Privacy Policy

Effective date: 2026-05-26

Publisher: PT ITropical Live Solutions, Indonesia

App: Indie Revenue for iOS

Contact: support@itropical-live-solutions.com

Language: This policy is published in English. Translations are non-authoritative; the English version governs.

1. Plain-language summary

Indie Revenue is a pure-client iOS companion for indie creators who sell on itch.io. We operate no server, run no analytics, and ship no third-party tracking SDKs. Your itch.io Personal API Key lives only in the iOS Keychain on your device and is sent only to itch.io to fetch your own creator data. Sales, downloads, and refund signals are read from itch.io and cached on your device. We — PT ITropical — never see, receive, or store any of it. If you sign out or uninstall the app, every piece of your data is gone from the device.

2. Who we are

Indie Revenue is built and published by PT ITropical Live Solutions, a privately held company registered in Indonesia. We are the data controller for the (very limited) scope of activity described below. For users in the European Economic Area and the United Kingdom, this policy is written with GDPR / UK-GDPR principles in mind even though our primary jurisdiction is Indonesia.

3. Data we collect FROM YOU directly

The only piece of information you provide to Indie Revenue is your itch.io Personal API Key, which you generate yourself at itch.io/user/settings/api-keys and paste during onboarding (or via Settings → Sign In).

Storage location: the iOS Keychain on your device.
Access protection: the key cannot be read until you have unlocked your device at least once since boot, and it never leaves this physical device. It is excluded from iCloud Keychain sync and from encrypted backups in a form that could restore to a different device.
Transmission: the key is transmitted only to itch.io over HTTPS, as part of the request required by itch.io's API. It is never sent to PT ITropical, never logged, and never shared with any third party.
Deletion: Settings → Sign Out removes the key from the Keychain immediately. Uninstalling the app also removes it.

We do not collect: your name, your email address, your itch.io password, your phone number, your postal address, your IP address (we do not see it — itch.io does), your device identifier (IDFA / IDFV), your advertising identifier, your location, your contacts, your photos, your microphone, your camera, your health data, your financial-card data, your crash logs, your in-app usage events, or any other personal information.

4. Data we read FROM itch.io's API on your behalf

When you use Indie Revenue, the app calls itch.io's official public API on your behalf, authenticated with the Personal API Key you provided. The information we request is:

Verification that your API key is valid and identification of the itch.io account it belongs to.
Basic profile information for the signed-in itch.io user.
The list of games published by your itch.io account, with summary earnings and download counts.
Per-game detail (downloads, purchases, recent purchaser rate, daily rollups) used to build the on-device charts and detect possible refunds.

This data originates from itch.io, not from us. itch.io is the original owner of everything in your itch.io creator account; their privacy policy at itch.io/docs/legal/privacy-policy covers how they handle that data. Indie Revenue only reads — we never change, publish, or delete anything on itch.io, and we cannot act on your behalf beyond what your own API key already allows.

The response bodies are processed on your device only and are never forwarded to PT ITropical or to anyone else.

5. Data we store ON YOUR DEVICE

To make the on-device views fast, support offline glances, and detect refunds between updates, Indie Revenue caches a small amount of itch.io data locally on your phone. Concretely:

Game snapshots — a rolling 90-day history of per-game daily totals (earnings, downloads, purchase counts).
Aggregations — pre-computed daily and tax-year aggregations derived from those snapshots.
Possible-refund signatures — short fingerprints of refund-detection events you have explicitly dismissed, so we do not surface the same signal twice.
App preferences — notification opt-ins, selected currency display, Game-Jam-Mode bookmarks. Stored on your phone and shared between the main app and its Home and Lock-Screen widgets, so the widget can show data without making its own network call.

All of this remains on your device. None of it is transmitted to PT ITropical. None of it is synced to iCloud by default. Standard iOS device backups encrypt this data per Apple's normal backup policy.

Clearing local data. Three paths:

Settings → Sign Out — clears the Keychain entry, removes the local database, resets the widget cache, and returns the app to its onboarding state. Equivalent to a fresh install.
Settings → Reset Data — same effect on local data, but preserves the saved itch.io API key so you can re-sync without re-pasting it.
Deleting the app from your Home Screen — iOS removes all of the app's local storage, including the widget cache and the Keychain entry, which is not retained across reinstalls.

6. Data we share with third parties

None. Explicit and exhaustive list.

Indie Revenue contains no analytics, no crash reporting, no advertising, no attribution, and no social-network integrations. Concretely — and this list is here because we get asked — Indie Revenue does not include or call:

Google Firebase (Analytics, Crashlytics, Performance, Remote Config, Messaging) — none of it.
Google Analytics, Google Ads SDK, Google Sign-In, Google Mobile Ads, AdMob.
Meta / Facebook SDK, Facebook Login, Facebook Audience Network.
Sentry, Bugsnag, Rollbar, Datadog RUM, New Relic, Instabug.
Mixpanel, Amplitude, Heap, Segment, PostHog, Pendo.
Branch, AppsFlyer, Adjust, Kochava, Singular.
TikTok SDK, Twitter / X SDK, LinkedIn SDK, Snap SDK.
RevenueCat, Adapty, Qonversion (we use Apple's standard In-App Purchase APIs directly — see Section 7).

The only place the app connects to over the internet is itch.io. This is verifiable by inspecting the network traffic with any standard iOS development tool.

7. Apple-required disclosures

A few Apple-mediated capabilities are used by Indie Revenue. Apple's own privacy policy at apple.com/legal/privacy governs those capabilities upstream; here is what each does inside Indie Revenue.

7.1 In-App Purchases

Indie Revenue Pro is offered as either a monthly auto-renewing subscription or a one-time lifetime non-consumable purchase. Both are sold through Apple's In-App Purchase system.

Apple processes the payment. Your credit-card data, billing address, and Apple-ID identifier never reach Indie Revenue.
We receive only the verified transaction record that Apple hands us, which contains a transaction identifier, the product purchased, and a purchase date. That's it.
Receipt validation is on-device only. There is no server-side receipt validation because there is no server.
Restore Purchases runs entirely on-device, using Apple's standard entitlement APIs.

7.2 Promo-Code redemption

Indie Revenue exposes a "Redeem Code" button on the Paywall that opens Apple's standard code-redemption screen. Apple handles the code-entry flow end-to-end inside their own UI; we never see the redemption code, your Apple-ID, or the email associated with it. We see only the resulting transaction record if the redemption succeeds, identical to a normal In-App Purchase.

7.3 Local Notifications

When you opt in to notifications, Indie Revenue schedules local notifications that fire on your device when conditions in the on-device cache match a trigger you enabled (e.g. first sale of the day, revenue threshold crossed, possible refund detected).

We never ask for permission to send push notifications from a server. All notifications are scheduled on your phone by the app itself.
No server initiates these notifications. Because there is no server.

7.4 Background App Refresh

When you allow Background App Refresh in iOS Settings, iOS opportunistically wakes the app roughly every two hours, depending on system policy. The task makes the same itch.io API calls described in Section 4, updates the on-device cache, and exits. The only outbound destination remains itch.io.

7.5 Required-Reason API declarations

Apple requires apps that touch certain common iOS APIs to declare an approved reason. Indie Revenue declares only three, none of them used for tracking, fingerprinting, or building a persistent identifier:

Reading user-preference storage from our own app. Used to share a small cached snapshot between the main app and its widget. We do not read any other app's preferences.
Reading file timestamps inside our own app's storage. Standard file input/output incidentally reads timestamps on files belonging to this app only. We do not read timestamps of files belonging to any other app or to system locations.
Reading system boot time. Used to compute intervals between cached snapshots, between scheduled background refreshes, and when laying out time-series charts. We never transmit, log, or persist this value.

7.6 Privacy Nutrition Label

Our App-Store Privacy Nutrition Label is filled in as "Data Not Collected" across every category. We declare no tracking, no tracking domains, and no collected data types. This is literal, not a workaround: PT ITropical does not collect any data from this app.

8. Children's privacy

Indie Revenue is built for and marketed to professional indie game creators. It is not directed to children under 13, is not classified as a kids-category app, and contains no features (chat, comments, user-generated content surfaces, location sharing, etc.) that would create a COPPA / GDPR-K data-flow with minors. Because we do not collect any personal data from anyone (Sections 3–6), we likewise do not knowingly collect anything from a child.

9. Your rights

Even though the practical surface area is small (we hold no data on a server), you still have the following standard rights:

Right of access — your data is on your phone. iOS shows the storage footprint in Settings → Apple ID → iCloud → Manage Storage; encrypted iOS device backups contain the local database. Because we hold no copy on a server, there is nothing additional we can disclose if you request access to your data.
Right to erasure ("right to be forgotten") — Settings → Sign Out clears the Keychain entry and the local database. Uninstalling the app removes all of the app's local storage, including the Keychain entry. There is no server-side copy to additionally delete.
Right to data portability — Pro users can use the in-app Tax-Year CSV export (Settings → Export Data) to download their snapshot history as a portable CSV file, which you may share via the iOS share sheet to any destination of your choice.
Right to rectification — Indie Revenue does not modify upstream itch.io data; if your itch.io sales totals look wrong, the source of truth is itch.io and the correction must happen there. We have nothing of our own to rectify because we hold no copy.
Right to object / withdraw consent — Sign Out at any time. The app then makes no further network calls.
Right to lodge a complaint — EEA / UK users may complain to their local Data Protection Authority. Indonesian users may complain under Indonesia's PDP Law (UU PDP 27/2022).

10. International data transfer

Because PT ITropical holds no user data on any server, there is no PT-ITropical-controlled cross-border transfer of personal data. The one cross-border flow that does happen is between your device and itch.io's servers (operated by Leaf Corcoran d.b.a. itch.io, based in Canada); that transfer is governed by itch.io's own privacy policy and by your acceptance of itch.io's terms when you generated the Personal API Key.

11. Security

We keep the attack surface deliberately small:

Your API key is stored in Apple's secure on-device storage and is only readable after you unlock your phone (see Section 3).
All network traffic uses an encrypted HTTPS connection.
iOS blocks any unencrypted connection from the app — no exceptions.
We run no server, no database, and no admin panel — so there is no equivalent attack surface on our side.

12. Changes to this policy

If we ever change this policy — e.g. if a future feature involves a server-side component or a third-party SDK — we will update the effective date at the top, publish the new version at indierevenue.itropical-live-solutions.com/privacy, and surface an in-app notice on the next launch. As of the effective date, no such change is planned.

13. Jurisdiction and governing law

This policy is governed by the laws of the Republic of Indonesia, with the courts of Denpasar, Bali having primary jurisdiction. EEA and UK users retain the protections of GDPR and UK-GDPR respectively; nothing in this paragraph restricts statutory rights you cannot waive under your local law.

14. Contact

Questions about this policy, your data, or any of the above:

PT ITropical Live Solutions
Alamanda Office, 5th Floor
Jl. Bypass Ngurah Rai Br. Kerthayasa No.67
Kedonganan, Kuta · Kab. Badung
Bali 80361, Indonesia
Email: support@itropical-live-solutions.com

For privacy-specific inquiries, please put Privacy — Indie Revenue in the subject line. We reply within 14 days for non-urgent requests and within 72 hours for time-sensitive ones (e.g. erasure requests).