Privacy Policy

Last updated: July 10, 2026

The short version

EscapeBase44 migrates your Base44 app onto infrastructure you own. The whole point of the product is that your app, code, data and users end up in your hands — not ours. We collect the minimum needed to run the migration, and your app's runtime data never flows through us afterwards.

What we collect

  • Your Base44 account basics — email, name, and the app you pick — when you log in with Base44 to start a migration.
  • Your app's export — we read your app through Base44's API to analyze it and to migrate it. It lands on infrastructure you own; we keep the analysis (feature counts, sizes) to price and run the migration. You can revoke our access at any time.
  • Provider credentials you paste — stored encrypted (Supabase Vault), used only to set up your accounts, reusable by you on your next migration.
  • Usage analytics (PostHog) and payment records (PayPal — we never see card numbers).

Google user data

Migrated apps can use Google sign-in and Google integrations (Sheets, Calendar, and similar) through EscapeBase44's Google application. Here is exactly what that means:

  • When someone connects a Google account, Google sends the authorization response through auth.eb44.app, which immediately relays it to the app's own server. EscapeBase44 does not receive, store, or use Google access tokens or any Google user data. Tokens are issued to, stored on, and used by the migrated app's own infrastructure — which belongs to the app's owner, not to us.
  • Google user data accessed by a migrated app (spreadsheets, calendar events, email sending) is processed entirely on that app's own servers, for that app's own features. We have no access to it.
  • EscapeBase44's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We never sell Google user data, never use it for advertising, and never let humans read it.
  • App owners can switch to their own Google client at any time from the post-migration page, removing EscapeBase44's application from the loop entirely. Users can revoke access at myaccount.google.com/permissions.

What we never do

We don't sell data. We don't run ads. We don't read your app's database or your users' content — after migration it lives on your infrastructure, behind your credentials.

Deletion & questions

Want your account data, stored credentials, or analysis deleted — or have any question about this policy? Email daniel.frishtik@gmail.com and it's handled.