Applora Privacy Policy
Applora (www.applora.io) is operated by PitchCall, Inc. [FOUNDER: registered address + jurisdiction]. This policy explains what data we collect, why, and who we share it with. We've tried to keep it honest and readable — if anything is unclear, email us at cihatakkiraz@gmail.com.
The short version
You describe an app, our AI agent builds it in a cloud sandbox. To do that, we send your prompts and app content to a small set of AI and infrastructure providers, all listed below by name. We never see your card number, we don't sell your data, and you own the code your prompts generate.
What we collect
- Account information. When you sign up, our authentication provider (Clerk) handles your email address, name, and login credentials. We store the account identifiers Clerk gives us.
- Your prompts and generated code. The app descriptions you write, your conversation with the agent, and the Flutter code the agent produces. This is the core of the service — we need it to build, preview, and store your apps. The code belongs to you, and you can export it at any time.
- Usage and metering data. Which agent runs you start, what they cost, whether they succeed or fail. We use this to show you per-run charges in the product and to bill your credits correctly.
- Payment information. Purchases go through Stripe. Your card details go directly to Stripe and never touch Applora's servers. We only see what Stripe tells us: that a payment happened, for how much, and a customer reference.
How we use it
Three things, and only these:
- Operating the service — building your apps, showing web previews, generating APKs, handling GitHub exports and Google Play publishing.
- Billing — metering your agent runs, charging credits, and auto-refunding runs that fail to complete.
- Abuse prevention — detecting things like bot signups, free-credit abuse, sandbox escapes, or crypto-mining, so the service stays affordable for everyone.
We don't sell your data. We don't use your prompts or code to train our own models [FOUNDER: confirm this commitment — it must match the Terms]. The AI sub-processors listed below operate under their own terms; this commitment is about Applora, not them.
Sub-processors
These are the companies that process data on our behalf. We're listing all of them, including the AI model providers — the product UI doesn't show you which model is running, so this table is where you find out.
AI providers. When the agent plans or builds your app, or when you use managed AI features inside your generated app, your prompts and app content may be sent to these providers:
| Provider | Purpose | Data sent | Region |
|---|---|---|---|
| Anthropic (Claude models) | Agent planning and building | Prompts, app descriptions, code context | [FOUNDER: confirm region] |
| DeepSeek | Agent building | Prompts, app descriptions, code context | People's Republic of China — DeepSeek is a PRC-based provider, and data sent to it may be processed in the PRC |
| OpenAI | Managed AI features: chat, image generation, embeddings, transcription, vision, moderation | Content your generated app sends to those features | [FOUNDER: confirm region] |
| Google (Gemini) | Managed AI features, when used | Content your generated app sends to those features | [FOUNDER: confirm region] |
| ElevenLabs | Managed AI features (voice), when used | Text sent for speech generation | [FOUNDER: confirm region] |
Infrastructure providers:
| Provider | Purpose | Data sent | Region |
|---|---|---|---|
| Vercel | Hosting the Applora platform | Service traffic, cookieless analytics | United States |
| Neon | Postgres databases (ours, and your generated apps' managed backends) | Account data, projects, prompts, generated-app data | United States |
| Fly.io | Cloud build sandboxes | Your generated code and build artifacts | [FOUNDER: confirm region] |
| Clerk | Authentication | Email, name, login credentials, session data | [FOUNDER: confirm region] |
| Stripe | Payments | Card and billing details (sent directly to Stripe; we never see card numbers) | [FOUNDER: confirm region] |
| Upstash | Rate limiting | Request metadata (identifiers and counters) | [FOUNDER: confirm region] |
| GitHub | Code export | Your generated code — only when you choose to export | [FOUNDER: confirm region] |
We'll update this table if the list changes.
End-user data of apps you build
If your generated app uses Applora's managed backend, your app's end users (their accounts and data) are stored on Applora-managed infrastructure (Neon), isolated per app.
Here's the split of responsibility, plainly:
- We run the infrastructure, keep apps isolated from each other, and process the data on your behalf.
- You, as the app creator, are responsible for your app's relationship with its users — what you collect, why, and whether it complies with the laws that apply to you. Applora includes a per-app privacy-policy generator to help you get started, but the responsibility is yours.
Retention and deletion
We keep your account, projects, and generated code for as long as your account exists. To delete your account or export your data, email cihatakkiraz@gmail.com and we'll handle it. [FOUNDER: this is manual until self-serve deletion ships — update this section when it does.]
Cookies
Two things, and that's it:
- Clerk session cookies — essential, so you stay logged in. No consent banner theater; the service doesn't work without them.
- Vercel analytics — cookieless. It gives us aggregate page-view counts without tracking you individually.
No advertising cookies, no cross-site tracking.
Your rights
Wherever you live, we extend these to you:
- Access — ask us what data we hold about you.
- Export — get a copy of your data (your code is exportable in-product any time).
- Correction — fix inaccurate account data.
- Deletion — have your account and data deleted.
- Objection — object to how we process your data, or complain to your local data-protection authority.
To exercise any of these, email cihatakkiraz@gmail.com. We don't make you jump through hoops.
Changes to this policy
If we make meaningful changes — especially to the sub-processor list — we'll update this page and its effective date. For significant changes we'll let you know in the product or by email.
Contact
Questions about this policy? Email cihatakkiraz@gmail.com.
Effective date: [FOUNDER: set date]