Privacy Policy

Last updated: February 10, 2026

1. Introduction

This Privacy Policy explains how AppLanding ("we," "us," or "our"), operated by 20 Miles Ltd, collects, uses, and protects your personal information when you use our Service.

We are committed to protecting your privacy and ensuring the security of your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Display name (optional)
  • Password (encrypted)
  • Profile information (username, bio, social links)

2.2 App Store Data

We collect publicly available information from the App Store including:

  • App name, description, and metadata
  • App icons and screenshots
  • App Store reviews (public data)
  • App categories and ratings

2.3 Payment Information

Payment processing is handled by Stripe. We do not store your credit card details. We receive:

  • Stripe customer ID
  • Subscription status and billing information
  • Last 4 digits of payment method (from Stripe)

2.4 Usage Data

We automatically collect:

  • IP address and location (country-level)
  • Browser type and version
  • Pages visited and features used
  • Timestamps of actions

3. How We Use Your Information

We use your information to:

  • Provide the Service: Create and host landing pages, process App Store data, and deliver features
  • Process Payments: Handle subscriptions and billing through Stripe
  • Improve the Service: Analyze usage patterns and optimize performance
  • Communicate: Send service updates, subscription notifications, and respond to support requests
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. Legal Basis for Processing (UK GDPR)

We process your personal data based on:

  • Contract Performance: To provide the Service you've signed up for
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Consent: For optional features like marketing communications (you can withdraw consent anytime)
  • Legal Obligation: To comply with tax, accounting, and other legal requirements

5. Data Sharing and Third Parties

We share your data with the following third parties:

  • Firebase (Google): Authentication and database hosting
  • Stripe: Payment processing (see Stripe's privacy policy)
  • Vercel: Hosting and CDN services

We do not sell your personal data to third parties. We only share data necessary to provide the Service.

6. Data Retention

We retain your data:

  • Account Data: While your account is active and for 30 days after deletion (for recovery)
  • Landing Pages: Deleted immediately when you delete them or close your account
  • Payment Records: For 7 years as required by UK tax law
  • Usage Logs: For 90 days for security and analytics purposes

7. Your Rights (UK GDPR)

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Delete your account and personal data
  • Restriction: Limit how we process your data
  • Portability: Export your data in a machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: For processing based on consent

To exercise these rights, use the account deletion feature in your dashboard or contact us through the Service.

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Secure authentication with Firebase
  • Regular security updates and monitoring
  • Access controls and audit logs

9. Cookies and Tracking

We use essential cookies to:

  • Keep you logged in
  • Remember your preferences
  • Ensure security

We do not use third-party advertising or analytics cookies without your consent.

10. International Data Transfers

Your data may be transferred to and stored in countries outside the UK, including the United States (Firebase, Stripe, Vercel). These providers have appropriate safeguards in place, including Standard Contractual Clauses and certifications.

11. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Continued use after changes constitutes acceptance.

13. Contact and Data Controller

For privacy questions or to exercise your rights, contact us through the Service.

Data Controller:
20 Miles Ltd
Registered in England & Wales
Company Number: 15758027

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection issues.