1. Who We Are
ASO Expert is operated by Lê Quốc Hoàng, based in Ho Chi Minh City, Vietnam. ASO Expert is an App Store Optimization tool available as a native iOS application and a web dashboard at asoexpert.cc. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our service. For privacy inquiries, contact us at privacy@asoexpert.cc.
2. Information We Collect
We collect the following categories of personal information: (a) Account information — email address, display name, and authentication identifiers provided through Clerk authentication (including Apple Sign In, Google Sign In, and email/password). (b) App and keyword data — apps you save, keywords you track, keyword ranking history, A/B testing experiments, competitor pins, chart feed configurations, and AI-generated content. (c) App Store Connect credentials (optional) — if you connect your App Store Connect account, we store your API key credentials (Issuer ID, Key ID, and private key), encrypted at rest using pgcrypto. (d) Usage data — feature interactions, pages viewed, AI feature usage counts. On the web, Vercel Analytics collects aggregated, non-personally-identifiable usage data without cookies. (e) Subscription data — purchase history, subscription tier, and billing status processed through Apple's In-App Purchase system via RevenueCat. We do not receive or store your payment card information. (f) Device and technical data — on mobile: device type, OS version, app version, language preference, and push notification tokens (if enabled). On web: browser type, screen resolution, and language preference stored in local storage. We do not sell your personal data to third parties.
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area, United Kingdom, and Switzerland, we process your personal data on the following legal bases: account creation, providing the ASO service, and processing payments are based on performance of contract (Art. 6(1)(b)). AI-powered features require your consent (Art. 6(1)(a)) via the AI consent mechanism. Usage analytics and security are based on legitimate interest (Art. 6(1)(f)). You may withdraw consent at any time without affecting the lawfulness of prior processing.
4. How We Use Your Data
We use your personal information to: provide and maintain the ASO tracking service including keyword rank monitoring, competitor analysis, and chart tracking; generate AI-powered keyword suggestions, metadata optimization, and review analysis (with your consent, via third-party AI providers); process and manage your subscription through Apple's In-App Purchase system; send transactional communications including account confirmations, ranking change alerts, and service notifications; improve the service through aggregated usage analytics; ensure security, prevent fraud, and enforce our Terms of Service. We do not use your data for third-party advertising, behavioral profiling, or cross-app tracking.
5. Data Shared with Third-Party Services
We share your data with the following third-party service providers who process data on our behalf:
- Clerk (clerk.com) — Authentication and session management. Processes: email, name, auth tokens. Location: USA
- RevenueCat (revenuecat.com) — Subscription and in-app purchase validation via Apple. Processes: Apple user ID, subscription status. Location: USA
- Apple (apple.com) — Processes all payments through the App Store In-App Purchase system
- Neon (neon.tech) — PostgreSQL database hosting. Stores: all service data including encrypted ASC credentials. Location: USA
- Railway (railway.com) — API server hosting. Processes: all API requests. Location: USA
- Vercel (vercel.com) — Web hosting and aggregated analytics (non-PII). Location: USA
- Google Gemini (ai.google.dev) — AI-powered keyword suggestions (with your consent). Data shared: app metadata, keyword terms, ranking data
- OpenAI (openai.com) — AI-powered content generation (with your consent). Data shared: app metadata, keyword terms, review text
- Anthropic Claude (anthropic.com) — AI-powered optimization recommendations (with your consent). Data shared: app metadata, keyword terms, competitor data
- SerpAPI (serpapi.com) — App Store keyword ranking data retrieval. Data shared: keyword queries, app identifiers
- SearchAPI (searchapi.io) — Supplementary App Store search data. Data shared: keyword queries, app identifiers
6. AI Data Sharing
Your personal information (email, name, payment details) is never shared with AI providers. Only app-related data necessary for generating insights is transmitted, and only with your explicit consent. You can grant or revoke AI data sharing consent at any time in Settings.
7. Cookies and Local Storage
We use essential cookies and local storage for authentication session management (via Clerk) and user preferences (theme, language, default country). Vercel Web Analytics collects aggregated page view data without cookies — visitor data is automatically discarded after 24 hours. We do not use advertising cookies, tracking pixels, or fingerprinting technologies. No data is shared with ad networks. See our Cookie Policy at /cookies for details.
8. International Data Transfers
Your data is processed and stored by our service providers primarily in the United States. For users in the EEA, UK, and Switzerland: when we transfer your personal data outside the EEA/UK, we rely on the EU-U.S. Data Privacy Framework for certified providers, Standard Contractual Clauses (SCCs), and your explicit consent for AI data sharing. You may request a copy of the safeguards in place by contacting privacy@asoexpert.cc.
9. Data Retention
We retain your personal data as follows: account information, app and keyword data, ranking history, and AI-generated content are kept until you delete your account. ASC credentials are kept until you disconnect or delete your account. Usage analytics (Vercel) are automatically discarded after 24 hours. Server logs are retained for 30 days. After account deletion, all data in our database is permanently removed. Data held by third-party services (Clerk, RevenueCat, Apple) may be retained according to their respective policies.
10. Your Rights
All users have the right to: access a copy of your personal data, correct inaccurate data, request deletion of your account and all associated data, and withdraw consent for AI data sharing. EEA/UK residents additionally have the right to: restrict processing, data portability, object to processing based on legitimate interest, and lodge a complaint with your local Data Protection Authority. California residents have the right to: know what personal information is collected, delete personal information, opt out of the sale of personal information (we do not sell data), and non-discrimination for exercising rights. To exercise these rights, email privacy@asoexpert.cc or use the account deletion feature in Settings. We respond within 30 days.
11. Data Deletion
You can delete your account and all associated data at any time from Settings. Deletion is permanent and irreversible. We remove: your profile, all saved apps, all tracked keywords and ranking history, all experiments, all AI-generated content, all competitor pins and chart feeds, App Store Connect credentials, and push notification tokens. Important: active Apple subscriptions are NOT automatically cancelled — manage them in your device's Settings > Apple ID > Subscriptions. Clerk and RevenueCat may retain minimal records per their own policies.
12. Children's Privacy
ASO Expert is not intended for use by anyone under 16. We do not knowingly collect personal information from children. If we become aware that a user is under the minimum age, we will delete their account. If you believe a child has created an account, contact privacy@asoexpert.cc.
13. Security
We implement the following security measures: TLS encryption for all data in transit, row-level database security to isolate user data, pgcrypto encryption for App Store Connect credentials at rest, rate limiting and input validation on all API endpoints, and HTTP security headers via Helmet. No system is 100% secure, but we strive to protect your data using industry-standard practices.
14. Changes to This Policy
We may update this Privacy Policy from time to time. For material changes, we will update the date at the top of this page, notify you via email at least 14 days before changes take effect, and display a notice in the app. Continued use after the effective date constitutes acceptance. If you disagree, stop using the service and delete your account.
15. Contact
For privacy inquiries or data requests: privacy@asoexpert.cc. For general support: support@asoexpert.cc. Address: Ho Chi Minh City, Vietnam. We acknowledge receipt within 5 business days and respond substantively within 30 days. EEA residents: if unsatisfied with our response, you may lodge a complaint with your local Data Protection Authority.