Do I need a credit card to start?

No credit card required to create an account and explore the platform.

How often do rankings update?

Every 24 hours for all keywords. You can also trigger manual refreshes anytime you make metadata changes.

Does this work for Google Play?

Currently iOS App Store only. Android support may be added in the future.

Can I track competitors?

Yes! Add any app's ID and see their keywords, rankings, review sentiment, and metadata history.

← Back to Home

Privacy Policy

Last updated: January 23, 2026

1. Introduction

HackTheStore ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and protect your personal data when you visit our website and use our services, regardless of where you access them from.

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Data We Collect

2.1 Personal Data

While using our Service, we may collect the following personally identifiable information ("Personal Data"):

Identity Data: Name or username (via Google OAuth or email registration).
Contact Data: Email address.
Technical Data: IP address, browser type and version, device identifiers, time zone, operating system and platform.
Usage Data: Pages visited, features used, time spent on the Service, and interaction logs.

2.2 Application Data

To provide ASO services, we process publicly available data about mobile applications:

App IDs, bundle identifiers, and App Store URLs you submit
App metadata (titles, subtitles, descriptions) sourced from public App Store listings
Keyword rankings and estimated search volumes
Competitor app lists and review data

3. How We Use Your Data

We use your personal data for the following purposes:

Service Delivery: To provide, operate, and maintain the Service.
Account Management: To manage your user account and authenticate your identity.
AI-Powered Features: To generate ASO metadata suggestions and recommendations. Your app data (titles, descriptions, keywords) may be sent to third-party AI providers (OpenAI, Anthropic) to generate these suggestions. We do not send personal identity data to AI providers. AI providers' own privacy policies apply to data processed on their platforms.
Communication: To send you service-related notifications and respond to your inquiries.
Security: To detect, prevent, and address technical issues, abuse, and fraudulent activity.
Analytics: To understand how users interact with the Service and improve its functionality.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Service and collect usage information. You can control cookies through your browser settings, though disabling certain cookies may affect Service functionality.

Strictly Necessary Cookies: Authentication tokens (e.g., access_token) that are required for you to log in and use the Service. These cannot be disabled without breaking the Service.
Analytics Cookies: We use Google Analytics to understand traffic patterns and user behavior. These are non-essential. You may opt out via your browser settings, the Google Analytics opt-out browser add-on, or by enabling "Do Not Track" in your browser.

By continuing to use our Service after being presented with this policy, you consent to our use of cookies as described above. EU/EEA users: we rely on legitimate interest for strictly necessary cookies and your consent for analytics cookies.

5. Disclosure of Your Data

We may share your data with the following categories of third parties:

Infrastructure Providers: DigitalOcean (cloud hosting and database storage).
Analytics: Google Analytics (anonymized usage data).
Email: SendGrid (transactional email delivery).
AI Providers: OpenAI and/or Anthropic (app metadata for AI feature generation only; no personal identity data is shared).
Authentication: Google OAuth 2.0 (if you sign in with Google).
Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.
Law Enforcement: We may disclose your data where required by applicable law or in response to valid legal requests from public authorities.

6. Data Retention

We retain your data for the following periods:

Account Data (email, name): Retained for the duration of your account. Deleted within 30 days of account deletion upon request.
App and Keyword Data: Retained for as long as the app is tracked in your account, plus 90 days after removal to allow for data recovery.
Ranking History and Analytics: Retained for up to 2 years, then aggregated or deleted.
Usage Logs and Technical Data: Retained for up to 12 months for security and debugging purposes.
Feedback and Support Messages: Retained for up to 3 years for quality assurance and dispute resolution.

You may request deletion of your personal data at any time by contacting us. We will respond within 30 days.

7. Your Rights (GDPR - EEA/UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under GDPR/UK GDPR:

Right of Access: Request a copy of the personal data we hold about you.
Right of Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data ("right to be forgotten").
Right to Restriction: Request that we limit how we process your data.
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us using the details in Section 11. You also have the right to lodge a complaint with your local data protection authority.

8. Your Rights (CCPA - California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purpose for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You may request deletion of personal information we have collected about you, subject to certain exceptions.
Right to Opt-Out of Sale: We do not sell your personal information to third parties. If this changes, we will update this policy and provide an opt-out mechanism.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, contact us via our feedback form. We will respond within 45 days as required by law.

9. Security of Data

We implement industry-standard security measures including HTTPS encryption, hashed password storage, and access controls to protect your personal data. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. In the event of a data breach that poses a risk to your rights, we will notify affected users and relevant authorities as required by applicable law.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date and, where required by law, by sending an email notification. Your continued use of the Service after changes become effective constitutes your acceptance of the revised policy.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us via our feedback form.