APKless — Cloud phones. Every HTTPS request exposed.

1. Introduction

APKless ("we", "us", "our") operates the apkless.com website and cloud Android services. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

2. Information We Collect

Account Information: When you sign up via GitHub OAuth, we receive your GitHub username, email address, and avatar URL. We do not access your repositories or other GitHub data.

Payment Information: Payments are processed by our third-party payment provider (Creem). We do not store your credit card numbers or banking details. We retain transaction records (amounts, dates) for billing purposes.

Usage Data: We collect service usage information including phone creation/destruction timestamps, session durations, and credit hour consumption.

Network Traffic Data: When you use our cloud phone service, network traffic from the Android device is captured and displayed to you in real-time. This data is stored temporarily on the cloud instance and is deleted when the phone is destroyed. We do not access, analyze, or retain your captured traffic data.

3. How We Use Your Information

To provide, maintain, and improve our services
To process payments and manage your account
To communicate with you about service updates or issues
To detect and prevent fraud or abuse

4. Data Storage and Security

Account data is stored in Supabase (hosted on AWS). Cloud phone instances run on Tencent Cloud and are fully destroyed (including all data) when a phone session ends or expires. API keys are stored securely and should be treated as secrets.

5. Data Sharing

We do not sell, rent, or share your personal information with third parties except as necessary to provide our services (e.g., payment processing) or as required by law.

6. Data Retention

Account information is retained for as long as your account is active. Captured network traffic is ephemeral and exists only for the lifetime of a cloud phone instance. Payment records are retained for accounting and legal purposes.

7. Your Rights

You may request deletion of your account and associated data by contacting us at [email protected]. Upon account deletion, all personal data will be removed within 30 days, except where retention is required by law.

8. Cookies

We use essential cookies for authentication (Supabase session) and service functionality (cloud phone token). We do not use tracking or advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date.

10. Contact

If you have questions about this Privacy Policy, please contact us at [email protected].