Privacy Policy

Last updated: 12/06/2026

1. Data we collect

1.1 Account data

• Username, email, encrypted password, account creation time, and account status.
• Google Login information if you choose to use Google Login, such as Google email and identifiers needed for authentication.
• Login cookies including username and authentication token to maintain your session.

1.2 Order data

• Device UDID, package name, package price, payment code, order time, estimated certificate delivery time, warranty period, and processing status.
• Warranty, refund, processing notes, and certificate files if the order has been issued.
• Receipt images or payment proof uploaded by you when manual payment verification is required.

1.3 Payment data

• Transaction amount, payment method, transaction code, payment status, and wallet balance changes.
• Data required to reconcile payments through bank QR, account wallet, PayPal, or other supported methods.
• Discount codes, affiliate information, or referral sources when applied to a transaction.

1.4 Technical data

• IP address, host, requested path, request method, user agent, referrer, and access time.
• Browser, device, operating system, or other technical data needed to debug issues, prevent spam, and protect the system.

2. How we use data

We use data to:

• Create, maintain, and protect user accounts.
• Verify login, maintain sessions, and recover payment state when needed.
• Process Apple certificate orders, register UDIDs, issue certificate files, look up orders, handle warranty, and process refunds.
• Reconcile payments, update wallets, verify receipt images, and handle transaction disputes.
• Send internal notifications to administrators for new orders, warranty requests, or refund requests.
• Prevent fraud, detect abnormal access, stop spam, protect APIs, and maintain system stability.
• Improve the interface, content, order flow, and support quality.
• Comply with legal obligations or valid requests from competent authorities.

3. UDID and certificate order data

UDID is required to process Apple certificate services. When you pay or submit an order, the UDID may be used to register your device with Apple or related certificate processing systems.

We store UDID in order history so users can look up orders, administrators can verify information, warranty can be processed, and support requests can be checked. This data may be kept at least for the warranty period and for a reasonable time afterward for claims, fraud prevention, or reconciliation.

You are responsible for entering the correct UDID. This privacy policy does not replace the terms of use regarding incorrect UDID, device changes, or refunds.

4. Payment and wallet data

When you pay by QR, wallet balance, PayPal, or another method, the system may store data needed to confirm the transaction, create the order, update balance, and provide after-sales support.

Receipt images are used only to verify payment and handle disputes. You should not upload images containing unnecessary sensitive information. If the receipt image contains personal banking or wallet information, you understand that you voluntarily provide it for transaction verification.

We do not store full international card details. PayPal and other third-party payment gateway transactions are processed according to the provider’s own policies and infrastructure.

5. Cookies, login, and third-party tools

5.1 Login cookies

The website uses cookies to remember login state. Cookies may be retained for a period of time, for example up to 30 days, or until you log out or delete browser cookies.

If cookies are disabled, features such as payment, order lookup, wallet, or order history may not work fully.

5.2 CAPTCHA, Google Login, and analytics

The website may use Google reCAPTCHA to prevent automated registration/login, Google Login for authentication, and analytics tools to understand site performance. When using these features, some technical data may be processed under the policies of Google or the relevant analytics provider.

6. Uploaded files and free tools

6.1 IPA signing, link creation, and certificate checking

When using IPA signing tools, you may upload IPA files, certificate ZIP files, P12 passwords, bundle IDs, or app names. These data are used to perform the technical action you request.

You should not upload files containing personal data, business secrets, or content you do not have the right to use. You are responsible for the legality of uploaded files and content.

6.2 App archive and decrypt page

When you search, download, or view content from the app archive/decrypt page, the system may record queries, paths, download status, or technical data needed to provide the feature and prevent abuse.

7. Access logs and abuse prevention

The website may log IP address, host, requested path, user agent, referrer, and access time. These logs help us:

• Detect abnormal access, spam, attacks, or excessive API usage.
• Investigate technical errors and improve stability.
• Protect users, administrators, and the system when disputes or fraud occur.

8. Sharing data with third parties

We do not sell users’ personal data. Data is shared only when necessary:

• With Apple or related certificate processing systems to register UDIDs, issue certificates, or handle warranty.
• With payment providers such as banks, e-wallets, PayPal, or reconciliation tools to verify transactions.
• With internal notification services such as Telegram so administrators can receive order, warranty, or refund notifications.
• With infrastructure, hosting, database, email, or security providers to operate the website.
• When required by a valid authority request or to protect our legitimate rights and users.

9. Data storage and protection

Data is stored on servers/databases with reasonable technical safeguards such as access control, password hashing, secure authentication cookie attributes, and limited access when not needed.

Retention depends on the data type:

• Account data is stored while the account exists or while related obligations need to be handled.
• Order, UDID, payment, and warranty data is stored at least during the warranty period and for a reasonable time for reconciliation, support, or dispute resolution.
• Access logs are stored as needed for security, statistics, and abuse prevention.
• Uploaded files may be deleted periodically or when no longer needed for technical processing.

Although we apply reasonable safeguards, no system is 100% secure. You should protect your account, email, device, and never share login information with others.

10. User rights

You may contact us to:

• Request review or correction of account information if inaccurate.
• Request support related to order data, UDID, payment, warranty, or refunds.
• Request deletion or restriction of processing when there is no remaining warranty, reconciliation, legal, or dispute-related obligation.
• Log out, delete browser cookies, or stop using the service if you do not agree with this policy.

Some data cannot be deleted immediately if needed to complete orders, warranty, payment reconciliation, fraud prevention, legal compliance, or protection of legitimate rights.

11. Policy updates

We may update this privacy policy when features, payment processes, certificate processing systems, technical requirements, or legal rules change. The new version takes effect when posted on the website unless otherwise stated.

12. Contact

If you need support about privacy, personal data, accounts, UDID, order history, or data-related requests, please contact us through the official channels displayed on the website, such as Telegram, Zalo, or Email.

By continuing to use the service, you confirm that you have read and agree to the current privacy policy. This policy should be read together with the website Terms of Use.