Privacy policy

When you create an account on Critiq, we collect your email address and the authentication credentials you use to sign in (via Google OAuth or email/password). We also store the category you select during onboarding.

When you submit an app for review, we store the app name, URL, description, category, stage, and any screenshots you upload.

When you write a review, we store your ratings and written feedback. Reviews are anonymous - the person receiving your review cannot see your identity.

We also collect basic usage data such as page views and feature interactions through Vercel Analytics. This data is aggregated and not tied to your identity.

We use your data to:

• Authenticate you and maintain your session
• Match you with submissions to review
• Display your submissions and the reviews you receive
• Send you email notifications when your app has been reviewed
• Manage your credit balance
• Improve the platform based on aggregated usage patterns

We do not sell, rent, or share your personal information with third parties for marketing purposes. We will never monetize your data.

Critiq uses the following third-party services to operate:

• Supabase - database, authentication, and file storage. Your data is stored on Supabase's servers. Supabase Privacy Policy
• Vercel - website hosting and analytics. Vercel Privacy Policy
• Resend - transactional email delivery. Resend Privacy Policy
• Google - OAuth authentication for "Sign in with Google" functionality. Google Privacy Policy

Reviews on Critiq are anonymous. When you review someone's app, they cannot see your name, email, or any identifying information. Similarly, when someone reviews your app, you cannot see who wrote the review.

Your submitted app URL and screenshots are visible to the reviewer assigned to your submission, but your identity is never revealed.

Your data is stored on Supabase's infrastructure with row-level security policies that ensure users can only access their own data. Screenshots are stored in a secure cloud storage bucket. All data is transmitted over HTTPS.

We do not store your password directly - authentication is handled by Supabase Auth, which uses industry-standard hashing and encryption.

Critiq uses essential cookies to maintain your authentication session. We do not use advertising cookies, tracking cookies, or any third-party cookies for marketing purposes.

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Delete your account and all associated data at any time from the Settings page
• Export your data upon request
• Opt out of email notifications from the Settings page

When you delete your account, all your data is permanently removed - including your profile, submissions, screenshots, and review history. This action cannot be undone.

Critiq is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

We may update this privacy policy from time to time. If we make significant changes, we will notify you via email or a notice on the platform. The "Last updated" date at the top of this page reflects the most recent revision.