Security
How we vet what gets listed, how we handle your data, and what we are - and aren't - responsible for.
The short version
Every app on SaaStore is reviewed before it's listed. Card payments run through Polar - we never see or store your card number. And the moment a listing links out to software a seller hosts themselves, that software is run, supported, and secured by the seller, not by SaaStore.
How we vet apps before they're listed
- Identity verification - we require a real, contactable person or company before approving a listing.
- A hands-on functionality check - our team runs the app and confirms it does what the listing claims.
- Security scanning - apps are scanned for known security issues before they go live and when they're updated, including scans through our partner unpwned.io.
- A manual review of the listing itself - copy, screenshots, and claims - before it's published.
Externally hosted apps - what SaaStore is not responsible for
Many listings on SaaStore link out to software that is hosted, operated, and supported by the independent seller - not by SaaStore. When you click "Visit Website", you leave SaaStore and use the seller's product on the seller's infrastructure, under the seller's terms. We always show an exit notice before you leave for an external site.
For those externally hosted apps, SaaStore is not responsible for and does not warrant: their availability or uptime, the security of their systems, how they store or handle your data, their billing or refunds, or the conduct of the seller. We vet the listing; we do not run the software.
See our Terms of Service for the full allocation of responsibility. (When SaaStore-hosted listings ship - we'll run the software on our own infrastructure - this picture changes, and we'll update this page.)
Payments
Card payments are processed by Polar as Merchant of Record. SaaStore never receives or stores your full card details.
Your data
The site is served over HTTPS. Account passwords are stored hashed, never in plain text. We collect the minimum personal data we need to run the marketplace. See our Privacy Policy and Cookie Policy for the details.
Reporting a security issue
Found a vulnerability in saastore.ai itself - the marketplace, not a seller's external app? Please email info@saastore.ai with a clear description and steps to reproduce. Give us a reasonable chance to fix it before any public disclosure. We don't currently run a paid bug-bounty program, but we're grateful for responsible reports and happy to credit researchers who'd like that.
For a problem with a seller's externally hosted app, contact the seller directly - every listing has a "Contact Seller" option - and if it's serious, let us know too.
Last reviewed: May 2026. We update this page as the platform changes.