Skip to content
RefundSensor
Legal

Privacy Policy

Last updated: May 2026

RefundSensor (“RefundSensor”, “we”, “us”, “our”) operates the website at refundsensor.com and provides a software service that helps iOS developers respond to Apple refund requests. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over your data.

By using RefundSensor, you agree to this Privacy Policy. If you do not agree, please do not use the website or the service.

1. Information we collect

Account information

When you sign up for the waitlist or create an account, we collect your email address and any details you provide, such as company name and the apps you intend to connect.

App and transaction data

When you connect RefundSensor to your App Store account, we receive transaction-level data from Apple's App Store Server Notifications. This includes transaction identifiers, original transaction identifiers, subscription product identifiers, purchase and refund event timestamps, environment (production or sandbox), and the bundle ID of the connected app.

Consumption data

You may choose to forward consumption signals about your end users, such as session counts, total active time, feature usage, days active, and last-active timestamps. This data describes anonymous usage patterns and does not include direct identifiers like names, email addresses, or phone numbers.

Website usage

We collect basic analytics about visits to refundsensor.com, including pages visited, referrer, browser type, and an approximate geographic region derived from IP address. We do not use third-party advertising pixels.

What we do not collect

We do not collect names, postal addresses, phone numbers, or other direct personal identifiers of your end users. We do not collect payment card information; if and when paid plans are introduced, payments will be processed by a regulated payment provider that handles cardholder data on its own infrastructure.

2. How we use information

  • To provide, operate, and maintain the service.
  • To respond to Apple consumption requests on your behalf by submitting consumption data through Apple's App Store Server API.
  • To display analytics and outcomes in your dashboard.
  • To communicate with you about your account, product updates, and security or service notices.
  • To detect, prevent, and address abuse, fraud, and security incidents.
  • To comply with legal obligations.

We do not sell your personal information. We do not use your data to train third-party machine learning models.

3. How we share information

We share information only in these limited circumstances:

  • With Apple. Consumption data and related transaction identifiers are forwarded to Apple's App Store Server API to respond to refund requests. This is required to provide the core service.
  • With service providers. We rely on a small set of providers for cloud hosting, error monitoring, email delivery, and customer communications. These providers process data on our behalf under written contracts that require confidentiality and appropriate security.
  • Legal obligations. We may disclose information if required by law, court order, or to protect the rights, safety, or property of RefundSensor, our users, or others.
  • Business transfers. If RefundSensor is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify affected users in advance where required by law.

4. Data retention

We retain account and transaction data for as long as your account is active or as needed to provide the service. Consumption submissions and refund-response records are retained for at least twelve months for auditability of responses you have made to Apple.

You may request deletion of your account and associated data at any time by emailing [email protected]. Some records may be retained longer where required by law or for legitimate business purposes such as fraud prevention.

5. Security

We protect data with industry-standard measures, including transport encryption (TLS 1.2 or higher), encryption at rest (AES-256), restricted internal access with audit logging, and regular security reviews. No system is completely secure, but we work to protect your data and will notify you and any required regulators of a material data breach as required by law.

6. International data transfers

RefundSensor is operated from the United States. By using the service, you understand that your information may be processed in the United States and other countries where our service providers operate. Where required, we rely on appropriate safeguards (including Standard Contractual Clauses) for cross-border transfers.

7. Your rights

Depending on where you live, you may have the following rights with respect to your personal information:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Receive a portable copy of your data.
  • Withdraw consent at any time, where processing relies on it.

To exercise any of these rights, contact us at [email protected]. We will respond within the time required by applicable law (typically 30 days). Residents of the EEA, the UK, California, and certain other jurisdictions may have additional rights under local law.

8. Cookies and similar technologies

We use a small number of strictly necessary cookies to keep your account session active and to remember basic preferences. We do not use advertising cookies or sell cookie data. You can control cookies through your browser settings; disabling them may affect parts of the service.

9. Children's privacy

RefundSensor is intended for use by app developers and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest revision. If changes are material, we will notify account holders by email or through the dashboard before the changes take effect.

11. Contact us

Questions about this policy, your data, or how to exercise your rights? Email [email protected] and we will be in touch within one business day.