Privacy Policy

Last updated: May 19, 2025

This Privacy Policy (“Policy”) outlines how Apps Record LLC (also referred to as the “Data Controller,” “we,” “us,” or “our”), doing business as BulkSignature (“BulkSignature”), collects, uses, shares, and protects the Personal Data of our customers (“Customers”) and all other individuals who use our services or interact with our digital properties (“Users” or “you”).

This Policy applies to your use of our website www.bulksignature.com and its subdomains (collectively, our “Websites”), our web applications (“Web Apps”), and our mobile applications (“Mobile Apps”). These Websites, Web Apps, and Mobile Apps, including all content, features, and functionalities offered through them, along with any related support or other offerings we provide, are collectively referred to as the “Services” in this Policy.

Data Controller Contact Information:

The Data Controller responsible for your Personal Data under this Policy is:

Apps Record LLC 5900 Balcones Drive Ste 8139 Austin, TX 78731 United States

For any privacy-related inquiries or to exercise your data protection rights, you can contact us via email at: privacy@bulksignature.com

Data Protection Officer (DPO): Our Data Protection Officer is Ziyoda Mirsaidova, who can be contacted at: ziyoda@appsrecord.com. How we collect and use your personal information

1. Information We Collect and Your Choices Regarding Provision

To enable us to provide our Services to you effectively, some of the Personal Data we ask you to provide is essential for the performance of our contract with you or for the functionality of the Services. This information will be identified as mandatory at the point of collection.

Mandatory Information: If you choose not to provide Personal Data that is designated as mandatory, we may not be able to provide you with some or all of our Services, respond to your requests, or complete your transactions.
Optional Information: In instances where we indicate that providing certain Personal Data is optional, you are free to choose not to provide it. Withholding optional information will not typically affect the core availability or functioning of the Service, although some specific features, customizations, or functionalities might be unavailable to you.
Clarification: If you are uncertain about whether providing specific Personal Data is mandatory for a particular Service or feature, please contact us using the details provided in the “Contact Us” section of this Policy.

2. Cookies and Other Tracking Technologies

We and our authorized third-party partners may use cookies and similar tracking technologies (such as web beacons, pixels, and local storage) when you interact with our Services. Cookies are small text files placed on your device that help us operate and personalize our Services, remember your preferences, analyze how our Services are used, and assist with our promotional and advertising efforts where applicable.

These technologies are used for purposes such as:

Essential Operations: Enabling core functionalities of our Services, ensuring security, and managing your session.
Performance and Analytics: Understanding how you use our Services, which features are popular, and how we can improve performance and user experience.
Functionality and Preferences: Remembering your settings and preferences to provide a more personalized experience.
Marketing and Advertising (if applicable): Helping us to deliver relevant advertising to you, measure the effectiveness of our campaigns, and understand your interests, subject to your choices and consent where required.

You have choices regarding the use of cookies and similar technologies. Specific details about the types of cookies we use, the third parties involved, their duration, and how you can manage your cookie preferences and consent (e.g., through our cookie consent management tool or your browser settings) are provided in our dedicated Cookie Policy. We encourage you to review our Cookie Policy for comprehensive information. Some essential cookies cannot be disabled as they are necessary for the functioning of our Services.

3. Types of Personal Data We Collect

To provide and improve our Services, we collect various types of Personal Data from and about you. This includes:

Identity and Contact Data: Information that helps us identify and communicate with you.
- Examples: First name, last name, email address, phone number, account credentials (such as username and password).
Company and Employment Data: Information related to your professional context if you use our Services as part of an organization or provide this information to us.
- Examples: Company name, company domain, job title, business address, country, business phone number, preferred currency, billing contact details, tax jurisdiction, and VAT/GST numbers.
Data from Connected Platform Accounts: When you choose to connect your Google Workspace account or Microsoft 365 account (collectively, “Platform Accounts”) with our Services (often using OAuth architecture and APIs), we will access certain data from these Platform Accounts as authorized by you.
- Note: Specific details regarding the data we access and process from your Platform Accounts are provided in Section 4 (“How We Collect Personal Data”) of this Policy and/or at the point of integration.
Demographic Data: Information such as your age, gender, occupation, and interests.
- Note: This data is typically provided by you directly or may be inferred in an aggregated or de-identified manner for service improvement.
Device, Connection, and Usage Data: Information about how you access and use our Services.
- Device and Connection Information Examples: Your device type and name, operating system, browser type, IP address, unique device identifiers, and the country from which you access our Services.
- Usage Information Examples: Pages you visit on our Websites and within our Web Apps, features you use (including buttons clicked), actions taken, dates and times of access, and error logs.
- Interaction Data for Analytics: We may also collect data about your interactions with our user interface (e.g., through tools like Microsoft Clarity as detailed in Section 4 and Section 6) to understand usability and improve our Services. This may include recordings or heatmaps of interactions, which are analyzed to enhance user experience.
Financial Data: Information related to your payment transactions.
- Note: While we do not directly collect or store full credit card or debit card numbers, our trusted third-party payment processors (e.g., Stripe) do. We may process or have access to related financial information.
- Examples: Bank account information (collected by our payment processors), the last four digits of your credit or debit card, and details of transactions associated with your use of the Services (e.g., transaction ID, category, type, merchant name, amount, currency, date, and location).
User-Generated Content and Communications: Any Personal Data you voluntarily provide, create, or share when using our Services or communicating with us.
- Examples:
  - Information you provide when you communicate with us directly (e.g., via email, text message, or through our website chat feature facilitated by live chat – see Section 4 and Section 6 for more details on data collected by chat).
  - Content you create, upload, or input into free-text entry boxes within your account or while using specific features of the Services (e.g., content for email signature designs processed with assistance from tools like OpenAI, as described further in relevant sections).
  - Information shared when you communicate with other Users through features within the Services (if applicable).
  - Personal Data you include in emails sent using features of the Services.

4. How We Collect Personal Data

We collect Personal Data in the following ways:

a. Directly from You:

When you register for an account, create or modify your profile, set preferences, or sign up for or make purchases through the Services.
When you use features of our Services that require you to input specific Personal Data.
When you communicate with us directly (e.g., by submitting forms on our Websites, participating in surveys, contests, or promotional activities, requesting customer support, or otherwise communicating with us via email, chat, or other channels).

b. Data from Your Use of Our Services (Including Analytics):

We collect Personal Data related to your engagement with and use of our Services. This includes information about how you interact with our Services, such as your IP address (which may be used to determine your general location and can be anonymized or shortened where technically feasible, particularly for users in certain regions like the European Economic Area), usage patterns, and behavioral data (like clicks, scrolls, and mouse movements on our website and application interfaces).
This data helps us understand user needs, troubleshoot issues, improve service performance and usability, enhance user experience, and develop new features.
The specific third-party analytics service providers we use for these purposes are detailed in Section 6 (“Our Sub-processors and Third-Party Services”) of this Policy. You can typically find more information about their data practices and any opt-out options by reviewing their respective privacy policies, often linked from our Sub-processors section or Cookie Policy.

c. Data Collected via Automated Tracking Technologies:

When you navigate our Websites or use our Mobile Apps and Web Apps, we and our authorized third-party partners (detailed in Section 2: “Cookies and Other Tracking Technologies” and Section 6: “Our Sub-processors and Third-Party Services”) may automatically collect certain information using cookies, web beacons, pixels, and similar tracking technologies. This includes Device, Connection, and Usage Data as described in Section 3. Further details, including how to manage your preferences, are available in our Cookie Policy.

d. Data from Third-Party Payment Processors:

Our Services use third-party payment processors to handle payments by credit card, bank transfer, or other means. When you make a payment, you provide your payment information directly to our designated payment processor.
To ensure greater security and process transactions effectively, Apps Record LLC may receive or access necessary transaction details from the payment processor to confirm payment and manage your account. This can include Company Information (company name, company address, country, language, financial currency, tax jurisdiction, VAT/GST numbers) and Contact Information (first name, last name, email address), as well as transaction details
The specific payment processor(s) we use are listed in Section 6 (“Our Sub-processors and Third-Party Services”). We recommend you review their privacy policy (typically available via a link in our Sub-processors section) for a full understanding of their data practices.

e. Data from Connected Platform Accounts

When you choose to integrate our Services with your Google Workspace or Microsoft 365 accounts (collectively, “Platform Accounts”), we access certain data from these platforms to provide our Services.

Google Workspace (via OAuth, Gmail API, and Google Workspace service-to-service APIs):
- Authorization: When you install our app through the Google Workspace Marketplace and authorize access, we retrieve data from your organization’s Google Workspace. You can learn more about data access and permissions for Google Workspace Marketplace apps
- We use the Google Workspace Admin platform integration to provide specific features of our Services.
- Data accessed from your Google Workspace Admin account: For the seamless operation of our application, we may access, collect, and store the following data:
  - User/Admin Profile Details: Full name, email, phone number, address, organization name, etc.
  - Employee Details and Domain Users: First and last name, email address, phone number, mailing address, department name, assigned group, and organizational unit of users active in the Google Workspace account.
  - Group Details: List of group names, group subscriptions, and employee membership within groups.
  - Organizational Units: Names, descriptions, nested hierarchies, and member information of organizational units.
  - User Schemas: Certain details (e.g., custom field names and types) of user schemas on your domain.
  - Basic Gmail Settings: Primary email address, primary reply-to, display name, signature; view and manage filters.
  - Sensitive Gmail Settings: Forwarding rules and aliases.
- We adhere to the terms of Google's Data Processing Addendum where applicable.
Microsoft 365 Platform:
- Authorization: When you install our app (e.g., from Microsoft AppSource or by integrating it via Azure Active Directory) and authorize access, we retrieve data from your organization’s Microsoft 365 environment. You can learn more about data access and permissions for Microsoft 365 apps.
- We use integration with the Microsoft 365 platform (such as Microsoft Graph API) to provide specific features of our Services.
- Data accessed from your Microsoft 365 account: For the seamless operation of our application, we may access, collect, and store the following data:
  - User/Admin Profile Details: e.g., Full name, email, phone number, job title, department, etc.
  - Employee Details and Directory Users: e.g., Information about users within your Microsoft 365 organization
  - Microsoft 365 Group Details: e.g., Group names, membership
  - Organizational Information: e.g., Details about your organization's structure within Microsoft 365
- We adhere to the terms of Microsoft's applicable Data Processing Agreements or Online Services Terms where applicable.

f. Data You Provide for Specific Features or Communications:

Online Chat: When you interact with our online chat feature on our Websites, you may provide Personal Data such as your name, email address, and the content of your chat messages. This feature may be facilitated by a third-party service provider, whose details can be found in Section 6 (“Our Sub-processors and Third-Party Services”). The provider may also automatically collect certain information such as your IP address, device type, country, location, and pages visited, as detailed in their privacy policy and our Cookie Policy.
AI-Assisted Features (e.g., Email Signature Design): If you use features within our Services that leverage third-party AI-powered tools (for example, to assist in designing email signatures), you may provide Personal Data (such as your name, title, company, contact details, or other PII you wish to include). We process this data, with the assistance of these external connected AI tools, solely to provide you with the requested feature or output. We only process the data you explicitly provide for this purpose. The specific AI tool providers we may use are detailed in Section 6 (“Our Sub-processors and Third-Party Services”).

5. Mode and Place of Processing Your Personal Data

a. Mode of Processing

We are committed to protecting your Personal Data and employ a variety of security measures and processing methods to ensure its safety:

Security Measures:
- Encryption: We encrypt Personal Data both at rest and in transit. All datastores containing customer data, including S3 buckets, are encrypted at rest. Sensitive data is further protected with field-level encryption, meaning the data is encrypted before it reaches the database, so that neither physical nor logical access to the database alone is sufficient to read this highly sensitive information. BulkSignature uses TLS 1.2 or higher for all data transmitted over potentially insecure networks, and we utilize features such as HSTS (HTTP Strict Transport Security) to maximize the security of data in transit. Server TLS keys and certificates are managed by AWS and deployed via Application Load Balancers. Encryption keys are managed via AWS Key Management System (KMS), where key material is stored in Hardware Security Modules (HSMs) preventing direct access. Application secrets are encrypted and stored securely via AWS Secrets Manager and Parameter Store, with strictly limited access.
- Access Controls: Access to Personal Data is limited to Apps Record LLC employees and authorized contractors who have a legitimate business need, based on the principle of least privilege. Employees are granted access based on their role and are automatically deprovisioned upon termination of employment. Further access requires approval according to policies set for each application. We utilize multi-factor authentication (MFA), secure password policies, and role-based access controls.
- Secure Infrastructure: Our services operate within the Amazon Web Services (AWS) cloud environment, benefiting from its robust security infrastructure.
- Vulnerability Management: We maintain a comprehensive vulnerability management program. This includes engaging with leading penetration testing consulting firms at least annually. Our program also incorporates vulnerability scanning at all stages of the software development lifecycle, including static analysis (SAST) of code, malicious dependency scanning, dynamic analysis (DAST) of running applications, periodic network vulnerability scanning, and continuous external attack surface management (EASM).
Processing Operations: The majority (approximately 90%) of Personal Data processing is carried out using automated and electronic systems. Manual processing by our authorized personnel occurs primarily in response to specific User requests (e.g., assisting with restoring a deleted account or managing a subscription upgrade), and always under strict access controls. In some instances, limited external contractors may be granted access to Personal Data, but only when necessary to perform an authorized job function and under contractual obligations to maintain confidentiality and security.

b. Place of Processing

Primary Location: Apps Record LLC (doing business as BulkSignature) has its headquarters in the United States. All primary data processing activities occur in the United States. Our services are hosted on Amazon Web Services (AWS) RDS servers located in the US-EAST-1 region (North Virginia, USA).
Third-Party Service Providers: The third-party service providers we engage (such as those for analytics, payment processing, and integrated Platform Accounts like Google Workspace and Microsoft 365) also primarily process Personal Data within the United States.
International Data Transfers: We provide Services to Users globally. If you are using our Services from outside the United States, please be aware that your Personal Data will be transferred to, stored, and processed in the United States. By using BulkSignature’s Services, you acknowledge that your Personal Data will be processed in the United States.

The United States has not received a finding of “adequacy” from the European Union under Article 45 of the GDPR. For Users in the European Economic Area (EEA) and the UK, Apps Record LLC provides for appropriate safeguards for the transfer of Personal Data to the US, primarily by entering into binding Standard Contractual Clauses (SCCs), as approved by relevant authorities, which are enforceable by data subjects in the EEA and the UK. These clauses are reviewed and enhanced based on regulatory guidance (such as from the European Data Protection Board) and will be updated as new model clauses are approved or become required.

Depending on the specific circumstances, Apps Record LLC may also collect and transfer Personal Data to the U.S. based on your consent, to perform a contract with you, or to fulfill a compelling legitimate interest of Apps Record LLC in a manner that does not outweigh your rights and freedoms.

Apps Record LLC is committed to applying suitable safeguards to protect the privacy and security of your Personal Data and to use it only in a manner consistent with your relationship with us and the practices described in this Privacy Policy. We also enter into data processing agreements and model clauses with our vendors whenever feasible and appropriate to ensure the protection of your Personal Data. As of the effective date of this Policy, Apps Record LLC has received zero government requests for information regarding user data.

6. Our Sub-processors and Third-Party Services

To provide and improve our Services, Apps Record LLC engages trusted third-party service providers who act as sub-processors of your Personal Data. We conduct due diligence on our sub-processors and ensure that we have appropriate contractual agreements in place with them, including Data Processing Agreements (DPAs) where required, to ensure they protect your Personal Data and process it only in accordance with our instructions and applicable data protection laws.

Below are the categories of sub-processors we may use, the purposes for which we use them, and their primary locations for processing Personal Data

Sub-processor	Services	Nature and Purpose of Processing	Categories of personal data	Location of Processing	Data Processing Agreement
Amazon Inc.	AWS Virtual Private Networks, AWS RDS, AWS Lambda, data center	Data Center Services, Cloud Storage Services, database hosting, website hosting, and	All data mentioned above to provide access to services	United States	AWS Data Processing Addendum
Stripe Inc.	Stripe Payments platform, Stripe API	Payments, Invoices and Subscriptions Management	Personal data, Credit cards info, bank information, company data	United States	Data Processing Agreement
Tawk.to	Online Chat Widget	Identifying the user for the purposes of customer service	First name, last name, email, IP address, country, location device name, page visits	United States	Data Processing Addendum
Alphabet Inc.	Google Workspace API, Gmail API	Collecting user data, to provide basic services	Personal data such as company data, and employee data	United States	Cloud Data Processing Addendum
Microsoft Corporation	Microsoft AppSource	Collecting user data, to provide basic services	Personal data such as company data, and employee data	United States	Data Processing Addendum
Open AI	AI research and deployment platform	Email signature designs	PII that the user shares	United States	Data Processing Addendum
Microsoft Clarity	Behavioral Analytics Tool	UI analytics	PII, employee information, company information	United States	Data Processing Addendum

As detailed in the “Mode and Place of Processing Your Personal Data” section, where these sub-processors process Personal Data outside of your region (e.g., transfer of EEA/UK/Swiss data to the United States), we rely on appropriate legal transfer mechanisms, such as Standard Contractual Clauses and other safeguards.

Our business needs and the sub-processors we use may change from time to time. We will strive to keep this information current. For significant changes, we may notify you as required by applicable law or our agreements with you. If you have specific questions about our sub-processors, please contact us using the details provided in the “Contact Us” section of this Policy.

7. Legal Basis for Processing Your Personal Data

We are committed to processing your Personal Data lawfully, fairly, and transparently. Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, we rely on one or more of the following legal bases for processing your Personal Data:

To Provide Our Core Services and Manage Your Account: We process your Personal Data, such as your identity, contact, and account information, to register you as a new user, authenticate your access, deliver the core functionalities of the BulkSignature Services, and manage your account.
- Legal Basis: The processing is necessary for the Performance of a Contract we have with you (i.e., our Terms of Service).
To Process Payments: We process your financial and transactional data to manage payments for your subscriptions or other paid features.
- Legal Bases:
  - The processing is necessary for the Performance of a Contract (to fulfill the transaction for the services you've purchased).
  - The processing is also necessary for compliance with a Legal Obligation (e.g., for financial record-keeping and tax purposes).
To Communicate with You (Service-Related Communications): We use your Personal Data to send important service announcements (e.g., about planned maintenance, changes to our terms, security updates), respond to your inquiries, provide customer support, and send essential transactional emails (e.g., account verification, password resets).
- Legal Bases:
  - The processing is necessary for the Performance of a Contract.
  - The processing is also based on our Legitimate Interests in keeping you informed and supported, ensuring service stability, and informing you about important updates relevant to your use of the Service.
For Marketing and Promotional Communications: We may use your Personal Data to send you newsletters, information about new features, special offers, or related products or services.
- Legal Bases:
  - Where you have proactively opted in to receive such communications, our processing is based on your Consent.
  - For existing customers, we may send communications about similar products or services based on our Legitimate Interests (specifically, to inform you of relevant offerings or updates that enhance your use of similar products, and to grow our business), provided you have been given a clear opportunity to opt out at the time of data collection and in every subsequent marketing message. You can opt out of these communications at any time.
For Analytics and Service Improvement: We process Personal Data by analyzing how you interact with our Services to understand usage patterns, identify areas for improvement, develop new features, troubleshoot issues, and enhance the overall performance and user experience.
- Legal Basis: The processing is based on our Legitimate Interests in understanding and improving our Services.
For Security and Fraud Prevention: We process Personal Data to monitor service activity, detect and prevent security incidents, unauthorized access, or fraudulent activities, and to verify user identities.
- Legal Bases:
  - The processing is based on our Legitimate Interests in protecting our Service, our Users, and our assets, and fulfilling our security commitments (including those aligned with standards like SOC2).
  - The processing is also necessary for compliance with a Legal Obligation (e.g., to comply with general data security duties imposed by laws like GDPR Article 32).
For Legal Compliance and Enforcement (General): We may process your Personal Data to comply with applicable laws, regulations, court orders, or other legal processes, to enforce our Terms of Service or other agreements, and to protect the rights, property, or safety of Apps Record LLC, our Users, or the public.
- Legal Bases:
  - The processing is necessary for compliance with a Legal Obligation.
  - The processing is also based on our Legitimate Interests in enforcing our terms, protecting our legal rights, and the rights of others.
To Process Data from Your Connected Platform Accounts (e.g., Google Workspace, Microsoft 365): When you choose to connect your Google Workspace or Microsoft 365 account (“Platform Accounts”) with our Service, we process data from these accounts to provide specific features of our Service that rely on this integration.
- Legal Bases:
  - The processing is necessary for thePerformance of a Contract (to deliver the specific integrated features you have requested and authorized).
  - The processing is also based on your Consent, provided when you authorize the connection and grant permissions for data access through the relevant Platform Account's authorization process.

8. Data Retention Period

We retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, or as required by applicable laws and regulations. The retention period for different categories of Personal Data is determined by its nature, the purpose of its processing, and any overriding legal or operational requirements.

User Account Data (including data from actively connected Platform Accounts like Google Workspace/Microsoft 365):
- We retain your account information and the data processed within your account for as long as your BulkSignature account remains active.
- Upon closure or cancellation of your account (whether initiated by you, or by us, for example, after a review process triggered if a connected Platform Account has been inactive for over one year and we determine you no longer intend to use the Service), most of your Personal Data associated with the account will be securely deleted after a period of 6 months.
- You may request immediate deletion of your account data upon permanently leaving our Services by contacting us.
- Exception for Marketing Contact: We will retain the primary contact email address associated with your account for future marketing communications, based on our legitimate interest to inform you about our services. You can easily opt out of these communications at any time via the unsubscribe link in any marketing email or by contacting us.
Data from Disconnected Platform Accounts:
- If you disconnect a Platform Account (e.g., Google Workspace or Microsoft 365) but your main BulkSignature account remains active, the data previously obtained from that Platform Account will be retained as part of your active BulkSignature account data until your main account is cancelled.
- If a Platform Account remains disconnected for more than 1 year, we may review the status of your service usage, contact you to determine your intentions, and if appropriate, proceed to cancel your BulkSignature subscription. Following such a cancellation, your data (including data from the formerly connected Platform Account) will be deleted after 6 months.
Payment and Transaction Data:
- We retain records of your payment transactions and related financial data for the period required by applicable tax and accounting laws.
Communication Records:
- Records of your communications with us (such as customer support inquiries, emails, and ticket information) are retained for 4 years following your last interaction with us or the closure of your account. This retention period allows us to handle potential disputes or legal claims, ensure continuity of customer support for complex or recurring issues, meet internal quality assurance requirements, and fulfill specific operational needs, including the training of our support personnel. After this period, these records are securely deleted.
Marketing Data:
- Personal Data used for marketing purposes (such as your inclusion on mailing lists) is retained for as long as you remain subscribed or have provided your consent for such communications.
- If you opt out of marketing communications or withdraw your consent, your Personal Data will be immediately removed from our active marketing lists. Similarly, contact details deemed inactive for marketing purposes are also removed promptly.
Analytics and Usage Data:
- Personal Data collected for analytics purposes is anonymized upon collection. This anonymized dataset, which does not identify individual Users, is then retained for 1.5 years for statistical analysis, trend monitoring, and service improvement.
Log Data:
- User-Specific Logs: Log data directly connected to your actions within the Services (e.g., audit trails of your activity) is retained for 6 months after your account is closed or becomes inactive, and is then deleted along with your main account data.
- General System-Level and Operational Logs: General logs related to the operation, security, and performance of our platform (which are not directly tied to individual user actions) are retained for 4 years for purposes such as security analysis, system administration, and operational oversight.

General Note on Retention: Notwithstanding the periods outlined above, we may retain certain Personal Data for longer periods if required or permitted by law, for example, to comply with legal obligations, resolve disputes, enforce our agreements, or for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes (where appropriate safeguards are implemented)

9. Your Data Protection Rights

Under the European Union’s General Data Protection Regulation (GDPR) and other applicable data protection laws, you, as a data subject, have certain rights regarding the Personal Data that Apps Record LLC holds about you. We are committed to ensuring you can exercise these rights effectively.

This Privacy Policy provides you with information about what Personal Data Apps Record LLC collects and how it is used, fulfilling your Right to be Informed. Your other key rights include:

Right of Access: You have the right to request confirmation from Apps Record LLC as to whether we are processing your Personal Data, and if so, to request access to that Personal Data and obtain a copy of it.
Right to Rectification: You have the right to request that Apps Record LLC correct any inaccurate Personal Data we hold about you, and to have any incomplete PersonalData completed.
Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your Personal Data under certain circumstances, for example, if the data is no longer necessary for the purposes for which it was collected, if you withdraw consent and there is no other legal ground for processing, or if your data has been unlawfully processed.
Right to Restrict Processing: You have the right to request that Apps Record LLC restrict the processing of your Personal Data in certain situations, such as if you contest the accuracy of the data, or if the processing is unlawful but you oppose erasure.
Right to Data Portability: Under certain conditions, you have the right to receive the Personal Data you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another controller without hindrance from us.
Right to Object: You have the right to object to the processing of your Personal Data in certain circumstances, particularly where we are processing your data based on our legitimate interests or for direct marketing purposes. If you object to processing for direct marketing, we will no longer process your Personal Data for such purposes.
Rights Related to Automated Decision-Making, Including Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except under certain conditions (e.g., if it is necessary for entering into, or performance of, a contract between you and us, is authorized by Union or Member State law to which we are subject, or is based on your explicit consent).
Right to Withdraw Consent: Where our processing of your Personal Data is based on your consent, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority (a data protection authority in the EU Member State of your habitual residence, place of work, or place of the alleged infringement) if you believe that our processing of your Personal Data infringes GDPR or other applicable data protection laws.

How to Exercise Your Rights:

If you wish to exercise any of the rights listed above, or if you have any questions or wish to confirm whether Apps Record LLC is processing your Personal Data, please contact us using the details provided in the “Contact Us” section of this Policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We will respond to all legitimate requests within the timeframe required by applicable law.

10. Children's Privacy

Apps Record LLC does not knowingly collect Personal Data from children. Our Services are intended for business and professional use and are not directed at individuals under the age of 16 (or the relevant age of consent for data processing purposes in applicable jurisdictions, such as 13 in the United States under COPPA).

If we become aware that we have inadvertently collected Personal Data from a child without verification of parental consent or another valid legal basis, we will take prompt steps to delete that information from our systems. If you are a parent or guardian and believe that your child has provided us with Personal Data without your consent, please contact us using the details provided in the “Contact Us” section of this Policy, and we will take steps to remove that information.

11. Changes to This Privacy Policy

Apps Record LLC may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or other factors. We will post any changes to this Privacy Policy on our website.

We will indicate at the top of this Privacy Policy the date it was last revised. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your Personal Data and to be aware of any modifications.

Your continued use of the Apps Record LLC’s Services after any changes to this Privacy Policy have been posted will signify your understanding and acceptance of the terms of the revised Privacy Policy. For significant changes, we may also provide a more prominent notice as we deem appropriate under the circumstances or as may be required by applicable law.