HatchCheck
Open menu
Get My App Checkup
HatchCheck trust

Trust and security

HatchCheck is a submission-readiness checkup workflow for AI-built apps, founders, agencies, and small teams. It produces evidence-backed findings, Agent Fix Pack tasks, report artifacts, review-note drafts, and rescan guidance.

Trust boundaries

  • HatchCheck does not guarantee Apple or Google approval.
  • HatchCheck is not legal advice.
  • HatchCheck is not a coding agent and does not replace Codex, Claude, Cursor, or a developer.
  • HatchCheck shows what was checked, what was not checked, and what could not be verified.
  • Agent Fix Pack tasks are implementation instructions, not proof that a fix is complete.
  • HatchCheck can work upload-light with screenshots, URLs, SDK lists, store copy, and app descriptions.
  • Do not upload production secrets.
  • Do not upload private keys, signing certificates, production .env files, service account keys, or customer data.
  • Demo credentials can remain local.
  • Sensitive or ambiguous categories may need human/legal review.

Data handled

HatchCheck stores structured launch-readiness data so findings and reports can stay evidence-backed.

  • Project and app profile details
  • Guided intake answers
  • Safe launch artifacts and metadata
  • Selected-file scanner summaries
  • URL check results
  • Findings, evidence items, reports, and report exports
  • Read-only integration summaries where a customer explicitly connects or provides them
  • Audit logs and security event summaries

Upload-light workflow

Most checks can start from URLs, intake answers, selected-file summaries, and allowed metadata. Production secrets are not required.

  • Allowed: Screenshots, Store listing drafts, Privacy policy text or exports, Review notes drafts, SDK/dependency lists, Rejection messages, Safe config examples such as .env.example
  • Blocked: Private keys, Certificates, Signing credentials, Production .env files, Service account keys, App builds or binaries, Customer data dumps, Raw provider logs or raw monitoring payloads, Provider API keys or tokens, Unnecessary full repo access, Real demo passwords or production credentials
  • Demo credentials can remain local and be added to final store review notes outside HatchCheck.

Access controls

Team and client-sharing paths use server-side project checks, token hashes, expiry states, and client-visible filtering.

  • Owners/admins can manage security-sensitive team and project operations.
  • Members and reviewers can work on assigned launch-readiness evidence and reports.
  • Client viewers can see only explicitly shared client-safe report or intake surfaces.

Retention and deletion

Retention is handled conservatively: targets are documented, access can be blocked, and deletion/export requests have a support path while automation matures.

  • Planned artifact retention target: 90 days unless a project/report policy says otherwise.
  • Planned report retention target: 365 days unless delivered-report policy requires retention.
  • Planned audit log retention target: 730 days.
  • Until automated retention is fully available, users can request deletion, export, correction, or account-closure support by emailing privacy@gohatchcheck.com.

AI data handling

AI is assistance, not the source of truth. Customer content must be redacted and validated before use.

  • No real AI provider call is required for the current V1 checkup flow.
  • If AI assistance is added to a report step, customer content must be redacted, schema-validated, and governed by the configured provider settings before use.
  • Secrets, raw provider payloads, raw customer data, and production credentials must be excluded before AI use.
  • AI output must pass schema validation, prohibited phrase scanning, evidence requirements, and source/rule grounding before it can be treated as report-ready.

Integrations

HatchCheck keeps official store and provider integrations narrow. The product does not need write access to prepare an evidence-backed App Checkup.

  • HatchCheck does not auto-submit to Apple or Google.
  • HatchCheck avoids write-access platform integrations in this workflow.
  • Future integrations will use minimal scopes, encrypted token references, revoke/disconnect behavior, and server-side access checks.

Terms and product boundaries

HatchCheck provides a launch-readiness checkup based on the evidence provided. It does not submit official store declarations, guarantee approval, replace legal review, or act as the coding agent. Paid report support focuses on specificity: if a paid report is generic and not specific to the app evidence, contact HatchCheck within 7 days for review.

Upload warning

Upload only launch-review materials: screenshots, store listing drafts, privacy policy text, SDK lists, App Store/Google Play form screenshots, and selected config files. Do not upload private keys, certificates, signing credentials, production .env files, service account keys, customer data, raw provider logs, provider tokens, unnecessary full repo access, real demo passwords, or production secrets. Upload-light mode can start from screenshots, URLs, SDK lists, store copy, privacy/support URLs, and an app description.

Current security posture

HatchCheck uses conservative upload, access, and report boundaries for launch-review materials. HatchCheck is not SOC 2 certified.

Auditability

Sensitive operations are recorded as safe audit metadata. Audit exports are intended for owners/admins/security admins only and must not include secrets, raw content, or tokens.

Contact

Security: security@gohatchcheck.com. Support: support@gohatchcheck.com. Privacy and deletion/export requests: privacy@gohatchcheck.com. For responsible disclosure, include a concise summary, affected route or artifact type, and safe reproduction notes. Do not send secrets or customer data.

HatchCheck cookie preferences

Essential cookies are always on. Analytics, functional, and marketing cookies stay off unless you allow them. HatchCheck does not load analytics or marketing scripts before consent.