Privacy Policy
Last updated: January 13, 2026
This Privacy Policy explains how FreeBraavos LTD ("AppDeploy", "we", "us") collects, uses, and shares information when you use:
- our website and landing page (the "Website"), and
- our integrations, connectors, and APIs for third-party AI platforms and agent clients (the "Integrations"), which let you deploy apps from within your AI platform or agent client of choice.
Third-party AI platforms and agent clients (each, a "Third-Party Platform") are separate services. Their privacy practices are governed by their own policies and terms.
Data minimization: We collect only the information necessary to provide the deployment service. We do not collect data "just in case" or for purposes unrelated to operating AppDeploy.
1) Information we collect
A. Identifiers and account info
- User identifier: when you use the Integrations, we receive an identifier used to associate deployments with your account (e.g., a guest identifier or an authenticated user ID).
- Social sign-in (optional): if you choose to sign in via Google or Apple on our sign-in page, we receive a Firebase-issued identity token and derive a stable user ID. Your email address may be present in the token; we do not require it to provide the core service.
B. Content you submit for deployment
- Project files you provide (source code, configuration files like package.json and optionally serverless.yml, and any static assets).
- Project metadata such as app name/type, description, and deployment identifiers.
- Build and deploy logs generated during deployment, including error details if deployment fails.
Important: Do not submit secrets (API keys, passwords, private tokens), payment card data, government IDs, or other sensitive information in your project files or messages. We do not intentionally collect or require this information. If we detect such data in submitted content or logs, we take steps to limit exposure (for example, redaction and deletion where feasible).
C. Usage and technical data
- Request metadata (e.g., request IDs, timestamps, and session identifiers) and basic logs needed to operate, secure, and debug the service.
- Device/browser data for the Website (e.g., standard HTTP logs, approximate location derived from IP at the infrastructure layer, and diagnostic information).
We do not request or collect your precise device location. Any geographic information is limited to standard IP-based inference at the infrastructure level for security and compliance purposes.
Cookies and analytics: The Website does not use third-party analytics or advertising cookies. We may use essential cookies or local storage for basic functionality (such as authentication state). We do not engage in cross-site tracking.
D. Communications
If you contact support, we collect the information you provide (such as your email address, message content, and any attachments).
E. What we do not collect
The Integrations receive only the specific project files, configuration, and metadata you (or your AI platform/agent client) explicitly submit for deployment. We do not pull your conversation history from Third-Party Platforms. We process only the inputs sent to us through the integration for deployment purposes and do not attempt to reconstruct your broader chat context.
2) How we use information
- Provide the service: create deployments, host your app, and show deployment status and URLs.
- Authenticate and prevent abuse: secure the Service, validate requests, and detect fraud or misuse.
- Troubleshoot and improve: diagnose failures, improve reliability, and enhance product experience.
- Communicate with you: respond to support requests and send service-related notices.
- Comply with law: enforce our Terms, comply with legal obligations, and protect rights and safety.
Response data: Tool responses are limited to what is necessary to complete your request (deployment status, URLs, and relevant error messages). We do not include internal identifiers or diagnostic metadata such as session IDs, trace IDs, request IDs, or detailed timestamps in tool responses unless strictly necessary to fulfill your request.
No profiling: We do not engage in behavioral profiling, cross-site tracking, or build advertising profiles based on your usage of AppDeploy.
3) How we share information
We may share information with:
- Infrastructure providers: we use AWS services (including compute, storage, database, and CDN) to deploy and host apps.
- Authentication providers: if you choose Google/Apple sign-in, we use Firebase Authentication to help authenticate you.
- Package registries and build dependencies: during deployment, build tools may download dependencies from public package registries (e.g., npm) based on your project’s configuration.
- Professional advisors: legal, security, and compliance advisors as needed.
- Legal and safety: to comply with law or protect FreeBraavos LTD, our users, or others.
- Third-Party Platforms and agent clients: When you use the Integrations, we send responses (for example deployment status, logs, and URLs) back to the Third-Party Platform or agent client you are using so it can display them to you. That platform may process those responses under its own terms and privacy policy.
We do not sell your personal information.
4) Public deployments
Apps you deploy are hosted at a public URL and may be accessible to anyone who has the link (or to the public, depending on how you share it). You are responsible for the content you deploy and for ensuring it does not contain sensitive data.
Data processed when your deployed app is used: When you deploy an app through AppDeploy, we host and serve it. As part of providing hosting, we may process technical data from requests to your deployed app (such as IP address, request headers, and server logs) for security, abuse prevention, and reliability. AppDeploy acts as a hosting provider; you (the deployer) determine what your app collects from its visitors and are responsible for providing appropriate notices and obtaining required consents for your deployed app.
5) Data retention
We retain data for varying periods depending on the type:
- Deployment content: retained while your deployment is active, and deleted upon request.
- Build logs: retained for up to 30 days for debugging purposes.
- Security and access logs: retained for up to 90 days for security and compliance.
- Backups: may persist for a limited period after deletion for disaster recovery.
You may request deletion of your deployments and associated data at any time by contacting us.
6) Security
We use reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is 100% secure.
We take steps to reduce sensitive data in logs (for example, redacting obvious secrets and personal data where feasible) and we avoid storing unnecessary message content.
7) Your choices and rights
- Disconnecting from Third-Party Platforms: you can disconnect or remove AppDeploy from your AI platform or agent client at any time through that platform's settings (for example, connected apps/connectors settings, or an MCP configuration). After you disconnect, we will no longer receive new data from that platform for your account unless you reconnect. Disconnecting does not automatically delete existing deployments or data already stored; you can request deletion as described below. Steps vary by platform and may change over time.
- Deletion requests: you can request deletion of your deployments and associated data by contacting us.
- Access and correction: you may request access to or correction of certain information we hold about you.
We may need to verify your request before fulfilling it.
8) Children’s privacy
The service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
9) Changes to this policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date above and, if changes are material, provide additional notice.
10) Contact
Questions or requests? Email support@appdeploy.ai.