Privacy Policy
Last updated: June 9, 2026
astronaut (“astronaut”, “we”, “us”) provides analytics, source attribution, and engagement tools for iOS apps. This policy explains what data we collect, why, and how we handle it. It covers both our own customers and the end-users of the apps that use astronaut.
1. Two roles, two kinds of data
We handle data in two distinct capacities:
- Account data — we are the controller. When you sign up as a customer (an app developer or team), we collect the information needed to run your account, such as your email address and billing status.
- End-user analytics data — we are a processor. When you install our iOS SDK or web snippet, we collect analytics about the people using your app on your behalf and under your instructions. You remain the controller of that data and are responsible for the lawful basis and notices owed to your end-users.
2. Account data we collect (customers)
- Email address — used to sign you in with a one-time code and to contact you about your account.
- App configuration — app name, public tracking ID, App Store URL, and any APNs push credentials you upload. Push keys are encrypted at rest and never returned to the browser.
- Billing information — payments are handled by our processor, Polar. We store a customer reference and subscription status; we do not store your card details.
3. End-user analytics data we collect (on your behalf)
Through the SDK and web snippet that you embed, we collect, for each app you configure:
- App events — app opens, screen views, and purchases (amount and currency), plus first-open/install signals.
- Device identifiers — a vendor device identifier and any app user ID your app chooses to supply.
- Coarse location and locale — derived from IP address, which we hash on receipt; we do not store raw IP addresses. We also store locale and time zone.
- Web attribution — when someone taps a tracked link before being redirected to the App Store, we record a click identifier, source/campaign/UTM parameters, referrer, user-agent, and a hashed IP, so app installs can be attributed to the channel that drove them.
- Push tokens — when an end-user grants notification permission, we store the APNs device token so you can send notifications. Tokens are deactivated when they become invalid.
- Identity you provide (optional) — if your app calls the identify API, we store the name, email, and any traits you send, associated with that device, so you can see a real identity on the user journey. This is collected only when you send it; you remain the controller and are responsible for the lawful basis and notice owed to your end-users. We store it on your behalf and delete it on request.
- Notifications you send — when you send a push, we record that it was sent (with its title and body) against that device, so it appears in the user journey and powers delivery and open-rate reporting. This is content you author; you remain the controller, and it is stored on your behalf and deleted on request.
Apart from any identity you explicitly send via the identify API, we do notcollect end-users’ names, email addresses, phone numbers, precise GPS location, or contact lists. We do not use this data for advertising, and we do not sell it.
4. How we use data
- To provide the dashboard, attribution, user journeys, and revenue reporting.
- To deliver the push notifications you trigger.
- To operate, secure, debug, and improve the service, and to provide support.
- To bill for the service and prevent abuse.
5. Cookies
On our own marketing site and dashboard we use only essential cookies required to keep you signed in. We do not use third-party advertising or cross-site tracking cookies.
6. Sub-processors
We rely on a small set of infrastructure providers to run the service:
- Vercel — application hosting.
- Tinybird — analytics event storage and querying.
- Supabase — database and authentication.
- Polar — subscription billing and payments.
- Apple Push Notification service (APNs) — notification delivery.
7. Data retention
We keep account data for as long as your account is active. Analytics data is retained while your account is active and may be deleted on request or after your account closes. Hashed IPs and push tokens are removed or deactivated once they are no longer needed.
8. Security
Data is encrypted in transit (TLS). Tenant data is isolated, push credentials are encrypted at rest, and access to production data is limited to trusted server processes. No method of transmission or storage is perfectly secure, but we take reasonable measures to protect your data.
9. International transfers
Our providers may process data in the European Union and the United States. Where required, transfers rely on appropriate safeguards.
10. Your rights
Depending on where you live, you may have rights to access, correct, delete, or export your data. Customers can exercise these rights for their account by contacting us. End-users of an app should contact that app’s developer (the controller); we assist our customers in responding to such requests.
11. Children
astronaut is a tool for developers and is not directed to children. Customers are responsible for ensuring their own use complies with laws governing children’s data.
12. Changes to this policy
We may update this policy from time to time. We will revise the “last updated” date above when we do.
13. Contact
Questions about this policy? Email hello@astronaut.sh.