Preview — this product is under active development and not yet ready for production use.
Unloot

Privacy Policy

Effective Date: February 2, 2026

Last Updated: February 2, 2026

1. Introduction

Welcome to Unloot. This Privacy Policy explains how Applogico LLC, doing business as Unloot ("Company," "we," "us," or "our") collects, uses, shares, and protects information when you use our Service.

This policy applies to:

  • Merchants: Business users who create accounts and configure widgets on Unloot
  • End-Users: Consumers who interact with Unloot widgets on merchant stores

By using our Service, you agree to the collection and use of information as described in this Privacy Policy.

2. Information We Collect

2.1 Information from Merchants

When you create an account and use Unloot, we collect:

Data Type Purpose
Email address Account management, communications, authentication
Business name & URL Service configuration, widget setup
OAuth tokens (Google, GitHub, Shopify) Platform integrations, single sign-on
Payment information (via Paddle) Subscription billing and invoicing
Account activity logs Security, support, and service improvement

2.2 Information from End-Users (via Widgets)

When visitors interact with widgets on merchant stores, we collect:

Data Type Purpose
Email address (optional or required per widget) Lead generation for merchants
Hashed IP address Fraud prevention, duplicate detection
User agent Analytics, browser compatibility
Referrer URL Traffic analytics
Session ID Widget interaction tracking
Widget interactions Analytics, prize allocation

Note: IP addresses are stored as one-way hashes—we cannot recover the original IP address from the hash.

3. How We Use Information

We use collected information to:

3.1 Provide and Improve the Service

  • Create and manage your account
  • Process widget interactions and lead captures
  • Generate analytics and reports
  • Improve widget functionality and user experience
  • Provide customer support

3.2 Process Payments

  • Handle subscription billing through Paddle
  • Send invoices and payment confirmations
  • Manage plan upgrades and downgrades

3.3 Communications

  • Send transactional emails (receipts, password resets, security alerts)
  • Send marketing emails (opt-in only)
  • Notify you of service updates and changes

3.4 Security and Fraud Prevention

  • Detect and prevent fraudulent widget interactions
  • Identify duplicate entries and abuse
  • Monitor for security threats
  • Enforce our Terms of Service

4. How We Share Information

4.1 With Merchants

End-user data collected through widgets is shared with the merchant who owns that widget. Merchants receive:

  • Email addresses collected through their widgets
  • Widget interaction data (spins, scratches, prizes won)
  • Aggregate analytics

4.2 With Service Providers

We share information with trusted third-party providers who assist in operating our Service:

Provider Purpose
Paddle Payment processing and subscription management (Merchant of Record)
Infrastructure providers (AWS, Vercel, etc.) Hosting and content delivery
Analytics providers Usage analytics and performance monitoring

These providers are contractually obligated to protect your information.

4.3 Legal Requirements

We may disclose information if required by law, including:

  • Court orders or subpoenas
  • Government agency requests
  • Legal process or regulatory requirements
  • Protection of our rights, property, or safety

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. We will notify you of any such change.

5. Cookies & Tracking Technologies

5.1 Essential Cookies

We use essential cookies that are necessary for the Service to function:

  • Session management and authentication
  • CSRF protection tokens
  • User preferences (theme, locale)
  • Security cookies

These cookies cannot be disabled as they are required for the Service to work.

5.2 Analytics Cookies (Consent Required)

With your consent, we may use analytics cookies to:

  • Understand how you use our Service
  • Measure widget performance
  • Improve user experience
  • Monitor system performance

Analytics cookies are only set after you provide consent through our cookie banner.

5.3 Third-Party Cookies

Some third-party integrations may set their own cookies. Please refer to their privacy policies for more information.

5.4 Managing Cookie Preferences

You can manage your cookie preferences:

  • Through our cookie consent banner
  • Through your browser settings
  • By contacting us at privacy@applogi.co

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

6.1 Encryption

  • All data is transmitted over HTTPS (TLS encryption in transit)
  • OAuth tokens are encrypted using AES-256-GCM
  • API keys are hashed using SHA-256

6.2 Access Controls

  • Role-based access to systems and data
  • Multi-factor authentication for administrative access
  • Regular access reviews and audits

6.3 Data Minimization

  • IP addresses are stored as one-way hashes
  • We only collect data necessary for the Service
  • Inactive data is archived or deleted per our retention policy

6.4 Security Disclaimer

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

7.1 Active Accounts

We retain your data for as long as your account is active. You can request deletion at any time.

7.2 Deleted Accounts

When you delete your account:

  • Most personal data is deleted within 30 days
  • Financial records are retained for approximately 7 years (as required by law)
  • Aggregated, anonymized data may be retained indefinitely

7.3 End-User Data

End-user data collected through widgets is retained according to merchant instructions and applicable legal requirements. Merchants can export and delete their data through the dashboard.

8. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

8.1 Right to Know

You can request information about:

  • Categories of personal information we collect
  • Sources of personal information
  • Purposes for collecting or selling personal information
  • Third parties with whom we share personal information
  • Specific pieces of personal information we have collected

8.2 Right to Delete

You can request deletion of your personal information, subject to certain exceptions (e.g., legal requirements, fraud prevention).

8.3 Right to Opt-Out

You have the right to opt-out of the "sale" of your personal information. Note that sharing end-user data with merchants may qualify as a "sale" under CCPA. End-users can opt-out by not submitting their email through widgets.

8.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

8.5 Submitting Requests

To exercise your CCPA rights, contact us at:

9. Your Rights

9.1 Access

You can access your personal data through your account dashboard or by contacting us.

9.2 Correction

You can update inaccurate or incomplete information through your account settings.

9.3 Deletion

You can delete your account and associated data through your dashboard settings.

9.4 Export

You can export your data, including collected leads and widget configurations.

9.5 Marketing Opt-Out

You can opt-out of marketing emails at any time by:

  • Clicking "Unsubscribe" in any marketing email
  • Updating your preferences in account settings
  • Contacting us at privacy@applogi.co

10. Marketing Communications

10.1 Opt-In Required

We only send marketing emails to users who have explicitly opted in. Marketing emails include:

  • Product updates and new features
  • Tips and best practices
  • Promotional offers

10.2 Easy Unsubscribe

Every marketing email includes an unsubscribe link. You can opt-out with one click.

10.3 Transactional Emails

Transactional emails are always sent regardless of your marketing preferences. These include:

  • Account verification and security alerts
  • Password reset requests
  • Billing receipts and invoices
  • Important service announcements

11. Children's Privacy

Unloot is not intended for users under the age of 18. We do not knowingly collect personal information from children.

If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

If you believe we have inadvertently collected information from a child, please contact us at privacy@applogi.co.

12. Third-Party Links

Our Service may contain links to third-party websites, including:

  • Shopify stores
  • Merchant websites
  • Payment processors
  • Social media platforms

We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. Policy Updates

13.1 Notification of Changes

We may update this Privacy Policy from time to time. For material changes, we will notify you via:

  • Email to your registered address
  • Dashboard notification
  • Prominent notice on our website

13.2 Effective Date

The effective date at the top of this policy indicates when it was last updated. Changes are effective immediately upon posting.

13.3 Continued Use

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Applogico LLC

Email: privacy@applogi.co

Legal Inquiries: legal@applogi.co

Address: Dallas, TX, United States

We aim to respond to all inquiries within 10 business days.

By using Unloot, you acknowledge that you have read and understood this Privacy Policy.