is handled by Paddle, our payment processor. We do not store your credit card information. Paddle collects:

• Payment information (credit card, PayPal, etc.)
• Billing address
• Transaction details

Legal Basis: Performance of contract (Article 6(1)(b) GDPR) - This information is necessary to process your payment.

Cookies and Tracking Technologies

We use different types of cookies on our Site:

You can control cookies through our cookie banner that appears on your first visit. You can also disable cookies in your browser settings, though this may affect site functionality.

How We Use Your Personal Information

Account Management

We use your account information to:

• Provide you with access to your account
• Enable you to claim and manage product listings
• Send important account-related communications
• Verify your identity and prevent fraud

Analytics and Improvement

With your consent, we use analytics information to:

• Understand how visitors use our Site
• Improve our content and user experience
• Assess the effectiveness of our features
• Generate anonymous usage statistics

Product Directory Operations

Based on legitimate interest, we use aggregate product analytics to:

• Identify trending AI tools and popular categories
• Optimize which products to feature
• Improve our curation and recommendation algorithms
• Provide value to product vendors with usage statistics

Payment Processing

We use payment information to:

• Process premium subscription payments
• Provide invoices and receipts
• Prevent fraudulent transactions
• Manage billing and renewals

Third-Party Service Providers

We work with carefully selected third-party service providers to operate our Site. These processors only access your personal data as necessary to perform their services and are contractually obligated to protect your information.

Our Service Providers

Data Transfers

Some of our service providers are located outside the European Economic Area (EEA). When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions for certain countries
• Privacy Shield certification (where applicable)

Legal Requirements

We may disclose your personal information if required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety, or that of our users.

Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have the following data protection rights:

• Right to Access (Article 15): You can request a copy of the personal data we hold about you
• Right to Rectification (Article 16): You can update or correct inaccurate information
• Right to Erasure (Article 17): You can request deletion of your account and personal data
• Right to Restrict Processing (Article 18): You can ask us to temporarily suspend processing
• Right to Data Portability (Article 20): You can request your data in a machine-readable format
• Right to Object (Article 21): You can object to processing based on legitimate interest
• Right to Withdraw Consent: You can withdraw consent for analytics cookies at any time

How to Exercise Your Rights:

To exercise any of these rights, please contact us at privacy@aiappsportal.com. We will respond to your request within 30 days.

Right to Complain: If you believe we have not handled your personal data properly, you have the right to lodge a complaint with your local data protection authority.

Cookie Consent

When you first visit our Site, you will see a cookie consent banner. This banner allows you to:

• Accept all cookies (including analytics)
• Decline non-essential cookies

Your choice is stored locally and respected across all pages. You can change your consent preference at any time by clearing your browser cookies and refreshing the page.

Google Consent Mode: We use Google Consent Mode v2, which ensures Google Analytics only tracks you after you have given consent. Before consent, all analytics tracking is blocked.

Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures:

• All passwords are hashed using industry-standard bcrypt encryption
• All data transmissions are encrypted using HTTPS/TLS
• Access to personal data is restricted to authorized personnel only
• Regular security updates and monitoring
• Secure authentication using NextAuth.js

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected:

• Account Information: Retained while your account is active, plus 30 days after account deletion (for recovery)
• Payment Records: Retained for 7 years to comply with tax and accounting regulations
• Analytics Cookies: Automatically expire after 2 years
• Product Analytics: Retained indefinitely (aggregate data only, no personal information)
• Support Communications: Retained for 3 years

You can request earlier deletion of your data by contacting us at privacy@aiappsportal.com.

Changes

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.