Privacy Policy

kwtrack.com is operated by an individual based in Ukraine. For privacy questions, contact [email protected].

Anonymous use (no account): the public keyword check at kwtrack.com works without signup. We collect only PostHog product analytics under an anonymous distinct-id and standard server logs (see below).

When you create an account: email address and a securely hashed password (via the better-auth library), or — if you sign in with Google — your Google account email, display name, and Google account ID returned by the OAuth flow. Your display name is requested at signup.

Tracked apps and keywords: the App Store IDs, keywords, storefronts, and notification cadence preferences you configure inside your workspace.

Notification channels you connect: Telegram chat ID, Discord webhook URL, custom webhook URL and signing-secret hash, or a delivery email address (which may differ from the account email). We never store the webhook signing secret in plaintext — only a hash; the raw secret is shown to you once at creation and we never see it again.

Billing: if you upgrade to Pro, our payment processor Creem.io receives your card details directly. We receive only the subscription status, billing period, plan, last-four digits of the card, and the billing email — we never see your full card number or CVC. See "Third-Party Services" below.

Automatically collected: PostHog product analytics events (page views, UI interactions, and automatic JavaScript exception traces — stack trace, page URL, browser info). For signed-in users these events are linked to your account ID, email, and display name so we can debug issues and measure feature engagement (see "Analytics" below).

Server logs: standard request metadata (IP address, user agent, timestamp) handled by Cloudflare for fraud and abuse prevention; not retained long-term by the operator.

We do not record the text of anonymous search queries you enter into the public keyword check. Inside the authenticated workspace, the keywords you choose to track are stored against your account so we can run the tracking for you.

We split cookies and browser storage into two groups. The first appear in every session regardless of consent; the second only after you click "Accept all" on the consent banner.

Essential (always on, required for the Service to work):

• Session cookie — set by the better-auth library after sign-in to keep you signed in. HttpOnly, same-site, first-party under kwtrack.com.
• Cookie-consent decision — your choice itself is stored inkwtrack:cookie-consent in localStorage so we don't ask again on every visit.
• next-themes localStorage — stores your light/dark theme preference under the key theme.
• Workspace-local preferences (localStorage) — recent searches, recently-viewed apps, and other UI-state caches stored under kwtrack:* keys. Never leave your browser.

Optional analytics (only after "Accept all"):

• PostHog distinct-id cookie — first-party under kwtrack.com, used to identify and deduplicate analytics events. Linked to your account ID after sign-in (see "Analytics" below).

You can change your decision at any time using the "Cookie preferences" link in the site footer.

Not in this list: Cloudflare Web Analytics. It runs on every page but does not set any cookies or write to localStorage — it is described in the "Analytics" section instead.

We run two analytics products with very different consent models: Cloudflare Web Analytics (cookieless, baseline traffic data — runs for everyone) and PostHog (product analytics with per-user identification — gated on explicit consent). Each is described below.

Cloudflare Web Analytics

Cloudflare's beacon script loads on every page and records aggregate page views, referrer (the URL you came from), and country-level geography. It does not set cookies, does not write to localStorage, and does not assign you a persistent identifier; IP addresses are discarded after the country lookup. Because the data cannot be tied back to any individual, this product runs regardless of your cookie-consent choice. Cloudflare's policy: cloudflare.com/privacypolicy.

PostHog

We use PostHog (PostHog Inc., USA) for product analytics. Analytics requests are routed through kwtrack.com/ingest/* as a reverse proxy to us.i.posthog.com. PostHog is configured without session recording.

Analytics is off by default. Nothing is sent to PostHog until you click "Accept all" on the cookie consent banner. If you choose "Essential only" — or close the banner without choosing — no PostHog events are captured, no PostHog cookies are set, and no identify() call is made even after you sign in.

If you accept, anonymous events are tagged with a first-party distinct-id cookie. After sign-in we additionally call PostHog's identify() with your account ID, email, and display name so we can debug issues you report, measure feature engagement per plan tier, and run product funnels (sign-up, upgrade, channel onboarding). We never put sensitive content (search queries longer than a token, webhook secrets, payment card data, OTP codes) into event properties.

If you change your mind, we call PostHog's reset() at the moment you switch from "Accept all" to "Essential only", which clears the local distinct-id and the link between this browser and your account profile in PostHog. Events captured before that point remain in PostHog's database; you can request their deletion via [email protected].

PostHog also automatically captures unhandled JavaScript errors (stack trace, page URL, browser info). PostHog's privacy policy: posthog.com/privacy.

• Cloudflare — hosting, edge functions, DNS, and security. Cloudflare also provides Cloudflare Web Analytics, a cookieless aggregate analytics product we enable on the public site. It records page views, referrer, and country-level geography without setting cookies, without storing IP addresses past the moment of geo-resolution, and without any per-user identifier. Because it is cookieless and non-identifying, it runs for all visitors regardless of the cookie-consent banner choice — see "Analytics" above for the contrast with PostHog (privacy policy).
• PostHog — product analytics, consent-gated (see "Analytics" above).
• Creem.io — payment processor for Pro subscriptions. When you check out, you enter your card details directly into Creem's hosted checkout page; kwtrack never receives or stores raw card data. Creem returns to us only the subscription status, billing email, last-four digits of the card, and renewal/cancellation dates (privacy policy).
• Google (Sign in with Google) — optional OAuth provider. If you choose to sign in with Google, Google shares your email, display name, and Google account ID with kwtrack. We do not request any additional Google data (no Drive, Gmail, calendar, etc.).
• Telegram, Discord, your own webhook receivers — outbound notification channels you connect from /app/settings. We send your notifications to these endpoints; the receiving service has its own privacy policy that governs what they do with the delivered payload.
• Email delivery — transactional emails (verification, password reset, notification digests when "Email" channel is enabled) are sent via a third-party email provider. We pass them your account email and the message content.
• xAI (Grok) — optional AI features (review-sentiment summary, ASO metadata simulator suggestions, competitor metadata teardown). We send the relevant public App Store text to xAI for inference. We do not send your account email, payment data, or tracked-keyword lists to xAI.
• Apple Inc. iTunes APIs — public data source the Service reads from. We do not send your data to Apple.
• Google Fonts — Geist and Instrument Serif fonts are served via Google's CDN; this involves a request to Google's servers when the page loads.

For visitors in the EU/UK, we process anonymous-visit data and operational logs on the basis of legitimate interest in operating, securing, and improving the Service. Account, billing, and notification-channel data are processed on the basis of performance of the contract between you and kwtrack (these Terms). We do not process data on the basis of consent today (no marketing email, no behavioural advertising). Where the law in your jurisdiction requires explicit consent for cookies or analytics, you may decline by not using the Service.

Depending on your jurisdiction (notably the EU/UK under GDPR), you may have rights to access, rectify, erase, restrict processing of, object to processing of, or port your personal data. To exercise any of these rights, contact [email protected]. We aim to respond within 30 days.

PostHog stores analytics data in the United States. Cloudflare operates a global network and may process traffic in any of its edge regions. Transfers outside your country rely on the standard contractual clauses and equivalent safeguards offered by these providers.

• Anonymous analytics events — retained by PostHog for approximately 12 months.
• Cloudflare server access logs — approximately 30 days at the edge.
• Account data (email, hashed password, display name, tracked apps and keywords, notification preferences and channels) — retained for as long as your account exists. Removed on deletion (see "Account Deletion" below).
• Billing records — subscription history, invoices, and payment-status events received from Creem.io are retained for as long as required by applicable tax and accounting law (typically 7 years), even after account deletion. We retain the minimum legally required record, not the full account history.
• Notification inbox items — kept while your account exists; older items may be auto-pruned per retention windows announced in the product.

You can delete your account and associated personal data at any time. There is currently no in-app delete button — to request deletion, email [email protected] from the email address attached to your account. You do not need to provide a reason. We aim to complete the deletion within 30 days of receiving your request and confirm by email when done.

A self-service delete button inside /app/settings is on the roadmap and will replace the email request once shipped.

What gets deleted: account record, hashed password (or OAuth identity), tracked apps and keywords, notification preferences, connected channels, notification inbox, simulator sessions, and analytics person profile in PostHog.

What we retain after deletion: billing records required by tax/accounting law (see "Data Retention" above), and anonymous aggregate analytics that cannot be linked back to you.

See "What We Collect" above for the full list. Authentication uses the better-auth library (email + password, or Google OAuth). Passwords are stored as a cryptographic hash, never in plain text — kwtrack staff cannot read your password.

The Service is not directed at children under 13 (or under 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided personal information through the Service, please contact us and we will take appropriate action.

We may update this Policy from time to time. The "Effective" date at the top reflects the current version. Material changes will be highlighted on the homepage when feasible.

Privacy questions: [email protected].