Privacy Policy

Last updated: 2026-05-20

Short version: MacFleek the macOS app collects nothing. No analytics, no telemetry, no crash reporting to us, no usage data, no IP logging, no identifiers, no opt-out toggle because there is nothing to opt out of. This document explains the long version and the few narrow exceptions.

1. What the app collects

Nothing. MacFleek the app does not embed any analytics SDK, does not call any network endpoint that we own, does not send crash reports to us, does not generate a device identifier, and does not phone home for license validation. You can verify this yourself — the codebase is open source on GitHub.

The narrow exceptions:

• Sparkle updater (optional) — when you click "Check for updates" or on the daily schedule, MacFleek fetches https://macfleek.store/appcast.xml. Our server logs this request (IP address + User-Agent + timestamp) like any web server. We do not attach any user identifier or license email to this request. Disable auto-update in Settings → Updates to stop this entirely.
• Smart App Updater (Pro) — when you click "Scan for app updates", MacFleek fetches the Sparkle XML feed URLs that your installed apps declared in their own Info.plist. These requests go directly to the publishers of those apps (Mozilla, JetBrains, etc.), not to us, and never leave your computer through our servers. We can't see them.
• License activation — Pro licenses are Ed25519-signed offline files. MacFleek verifies your license on your device using the public key embedded in the app. No activation server, no DRM phone-home, ever.

2. What the website collects

The website macfleek.store is served by Cloudflare Pages. Cloudflare's edge logs record standard web-server fields (IP, User-Agent, requested path, timestamp) for security and abuse prevention. We do not run JavaScript analytics, fingerprinting scripts, or behavior tracking on the marketing pages.

The checkout flow (/buy/) requires you to enter an email address — this is the address your license will be sent to. We store it in our payments database tied to your license record.

3. What payment processors collect

When you buy MacFleek Pro, the actual payment happens on the hosted page of one of three providers, each of which has its own privacy policy:

• Polar.sh — international cards. Privacy policy: polar.sh/legal/privacy
• YooKassa (ЮKassa) — Russian cards and SBP. Privacy policy: yookassa.ru/legal
• Cryptomus — cryptocurrency. Privacy policy: cryptomus.com/policy/privacy

We receive a webhook from your chosen provider containing: your email address, payment amount, payment ID, and the provider's verification signature. We do not receive your card number, CVV, expiry, billing address, or any other PCI data. Those never touch our servers.

4. License storage

For each issued license we store, in Cloudflare KV:

• Your email address
• The Unix timestamp when the license was signed
• The base64-encoded Ed25519 signature
• The payment provider name and external payment ID (for refund handling)

That's it. No name, no location, no device identifiers, no usage data.

5. Email delivery

Your license is delivered by email through Resend. Resend processes the message in transit and may log delivery metadata (was the email delivered, did it bounce). Resend's privacy policy: resend.com/legal/privacy-policy

6. Cookies

The MacFleek website does not set cookies for tracking. Cloudflare may set a __cf_bm cookie for bot management — this is a session cookie, not used for profiling. We do not use Google Analytics, Mixpanel, Segment, Hotjar, FullStory, or any similar product.

7. Your rights (GDPR / CCPA)

Even though we collect minimal data, you have the right to:

• Access — request a copy of all data tied to your email.
• Delete — request removal of your license record and email from our database. Note: deleting your license record does not revoke the offline Ed25519 license file. To revoke that, see "Revocation" below.
• Port — your license is already a portable signed JSON file delivered by email.
• Object — to any new use of your data we might introduce in future updates of this policy.

To exercise any of these, email privacy@macfleek.store from the address tied to your license. We respond within 30 days.

8. Revocation

If your license file leaks publicly (e.g., posted to a forum), we may add your email to the revocation list shipped with future MacFleek builds. MacFleek will then refuse to verify that license. We do this only in response to obvious abuse, and only after contacting you first if possible.

9. Children

MacFleek is not directed at children under 13. We do not knowingly collect any data from anyone of any age, but we explicitly do not target minors.

10. Changes

If we change this policy, we will update the "Last updated" date at the top and post a note in the GitHub repository. If the change is substantive (i.e., we start collecting something we previously didn't), we will email all license holders before the change takes effect.

11. Contact

Privacy questions: privacy@macfleek.store
General support: hello@macfleek.store