BuildMyApp Privacy Policy

Version 1.0 -- Effective May 13, 2026

BuildMyApp ("BMA", "we", "us") is operated by Maia AI, LLC, a Texas limited liability company. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have. It applies to the BuildMyApp marketplace, including the web application, marketplace listings, and any related communications.

By using BuildMyApp, you agree to the data practices described in this policy. If you do not agree, please do not use the platform.

1. Information We Collect

We collect personal information in three ways: information you provide, information collected automatically when you use the platform, and information from third-party services you connect.

Information you provide:

  • Account information: name, email address, phone number, password (hashed)
  • Profile information: bio, skills, links you choose to share, photo
  • Payment information: we do not store credit card or bank account numbers. Payment data is collected and processed by Stripe; we store only Stripe-issued identifiers (Stripe Customer ID, Stripe Connect Account ID) that allow us to reference your Stripe records
  • Tax and identity information: for developers receiving payouts, Stripe collects required tax information directly during Stripe Connect onboarding; we do not see or store your Social Security Number, EIN, or full bank details
  • Content you submit: software requests, proposals, milestone descriptions, listing descriptions, collaboration messages, warranty claim text, reviews, ratings, and any other text or files you submit through the platform
  • Communications: any emails or support messages you send to us

Information collected automatically:

  • Usage data: pages you visit, actions you take, timestamps, and your interaction with platform features
  • Device and connection information: IP address, browser type, operating system, and user agent. We record IP and user agent at the moment you agree to our Terms & Conditions for legal record-keeping
  • Cookies and similar technologies: see Section 5

Information from connected third parties:

  • OAuth providers: when you sign in with Google or GitHub, we receive basic profile information (name, email, profile photo, account identifier)
  • GitHub repository data: when you grant GitHub access for developer features (commit monitoring, repo screening, software listings), we read public profile data, repository metadata, and commit history for the repositories you authorize. We do not write to your repositories
2. How We Use Your Information

We use your information to:

  • Operate the platform: create and authenticate your account, match buyers with developers, process transactions, deliver software, and run warranty, mediation, and dispute-resolution workflows
  • Process payments: initiate charges, route developer payouts via Stripe Connect, process refunds, calculate platform fees, and maintain financial records
  • Communicate with you: send transactional emails about your requests, proposals, builds, deliveries, payments, and account activity. Send service announcements and important policy updates
  • Provide AI-assisted features: AI helps with request drafting, milestone review, delivery review, mediation, and other in-product flows. AI features process the content you submit in the moment they are invoked; see Section 11 for AI provider details
  • Maintain platform safety and integrity: detect fraud, abuse, and policy violations; enforce our Terms & Conditions; protect users from harm
  • Compute reputation metrics: calculate public reputation metrics (completion rates, acceptance rates, warranty claim rates, ratings) from your platform activity
  • Comply with legal obligations: tax reporting, court orders, subpoenas, and other applicable laws
  • Improve the platform: analyze aggregate usage patterns to identify and fix bugs, improve features, and develop new functionality
3. How We Share Your Information

We share personal information only as described below. We do not sell your personal information.

With other users of the platform:

  • Software requests you post are publicly visible to all platform users, including unregistered visitors, as described in our Terms & Conditions
  • Your public profile (name, photo, reputation metrics, listings, completed builds) is visible to other users
  • Within an active build or collaboration, the other party can see your messages, deliveries, and related content

With service providers (data processors acting on our behalf):

  • Stripe (payment processing, Connect onboarding, Customer Portal) -- see Stripe's Privacy Policy at stripe.com/privacy
  • Twilio (phone verification via SMS one-time passwords)
  • GitHub (OAuth authentication, repository data fetching)
  • Anthropic (AI features powered by Claude). Content you submit through AI-assisted flows is sent to Anthropic for processing. Anthropic does not train models on this content per its enterprise terms
  • Railway (cloud hosting, including database storage)
  • Gmail / Google Workspace (transactional email delivery)

For legal compliance: we may disclose information to comply with applicable laws, court orders, subpoenas, or government requests, or to protect the rights, property, or safety of BuildMyApp, our users, or others.

In a business transaction: if Maia AI, LLC is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to standard confidentiality protections.

With your consent: we may share information with additional parties when you explicitly consent.

4. Public Content

Some content you submit is intentionally public on the platform, as described in our Terms & Conditions:

  • Software requests (title, problem description, expected outcome, acceptance criteria, technical preferences, price, timeline)
  • Software listings (title, description, features, screenshots, pricing)
  • Reviews and ratings
  • Profile information (name, photo, bio, reputation metrics)

Do not include confidential, proprietary, or otherwise sensitive information in public content. Once posted, public content may be cached, indexed by search engines, or copied by other parties. Removing content from the platform does not guarantee its removal from third-party copies.

5. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Keep you signed in (session cookies)
  • Remember your preferences
  • Protect against cross-site request forgery (CSRF tokens)
  • Understand aggregate platform usage

You can configure your browser to refuse cookies, but some platform features may not function correctly without them. We do not use cookies for cross-site advertising or third-party tracking.

6. Data Retention

We retain personal information for as long as your account is active or as needed to provide the platform. Specific retention periods:

  • Account data: retained while your account is active; deleted within a reasonable period after you close your account, except as required for legal compliance
  • Transaction data and financial records: retained for at least 7 years after the transaction for tax and accounting compliance under US federal and Texas state law
  • Terms agreement records (IP, user agent, timestamp): retained for the life of the agreement plus 7 years
  • Public content (requests, listings, reviews, profiles): retained per the public-content section of our Terms & Conditions; may persist after account closure if it is part of historical platform activity
  • Communications: retained for as long as needed to provide support and resolve disputes
7. Your Rights and Choices

Depending on where you live, you may have rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you
  • Correction: ask us to correct inaccurate information; you can update most profile information yourself
  • Deletion: request deletion of your personal information, subject to legal retention obligations (see Section 6). Note that public content you posted may remain visible after account deletion as described in our Terms & Conditions
  • Portability: receive an export of your platform data in a portable format
  • Opt out of marketing communications: we send only transactional emails (account, payment, build activity); we do not send marketing campaigns. You can unsubscribe at any time from the link in any email
  • Object or restrict processing: EU/UK residents under GDPR may object to or restrict certain types of processing

To exercise any of these rights, email support@appmarketplace.dev. We will respond within 30 days (or as required by applicable law).

8. Security

We use commercially reasonable technical and organizational measures to protect your information:

  • Encryption in transit via HTTPS
  • Passwords stored using salted hash functions
  • Payment data handled directly by Stripe under PCI-DSS compliance
  • Access controls limiting employee/contractor access to production data
  • Service-provider contracts requiring confidentiality and data protection

No system is 100% secure. If we become aware of a security incident that affects your information, we will notify affected users as required by applicable law.

9. International Users

BuildMyApp is operated from the United States and hosted on infrastructure located in the United States. If you access the platform from outside the United States, your information will be transferred to, stored in, and processed in the United States.

EU/UK residents: Maia AI, LLC processes your personal information based on legitimate interest (operating the platform), performance of a contract (the Terms & Conditions), legal obligation (tax, payment regulation), or your consent, as applicable. You may contact us using the address in Section 13 to exercise GDPR rights.

California residents: you have rights under the California Consumer Privacy Act (CCPA), including the right to know what information we collect, the right to delete personal information (subject to legal exceptions), and the right to non-discrimination for exercising your rights. We do not sell personal information.

10. Children's Privacy

BuildMyApp is not intended for children under 13. We do not knowingly collect personal information from anyone under 13. If we learn we have collected personal information from a child under 13, we will delete it. If you believe a child has provided personal information to us, contact support@appmarketplace.dev.

11. Third-Party Services and AI Processing

BuildMyApp uses third-party services to deliver functionality. Each third party operates under its own privacy policy:

AI processing note: When you use BuildMyApp's AI-assisted features (request writing, milestone review, mediation, delivery review, listing assistance, and similar flows), the relevant content you submit is sent to our AI provider for processing in order to generate the requested output. Per our enterprise agreement with Anthropic, this content is not used to train AI models.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Effective" date at the top and, where appropriate, notify you by email or through the platform. Continued use of BuildMyApp after changes constitutes acceptance of the revised policy.

13. Contact Us

If you have questions about this policy or want to exercise your privacy rights, contact us at:

Maia AI, LLC
Attention: Privacy Officer
10408 Yucca Drive
Austin, TX 78759 USA
Email: support@appmarketplace.dev

This policy is governed by the laws of the State of Texas. Any legal action arising from or related to this policy shall be brought in the state or federal courts located in Travis County, Austin, Texas.