Privacy Policy

Last updated: April 30, 2026

Daily Sales Email is operated by Hankinsoft Development, Inc. This page describes what personal data the service collects, how we use it, and the rights you have over it. Plain-language summary first; detail below.

Plain-language summary

• We collect the email address you sign up with, the App Store Connect API credentials you choose to upload, and the email/cadence/field preferences you set on your account.
• We do not sell or share your data. We use it to send you the email you signed up for, and nothing else.
• Your App Store Connect API key is encrypted at rest with AES-256-CBC. Details on the Security page.
• You can export, correct, or delete your account at any time from the account page.
• If you have questions, ask via the contact page.

Data we collect

• Account: email address, salted hashed password, account creation timestamp.
• Integration credentials (optional, if you choose to enable the daily email): App Store Connect Issuer ID, Key ID, Vendor ID, and the .p8 private key. The private key is encrypted at rest before storage.
• Preferences: which recipient address(es) the email goes to, which cadences you've enabled (daily / weekly / monthly / yearly), which metric fields you want shown, your preferred display currency, and per-app ignore list.
• Operational metadata: the timestamp of the last email sent in each cadence, recent review IDs we've already shown you (for deduplication), and a basic audit log of password resets, confirmations, and email-send results.
• If you've placed an advertisement: the title, body, image URL, link URL, enabled flag, and a click counter (incremented when the ad is clicked from inside an email).

Data we do not collect

• We do not collect or store the raw App Store Connect report files. They are downloaded each morning, parsed, rendered into your email, and discarded.
• We do not collect IP addresses or analytics on the marketing pages (no Google Analytics, no Facebook Pixel, no third-party tracking scripts).
• We do not collect payment information; the service is currently free.
• We do not request or store any data outside the four App Store Connect endpoints listed on the Security page.

How we use the data

Solely to deliver the service you signed up for: fetching reports from Apple, generating the email, and sending it to the recipient address(es) you've configured. Operational data (last-send timestamps, review IDs already shown) is used to make the email correct -- not to profile you.

Subprocessors and third parties

• Apple -- the App Store Connect Sales and Trends API. Required to deliver the service.
• Brevo / Sendinblue -- the SMTP relay we use to send the daily email. The recipient address and the rendered email body pass through Brevo to be delivered to your inbox provider.
• Microsoft Azure -- where the email-generation worker runs. Worker processes are stateless; no per-user data is retained there beyond the run.
• Our database host -- where the user records and encrypted API keys live. Hosted in the United States.

We do not currently engage any other subprocessors. We do not share data with advertisers, analytics vendors, or marketing platforms.

Cookies

The site sets a single PHP session cookie (PHPSESSID) when you log in, used to keep you signed in. We do not set any tracking, advertising, or analytics cookies.

Data retention

Account, integration, preference, and operational data is retained for as long as your account is active. When you delete your account from the account page, the corresponding rows are removed at the next administration tick (typically within five minutes), with no archival copy retained.

Audit-log entries (password resets, login attempts) are retained for 90 days for security-incident investigation, then purged.

Your rights

• Access -- you can see all of the data we hold for you on the account page. If you'd like a structured export, contact us and we'll provide one.
• Correction -- account preferences are editable directly from the account page; for anything else, contact us.
• Deletion -- the account page has a "Delete account" action that removes your records. This is irreversible.
• Restriction / objection -- you can disable individual cadences or unsubscribe a specific recipient via the link in any email. To pause everything without deleting, uncheck all cadences on the account page.
• Portability -- since we do not retain your raw App Store Connect reports, the closest equivalent is the data on your account record; available on request.

If you are an EU/UK resident, the GDPR lawful basis for our processing is "legitimate interest in delivering the service the user signed up for"; for marketing emails (none currently sent) it would be consent.

Children

Daily Sales Email is a developer tool. It is not directed at children under 13 (or 16 in the EU). We do not knowingly collect data from children.

Changes to this policy

We will update this page when our practices change. Material changes will be announced to active users by email at least 14 days before they take effect. The "Last updated" date at the top will always reflect the current version.

Contact

For privacy questions or to exercise any of the rights above, use the contact page. We aim to respond within one business day.

← Back to home