Privacy Policy

Append  ·  Last updated: June 12, 2026

Hanuto LLC ("we," "our," or "us") operates the Append macOS application ("Append" or "the App") and the Append Web viewer at app.getappend.com ("Append Web"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

By downloading or using Append, or by accessing Append Web, you agree to the practices described in this policy.

1. Who We Are

Hanuto LLC is a software company based in Minnesota, USA. You can contact us at hello@getappend.com.

2. Information We Collect

Append collects a limited amount of technical data for the purpose of license validation and understanding how the App is being used. Specifically, when you activate a license key or launch the App, we record:

  • License key – to verify that your copy of Append is legitimate
  • Hardware UUID – a unique identifier assigned to your Mac by Apple, used to associate activations with a specific device (anonymous; it does not identify you personally)
  • macOS version – the version of macOS running on your device
  • App version and build number – the version of Append you are running
  • Timestamp – the date and time the event occurred
  • Event type – whether the event was an activation or a launch

If you contact us through our website, we also collect your name, email address, IP address, and the contents of your message. This information is used solely to respond to your inquiry and to protect against spam and abuse.

When you use Append Web, we receive and process:

  • Dropbox access token – issued by Dropbox when you authorize Append Web to read your notes from your Dropbox account. We do not receive or store your Dropbox password. The token is held only in your server-side session and is revoked with Dropbox when you log out.
  • Session cookie – an HttpOnly cookie used to keep you signed in during your visit. It is deleted when you log out.

To display your notes in Append Web, your note content is fetched from your Dropbox account and passes through our server to be rendered in your browser. We do not save your note content to disk or retain it beyond the duration of the request needed to deliver it to you.

While Append Web is in beta, when you authenticate, we log an anonymous Dropbox account identifier, the time, and your browser type to a private spreadsheet. This is a usage count, not behavioral analytics — we use it to gauge how many people are trying the beta and how often. We do not log IP addresses, your activity inside the app, or your note content.

When you visit our website, we use Cloudflare Web Analytics, a privacy-focused, cookieless analytics tool, to understand how our website is used and to identify technical issues. It collects only aggregate, non-identifying information such as the pages visited, referring URL, general browser and device type, approximate country, and page-load performance metrics. Cloudflare Web Analytics does not use cookies, does not collect or store your IP address, does not fingerprint you or track you across websites, and does not identify you individually.

We do not collect, store, or retain your physical address, payment information, or the content of your notes.

3. How We Use This Information

We use the information described above solely to:

  • Validate license keys and prevent unauthorized use
  • Understand which versions of macOS and Append are in active use, so we can make informed development decisions
  • Detect and investigate potential abuse of license keys
  • Authenticate you to Dropbox via OAuth and deliver your note content to your browser through Append Web
  • Understand how our website is used and identify technical issues
  • Respond to inquiries submitted through our website

We do not sell, rent, or share this information with third parties for marketing or advertising purposes.

4. How We Store This Information

Telemetry data is stored in secure cloud storage provided by Google, accessible only to Hanuto LLC. Website analytics is provided by Cloudflare Web Analytics; because it is cookieless and aggregate, it stores no data that personally identifies you. All data is transmitted over HTTPS. We retain this data for as long as reasonably necessary for the purposes described above.

For Append Web, your Dropbox access token and session identifier are held in server-side session storage on our web host (HostGator) only for the duration of your active session. The token is revoked with Dropbox and the session is destroyed when you log out. Note content is not persisted to disk; it passes through our server only in memory while a request is being served to your browser.

5. Your Notes

In Append (macOS app): your notes are stored locally on your Mac in a folder you choose. We do not have access to your notes, and your note content is not transmitted to our servers.

In Append Web: when you choose to use Append Web, you authorize us via Dropbox OAuth to read your notes from your Dropbox account. Note content is fetched from Dropbox and rendered in your browser; we do not store or retain note content beyond what is needed to display it during your session. The source of truth for your notes remains your Dropbox account.

6. Third-Party Services

We use Google services to store and process certain technical data related to app license validation. Google's privacy practices are described at policies.google.com/privacy.

We use Cloudflare Web Analytics to measure website traffic. It is a privacy-focused, cookieless analytics service that collects only aggregate, non-identifying data and does not store IP addresses or track visitors across sites. Cloudflare acts as a data processor on our behalf. Cloudflare's privacy policy is available at cloudflare.com/privacypolicy.

Append Web requires you to connect a Dropbox account in order to read your notes. Dropbox is not a sub-processor of Append Web — it is a service you authorize directly through Dropbox's own OAuth flow. Your use of Dropbox is governed by Dropbox's own terms and privacy policy, available at dropbox.com/privacy.

We do not use any advertising networks or data brokers.

7. Information for Users in the European Union (GDPR)

If you are located in the European Union or European Economic Area, the following applies to you under the General Data Protection Regulation (GDPR):

  • Legal basis for processing: We process the data described in Section 2 on the basis of our legitimate interest in operating a functional and secure software product (Article 6(1)(f) GDPR).
  • Data controller: Hanuto LLC, Minnesota, USA.
  • Sub-processors: Data may be processed by Google (telemetry storage), Cloudflare (website analytics), and HostGator (web hosting infrastructure for Append Web), some of which may store data outside the EU. Google participates in the EU-U.S. Data Privacy Framework. Cloudflare's privacy practices are described at cloudflare.com/privacypolicy. Dropbox is not a sub-processor and is authorized directly by you.
  • Your rights: You have the right to access, correct, or request deletion of the personal data we hold about you. You also have the right to object to processing and to lodge a complaint with your local supervisory authority. To exercise these rights, contact us at hello@getappend.com.

8. Children's Privacy

Append is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted at this URL with a revised "Last updated" date. We encourage you to review this policy periodically.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at:
hello@getappend.com
Hanuto LLC, Minnesota, USA