Data Protection
Last updated: February 2026
1. Our Commitment
At AppIconsKit (appiconskit.com), data protection is built into the core of our product. We designed the service so that your images and creative work stay on your device at all times.
2. Local Processing Architecture
AppIconsKit uses a privacy-by-design approach:
- Browser-based processing: All icon generation happens locally using the HTML5 Canvas API. Your images are processed entirely within your browser.
- No server uploads: Your source images are never transmitted to our servers or any third-party service.
- No storage: We do not store your images anywhere. Once you close the browser tab, all image data is gone.
- No tracking of content: We never analyze, scan, or inspect the content of your images.
3. Data We Process
| Data Type | Where Processed | Stored? |
|---|---|---|
| Uploaded images | Your browser only | No |
| Generated icons | Your browser only | No |
| Analytics data | Google Analytics | Anonymous only |
| Advertiser submissions | Supabase (encrypted) | Yes, with consent |
4. Security Measures
- HTTPS encryption: All connections to AppIconsKit are encrypted with TLS/SSL.
- No data in transit: Since images are processed locally, there is no image data transmitted over the network.
- Secure payment processing: Advertising payments are handled by Lemon Squeezy, a PCI DSS-compliant payment processor. We never see or store your payment card details.
- Webhook verification: All incoming webhooks are verified using HMAC-SHA256 signatures to prevent tampering.
5. GDPR Compliance
While AppIconsKit collects minimal personal data, we respect the principles of the General Data Protection Regulation (GDPR):
- Data minimization: We only collect what is strictly necessary.
- Purpose limitation: Data is used only for its stated purpose.
- Right to access: You can request a copy of any data we hold about you.
- Right to deletion: You can request deletion of your data at any time.
- Right to portability: You can request your data in a machine-readable format.
6. Data Breach Protocol
In the unlikely event of a data breach affecting personal information, we will notify affected users within 72 hours of becoming aware of the breach. Since the core icon generation service processes no personal data on our servers, the risk of a breach affecting your images is effectively zero.
7. Data Deletion Requests
To request deletion of any data we hold (such as advertiser submissions), contact us at info@appiconskit.com. We will process your request within 30 days.
8. Contact Our Data Protection Team
For any questions or concerns about data protection, reach out to us at info@appiconskit.com.