getapps.cafe
Legal · the fine print, kept honest

Privacy Policy

Last updated: 9 June 2026

getapps.cafe ("getapps.cafe", "we", "us", or "our") runs a subscription that gives you access to a curated menu of desktop apps for macOS and Windows. We believe good software should respect the people who use it - and that goes for how we handle your data too. This Privacy Policy explains what personal information we collect, why we collect it, who we share it with, how long we keep it, and the rights and choices you have.

If you have any questions, you can always reach a real person at contact@getapps.cafe.

1. Who we are and who this applies to

getapps.cafe is operated by a small, independent team. We are the party responsible for the personal information described here (the "data controller" under laws that use that term). This policy applies to people who visit our website, sign in, start a trial, or subscribe. It does not cover third-party websites or services we link to, or the privacy practices of the individual apps you download, which have their own terms and policies.

2. Information we collect

Account information. When you sign in we collect your email address. We use passwordless sign-in: instead of a password, we email you a six-digit one-time code. We store only a hashed version of that code, and only long enough to verify it.

Device and licence information. When you activate an app on a computer, we record a device name, the operating system/platform, and a hardware identifier generated on your device, along with timestamps such as when the device was last seen. We use this solely to enforce the device limits of your plan (one device on Solo, up to five on Family) and to let you manage and revoke your devices.

Payment information. Payments are handled by PayPal. We never see or store your full card or bank details. We keep a PayPal subscription identifier, your plan, your subscription status, and the dates that govern your access and renewals so we can manage your subscription.

Usage, log, and device data. Like most websites, our servers automatically record technical information such as your IP address, browser type, the pages you request, and the date and time of each request. We use this to operate and secure the service and to apply rate limits. We also use analytics (via Google Tag Manager) to understand how the site and the menu are used.

Communications. When you email us for support or send feedback, we keep that correspondence and any information you choose to include so we can help you and improve.

We do not collect special categories of data (such as health, biometric, or political data), and we do not ask you to provide them.

3. How we use your information and our legal bases

We use your information for the purposes below. Where data-protection law (such as the GDPR) requires a legal basis, the applicable basis is noted in brackets.

  • To provide and operate the service - signing you in, activating apps, and enforcing plan limits [performance of our contract with you];
  • To process subscriptions, trials, and payments through PayPal [performance of our contract; compliance with legal and accounting obligations];
  • To send service and account messages, security alerts, and respond to support requests [performance of our contract; our legitimate interests];
  • To keep the service secure, prevent fraud and abuse, and enforce our terms [our legitimate interests; compliance with law];
  • To measure and improve how the site and apps are used [our legitimate interests; your consent where required for analytics cookies];
  • To send optional product news, where you have asked to receive it [your consent].

We do not sell your personal information, and we do not treat your data as the product.

4. Cookies and similar technologies

We use a single essential cookie to keep you signed in (an HTTP-only session cookie); the service can't work without it. Analytics loaded through Google Tag Manager may set additional cookies to help us understand usage. You can control or clear cookies in your browser settings, and where the law requires consent for non-essential cookies, we will ask for it before setting them.

5. How we share information

We share information only with the service providers who help us run getapps.cafe, and only as needed for them to perform their service for us. These providers are bound by contracts that require them to protect your information and use it only on our instructions. They include:

  • PayPal - payment processing and subscription management;
  • Google - Tag Manager and analytics;
  • Our email delivery provider - to send your sign-in codes and account emails;
  • Hosting and infrastructure providers (such as Fly.io for hosting and Cloudflare for content delivery and asset storage) - to run the service and store files.

We may also disclose information when we believe in good faith that doing so is necessary to comply with a law, regulation, subpoena, or court order; to enforce our terms; to detect, prevent, or address fraud, security, or technical issues; or to protect the rights, property, or safety of getapps.cafe, our users, or the public. If we are ever involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, and we will notify you of any change in control or use of your personal information.

6. Where your information is processed

Your information may be processed and stored in the United States and other countries where we and our service providers operate. If you access the service from another country, you understand that your information may be transferred to and processed in countries whose data-protection laws may differ from your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) to protect your information when it crosses borders.

7. How long we keep your information

We keep personal information only as long as we need it for the purposes described in this policy:

  • Account and device data - while your account is active, and for a short period afterward in case you return;
  • One-time sign-in codes - they expire within minutes and are then unusable;
  • Billing and transaction records - for as long as required to meet tax, accounting, and legal obligations;
  • Server and security logs - for a limited period (typically up to 12 months);
  • Support correspondence - for as long as needed to resolve your issue and for our records.

When you ask us to delete your account, we remove your personal data except where we must retain it to meet a legal obligation, resolve disputes, or enforce our agreements.

8. How we protect your information

We use technical and organisational measures to protect your data, including encrypted connections (HTTPS), hashing of one-time codes, scoped access tokens you can revoke at any time, rate limiting, and access controls that limit who on our team can reach personal data. No method of transmission or storage is perfectly secure, but we work hard to keep your information safe and to improve our practices over time.

9. Data breach notification

If we become aware of a security incident that affects your personal information, we will investigate and contain it and, where required by law, notify you and the appropriate authorities without undue delay.

10. Your privacy rights

Depending on where you live, you may have the right to access, correct, export, delete, or restrict the use of your personal data, to object to certain processing, and to withdraw consent at any time (without affecting processing already carried out). You can also remove a device at any time from your account page, which revokes that machine's access immediately. To exercise any of these rights, email us at contact@getapps.cafe. We aim to respond within 30 days and will not charge you for a reasonable request. If you are in the EU/UK and believe we have not handled your data properly, you also have the right to complain to your local data-protection authority.

US state privacy rights. If you are a resident of California or another US state with a comprehensive privacy law, you may have the right to know what personal information we collect, to request that we delete or correct it, and to opt out of the "sale" or "sharing" of personal information. We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We will not discriminate against you for exercising any of these rights. To make a request, email contact@getapps.cafe; you may use an authorised agent, and we may need to verify your identity before acting.

11. Marketing communications

We will only send you product news or marketing emails if you have opted in, and you can unsubscribe at any time using the link in those emails or by emailing us. Even if you opt out of marketing, we will still send you essential service messages - such as sign-in codes, billing notices, and security alerts - because they are part of providing the service.

12. Children

getapps.cafe is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact us and we will delete it.

13. Changes to this policy

We may update this policy from time to time. When we make material changes we'll update the "Last updated" date above and, where appropriate, notify you by email or a notice on the site. Your continued use of the service after a change takes effect means you accept the updated policy.

14. Contact us

Questions, requests, or concerns about this policy or your data? Email contact@getapps.cafe and a real person will help.