Privacy Policy
Effective: July 5, 2026This Privacy Policy describes how the Liminal Connect app ("Liminal Connect," the "App") handles your information. Liminal Connect is a native iOS and macOS client for App Store Connect, published by Different Productions, LLC (the "Service Provider," "we," "us"). We do not track you across other companies' apps or websites, we do not use an advertising identifier, and we do not sell your data.
Who we are
Liminal Connect lets you manage your Apple Developer presence from your iPhone, iPad, and Mac: it talks to the App Store Connect API across many resource families, sends you push notifications for App Store Connect events (new builds, review state changes, TestFlight activity), and supports signing in to more than one account. Your Apple Developer API keys are stored in your device keychain and are used to talk to Apple directly; they are never sent to us.
Information we collect
We collect only what the App needs to run. Specifically:
Sign in with Apple identity
You sign in with Apple. We request no name and no email scope, so Apple provides us no name and no email. What we receive is Apple's stable subject identifier for your account (the Sign in with Apple sub) and, during sign-in, an authorization code we exchange with Apple for a refresh token.
Account record (our AWS backend)
Your account lives in an Amazon DynamoDB record on our AWS backend, reached through api.liminalconnect.app (production) and api-dev.liminalconnect.app (development). The record holds:
- A hashed account identifier — a one-way SHA-256 hash of Apple's subject identifier, used as the primary key for your account.
- The Apple subject identifier — Apple's raw, stable identifier for your account, retained so we can reliably resolve and administer your account.
- A webhook routing token and secret — random values that let the App Store Connect webhook receiver find your account and verify the authenticity of incoming events.
- A creation timestamp.
- A Sign in with Apple refresh token — held solely so that, when you delete your account, we can call Apple's token-revocation endpoint and revoke Sign in with Apple for this app on your behalf. It is never returned to the App or used for any other purpose.
Push notification device tokens (our AWS backend + Amazon SNS)
If you enable notifications, each device you use registers an Apple Push Notification service (APNs) device token with our backend. For every registered device we store the device token, its APNs environment (sandbox or production), the device platform, and an Amazon SNS platform-endpoint identifier that stands in for the token when we deliver a push. This data exists only to route notifications to your devices; deleting the device registration or your account tears it down, including the Amazon SNS endpoint.
Display name (your private iCloud)
You may set a display name for yourself. It is stored, together with a creation timestamp, as a record in your own CloudKit private database (iCloud container iCloud.different.productions.LiminalConnect). This record lives in your personal iCloud account, scoped to you. It is not sent to our AWS backend and we cannot read it. The Sign in with Apple identity that anchors your account provides no name — the display name is whatever you choose to enter.
Analytics
Liminal Connect ships with the Amplitude analytics SDK integrated, but in the current release it is configured with no write key, so it is never initialized and collects and transmits nothing. We describe it here for transparency: analytics may be enabled in a future release to help us understand and improve the App. If and when that happens, we will update this policy to describe exactly what is collected before any analytics data is gathered, and we will keep it first-party product analytics — no advertising identifier, and no combining your data with data from other companies' apps or websites.
App Tracking Transparency
Liminal Connect does not track you in the sense defined by Apple's App Tracking Transparency framework. It does not access the advertising identifier (IDFA), does not link your data with data collected by other companies' apps or websites for advertising, and does not share your data with data brokers. Accordingly, the App does not present an App Tracking Transparency prompt.
Where your data lives, and who can see it
- Your account record and device tokens live in our AWS backend (Amazon DynamoDB and Amazon SNS) in the United States. Only our backend uses them, for account resolution and push routing.
- Your display name lives only in your own iCloud private database and is not readable by us.
- Your Apple Developer API keys stay in your device keychain and are used to talk to Apple directly; they never reach us.
Third parties
Liminal Connect relies on the following third-party services, each governed by its own privacy policy:
- Apple — Sign in with Apple, the Apple Push Notification service, CloudKit, and the App Store Connect API. See apple.com/legal/privacy.
- Amazon Web Services — our backend infrastructure (AWS Lambda, Amazon DynamoDB, Amazon SNS), acting as our processor. See aws.amazon.com/privacy.
- Amplitude — product analytics, integrated but not active today (empty write key). See amplitude.com/privacy.
We may disclose information where required by law (for example, to comply with a subpoena or similar legal process), where we believe in good faith it is necessary to protect our rights or someone's safety or to investigate fraud, and to the trusted service providers named above who process it on our behalf under equivalent obligations.
Your rights and choices
You control your data:
- Notifications can be turned off at any time in the App or in your device settings, which stops device-token collection for that device.
- Delete your account and data in the App. From Settings → Account → Delete Account, the App permanently deletes your account: it revokes Sign in with Apple for this app (using the stored refresh token), removes your DynamoDB account record and every registered device, tears down the associated Amazon SNS endpoints, and erases your CloudKit display-name profile. This deletion is irreversible; you would need to sign in again to use account features.
- Access and erasure (GDPR / CCPA). If you are in a jurisdiction with data rights such as the EU/EEA/UK (GDPR) or California (CCPA/CPRA), you have the right to access, correct, and erase your personal data, and to not be discriminated against for exercising those rights. The in-app deletion above satisfies erasure directly; for access or correction requests, or to exercise any right without using the in-app flow, contact us at the address below.
We do not sell or share your personal information for cross-context behavioral advertising.
Subscriptions and billing
Liminal Connect offers Liminal Connect Pro, an auto-renewable subscription billed at $6.99 per month with a 7-day free trial. Subscriptions are sold and billed through your Apple ID via the App Store. A subscription automatically renews unless cancelled at least 24 hours before the end of the current period, and you can manage or cancel it at any time in your Apple ID settings. Apple handles payment; we do not receive or store your payment details. Purchase and entitlement information is provided to the App by Apple's StoreKit on your device.
Data retention
We retain your account record and device registrations for as long as your account exists. When you delete your account, the associated data is removed from our backend as described under "Your rights and choices." The Sign in with Apple refresh token is retained only for the lifetime of the account and is used solely to revoke Sign in with Apple at deletion.
Children
Liminal Connect is a developer tool and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will delete it.
Security
We use physical, electronic, and procedural safeguards to protect the information we process. Sign in with Apple credentials are never exposed to the App, and your developer API keys never leave your device keychain.
Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated policy at its hosted URL and revise the effective date above. Continued use of the App after an update constitutes acceptance of the revised policy.
Contact
For privacy questions or to exercise your data rights, contact the Service Provider, Different Productions, LLC, at support@liminalconnect.app.