Legal & Privacy

Privacy Policy

We believe privacy is a right, not a feature. This policy explains exactly what data WebinApp collects, how we use it, and the choices you have.

Effective: January 1, 2026 Last updated: March 1, 2026 ~6 min read

Plain-language summary: WebinApp collects only what's necessary to operate the service. We never sell your personal data to third parties, and your app signing keys are handled with strict security controls. Read on for full details.

01

Information We Collect

When you use WebinApp, we collect information necessary to provide, maintain, and improve our services. We collect this information in three ways: information you provide directly, information collected automatically, and information from third-party integrations.

Information you provide directly:

  • Account information such as your name, email address, and password when you register.
  • Website URLs and app configuration settings you enter when creating a project.
  • App signing keys and keystore files you upload or generate through the Key Manager.
  • Custom assets including app icons, splash screens, and other branding images.
  • Payment and billing details processed through our secure payment provider.
  • Support communications when you contact us via email or our help center.

Information collected automatically:

  • Log data including IP address, browser type, operating system, and referring URLs.
  • Usage data such as pages visited, features used, build history, and session duration.
  • Device information including screen resolution and hardware identifiers.
  • Performance diagnostics to identify and resolve technical issues.
02

How We Use Your Data

We use the information we collect solely to operate WebinApp and improve your experience. We do not sell, rent, or share your personal data with advertisers or data brokers.

Purpose Data Used Legal Basis
Provide and operate the service Account info, URLs, configurations, keys Contract performance
Build & compile your app files URL, assets, signing keys, settings Contract performance
Send transactional emails Email address, build status Contract performance
Process payments Billing details (handled by provider) Contract performance
Improve and debug the platform Usage data, logs, diagnostics Legitimate interest
Respond to support requests Email, message content Legitimate interest
Security & fraud prevention IP addresses, log data Legitimate interest
Legal compliance Relevant account & usage data Legal obligation
03

Data Storage & Security

Your data is stored on secure servers located within the European Union. We implement industry-standard technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

Security measures we employ include:

  • TLS/HTTPS encryption for all data in transit between your browser and our servers.
  • AES-256 encryption at rest for sensitive data, including signing keys and configuration files.
  • Isolated build environments — your app compilation runs in sandboxed containers that are destroyed after each build.
  • Role-based access controls limiting internal access to production data on a strict need-to-know basis.
  • Regular security audits and vulnerability assessments by independent third parties.
  • Automated monitoring and alerting for unusual access patterns or potential breaches.

While we take every reasonable precaution, no method of internet transmission or electronic storage is 100% secure. We encourage you to use strong, unique passwords and enable two-factor authentication on your account.

04

Cookies & Tracking

WebinApp uses cookies and similar technologies to keep you signed in, remember your preferences, and understand how the platform is being used. We keep our cookie use minimal and purposeful.

Types of cookies we use:

  • Essential cookies — Required for the platform to function. These include session tokens and authentication cookies. You cannot opt out of these without losing access to the service.
  • Preference cookies — Store your UI settings such as dashboard layout and language preference. These persist across sessions for your convenience.
  • Analytics cookies — Help us understand how features are used and where users encounter friction. Data is aggregated and anonymized. You may opt out via your account settings.

We do not use advertising cookies or allow third-party ad networks to place tracking cookies on WebinApp. You can manage or clear cookies through your browser settings at any time, though disabling essential cookies will affect functionality.

05

Third-Party Services

We work with a small number of trusted third-party providers to operate WebinApp. Each provider is carefully vetted, bound by a Data Processing Agreement (DPA), and permitted to use your data only as necessary to perform their service for us.

  • Payment processing — Billing and card data is handled entirely by our PCI-DSS-certified payment provider. WebinApp never stores raw card numbers.
  • Cloud infrastructure — Our servers and build pipelines run on reputable EU-based cloud providers subject to GDPR.
  • Transactional email — Build notifications and account emails are delivered via a third-party email service using only your email address.
  • Analytics — Anonymized usage analytics may be processed by a privacy-focused analytics tool that does not share data with advertisers.

Our platform may contain links to external websites. Once you leave WebinApp, this Privacy Policy no longer applies. We encourage you to review the privacy policies of any third-party sites you visit.

06

Your Rights

Depending on your location, you may have certain rights regarding your personal data under applicable law, including the EU General Data Protection Regulation (GDPR) and similar legislation. We honor all of the following rights regardless of your jurisdiction.

  • Right of access — You may request a copy of all personal data we hold about you at any time.
  • Right to rectification — You may correct inaccurate or incomplete personal data through your account settings or by contacting us.
  • Right to erasure — You may request deletion of your account and associated personal data. Deletion is permanent and processed within 30 days.
  • Right to portability — You may request an export of your account data in a machine-readable format (JSON or CSV).
  • Right to restrict processing — You may ask us to pause processing of your data in certain circumstances while a dispute is resolved.
  • Right to object — You may object to processing based on our legitimate interests, including direct marketing.
  • Right to withdraw consent — Where processing is consent-based, you may withdraw your consent at any time without affecting prior processing.

To exercise any of these rights, please contact us using the details in Section 10. We will respond within 30 days. We may need to verify your identity before fulfilling certain requests.

07

Data Retention

We retain your personal data only for as long as is necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

  • Active account data — Retained for the lifetime of your account plus 90 days after account closure to allow for recovery requests.
  • App build files (APK/IPA) — Generated build files are stored for 7 days from the build date, after which they are permanently deleted from our servers. You are responsible for downloading and storing your builds.
  • Signing keys — Retained as long as your account is active. You may delete them at any time via the Key Manager dashboard.
  • Payment records — Retained for 7 years to comply with financial regulations, even after account deletion.
  • Support correspondence — Retained for 2 years from the date of last contact.
  • Server log data — Automatically purged after 90 days.
08

Children's Privacy

WebinApp is intended for use by individuals aged 16 and older. We do not knowingly collect, solicit, or process personal data from anyone under the age of 16. If you are under 16, please do not create an account or submit any personal information to us.

If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that information from our systems. If you believe a child has provided us with personal information without appropriate consent, please contact us at the address in Section 10 so we can investigate and act promptly.

09

Policy Updates

We may update this Privacy Policy from time to time to reflect changes to our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will:

  • Post the revised policy on this page with an updated "Last updated" date at the top.
  • Send a notification email to the address associated with your account at least 14 days before the changes take effect.
  • In some cases, present an in-platform notice the next time you log in.

Your continued use of WebinApp after any changes take effect constitutes your acceptance of the revised policy. If you do not agree to the updated terms, you may close your account before the effective date.

We maintain a changelog of all significant policy revisions. You can request a copy of previous versions of this policy by contacting us at any time.

10

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please do not hesitate to get in touch. We take all privacy inquiries seriously and aim to respond within 48 business hours.

Get in Touch

Reach out to our privacy team through any of the channels below. For formal data subject requests (erasure, access, portability), please include "Privacy Request" in your subject line and verify your email address.

privacy@webinapp.de webinapp.de/contact

Postal address:
WebinApp · Data Privacy Team
c/o WebinApp GmbH · Germany