Platform Privacy Policy

For app developers using the AppBalance. Last updated: 2026-05-23.

This policy explains what data AppBalance (the “Platform”), reachable at lumencredits.com and operated by Shimon Dookdin (“we”, “us”) based in Israel, collects from app developers using the Platform.

For privacy as it relates to end users of an app hosted on the Platform, refer to the privacy policy published by that specific app.

What we collect from you (the developer)

Developer account. Your name (individual or company), country, contact email, and any other information you choose to provide on sign-up. We may collect this information but we have no ability to independently validate it.

Platform billing. Your PayPal subscription ID for the Platform subscription, payment amounts, and timestamps. We do not see or store your credit card or PayPal login credentials — PayPal handles those.

Credentials you give us to operate your tenant. These are stored encrypted at rest and used only to operate your tenant on the Platform:

• Your AI-provider API key (e.g. Google Gemini).
• Your PayPal merchant credentials (client ID, secret, webhook ID).

Tenant configuration. Brand name, pricing, plan IDs, and any other settings you configure for your tenant.

Aggregate operational metrics. Per-tenant counters such as token usage, request volumes, error rates. These are used for billing and abuse detection.

What we do not collect

• The content of end-user conversations with the AI. The Platform does not log or store that content on its servers.
• End users’ personal data beyond what is needed for the Platform to operate (their Google account info, their billing state). End users’ personal data belongs to your tenant; you are the data controller for it.

How we use your data

• To operate your tenant on the Platform.
• To bill you for Platform usage.
• To detect or investigate abuse, fraud, or breach of these terms.
• To improve the Platform in aggregate. We will not publicly associate aggregate metrics with your identity without your consent.

Third parties (sub-processors)

• Hosting infrastructure provider — runs the Platform’s servers.
• PayPal — processes your Platform subscription payments.
• Cloudflare — provides the network ingress for the Platform.

Data retention

• Developer account: kept until you delete it.
• Stored credentials (AI key, PayPal merchant credentials): deleted within 30 days of tenant termination.
• Billing records: kept for 7 years to meet tax and accounting requirements.
• Operational logs: rotated; typically kept for 30 days.

Your rights as a developer

You can request access to, export of, or deletion of your developer-account data at any time by emailing us. Stored credentials are deleted on termination; billing records may be retained for the period above to satisfy tax obligations.

Your obligations regarding end-user data

You are the data controller for your end users. You are responsible for publishing a privacy policy that covers your end users, responding to their data subject requests, and complying with all data-protection law applicable to your tenant. The Platform acts as a processor of end-user data on your behalf, under your instructions, as configured by your tenant settings.

International transfers

The Platform’s infrastructure is operated from servers in the European Union. Sub-processors may operate globally and may transfer data outside your country; their own policies cover those transfers.

Changes to this policy

We may update this policy. We’ll change the “Last updated” date above and notify you by email of material changes.

Contact

For developer-account privacy questions and data subject requests: [email protected]