1. Who we are
APT (Avee Player Template) is an Android application that helps users discover, download, save and use visual templates designed for the third-party app Avee Player. APT is operated by the team behind baqo.tools and is the data controller for any personal data processed in connection with the app and this website.
We are not affiliated with the developers of Avee Player. APT does not modify, redistribute or contain Avee Player. APT only helps you find templates intended to be used inside Avee Player.
You can reach us about anything in this policy through the APT contact form.
2. Data we collect
We collect the minimum data needed to run the service. Concretely:
2.1 Account data (only if you sign in)
- Email address — used to identify your account and to allow you to recover access.
- Display name — shown next to any content you choose to publish.
- Username, profile bio and optional social links — used for public creator/profile features if you choose to set them.
- Profile avatar (optional) — only if you upload one. Stored on our server.
- Authentication tokens — short-lived tokens issued to keep you signed in.
- Google account sign-in data (only if that sign-in option is offered and you choose it) — basic profile and account data needed to complete authentication through Google and Firebase Auth.
You can use APT to browse and download public templates without creating an account. Account data is only collected when you choose to register.
2.2 Content you submit
- Templates you upload, including the template file and any preview/thumbnail/video we generate from it.
- Title, description, tags and other metadata you attach to a template.
- Favourites and saved items — the list of templates you have marked as favourites.
- Creator directory fields — public profile fields, follower counts, template/download counts and similar creator signals used to show creator profiles and the Creator Portal.
- Reports, moderation requests and notification preferences — if you report content, follow account updates, or manage notification settings.
- Support tickets and contact requests — messages you send through Contact APT, My Tickets, privacy, deletion, terms or copyright request flows.
2.3 Technical data
- IP address and basic request metadata (user-agent, timestamp) collected in standard server logs.
- App version, Android version, device model, network state, server reachability state and related diagnostics data — used to diagnose crashes, delivery problems, offline/server-down states and compatibility issues.
- Push notification token — created by Firebase Messaging so the app can receive optional account and content-related notifications.
- Crash and performance diagnostics — app crash, performance and stability signals may be collected through Firebase / Google components so release issues can be found and fixed faster.
- Firebase / Google technical identifiers — the Android build includes Firebase and Google components that may process app-instance data, install attribution / referrer data, service diagnostics, and platform-provided identifiers needed for messaging, authentication, advertising, diagnostics, or app delivery.
2.4 Advertising and consent data
APT can switch advertising modes between Google Mobile Ads, APT house ads, or ads off. The active mode is controlled by our server configuration so the app can reduce or pause ad delivery without shipping a new build.
When Google Mobile Ads is active, Google and its advertising partners may process the Android advertising ID, IP address, device and app information, app interactions, diagnostics, consent signals, and ad performance data to provide, secure, limit, personalize where permitted, and measure ads.
When APT house ads are active, the app may show internal promotional cards such as Upload, Creator Portal, Discord or product announcements. These are served from APT-controlled content and do not by themselves send data to a third-party ad network, although tapping an external link may open a third-party service.
APT uses Google's User Messaging Platform (UMP) to request and store advertising consent choices where required. If Google requires a privacy-options entry point for you, the Android app shows Settings → Legal and data → Ad Privacy Choices so you can review or change that choice.
What we do not request from your device: APT does not request location, microphone, camera, contacts, SMS, phone, or broad storage permissions. The app can still download files to your device and let you choose files to upload, but it does that through user-initiated Android file picker and document access flows rather than through a broad storage permission.
3. App permissions
The shipped Android release currently includes a small set of app permissions and library-level platform permissions. In plain language:
- INTERNET — needed so the app can connect to
aveeplayertemplates.com, load public templates, authenticate accounts, upload content, and download template/media files. - POST_NOTIFICATIONS — used only for optional push notifications such as account alerts, template review decisions, creator milestones, or security notices. If you do not allow notifications, the core app can still be used.
- User-initiated file access — APT can let you pick avatar or template files from your device, and it can save downloaded files back to the device, but it does this through Android's file picker / document access flows. The shipped release does not declare broad storage permissions such as
READ_EXTERNAL_STORAGE,WRITE_EXTERNAL_STORAGE,MANAGE_EXTERNAL_STORAGE, orREAD_MEDIA_*. - Library and platform permissions — the Android build also bundles Firebase and Google Mobile Ads components that depend on permissions such as network-state access, wake locks, push-message delivery, install-referrer delivery, Google services access, and Google advertising- or attribution-related platform permissions. These support authentication, message delivery, advertising, ad measurement, app delivery and related Google Play / Firebase services.
APT does not request location, microphone, camera, contacts, SMS, phone, or broad storage permissions.
4. How we use your data
We use the data described above only for the following purposes:
- To provide the core service: serving the template library, letting you sign in, and storing your favourites and uploads.
- To deliver the files you request from
files.andmedia.endpoints onaveeplayertemplates.com. - To support optional account features such as avatars, saved items, uploads, moderation/report flows, and account notifications.
- To show public creator profiles, creator-directory entries, follower/download counts and related discovery signals.
- To deliver optional push notifications about account activity, content review status, creator milestones, or important security and service messages.
- To moderate user-submitted content and prevent abuse, spam and copyright violations.
- To diagnose crashes and improve performance, stability, message delivery and design of the app.
- To display APT house ads or, when active, secure, limit and measure advertising through Google Mobile Ads, and to personalize Google ads only where permitted and consented to.
- To communicate with you about your account or important service changes when necessary.
- To receive and answer support, privacy, terms and deletion requests submitted through the APT contact form.
We do not sell your personal data.
5. Sharing and third parties
We share personal data only in these limited situations:
- Hosting infrastructure. The APT backend runs on our own server with traffic served via Cloudflare. Cloudflare may process your IP address as part of standard network delivery and DDoS protection.
- Firebase and Google app services. The shipped Android build uses Firebase Auth, Firebase Messaging, crash/performance diagnostics and related Google app services. Depending on the feature you use, Google and Firebase may process sign-in data, push tokens, app-instance data, diagnostics, install attribution data, and related technical identifiers needed for those services.
- Google Mobile Ads. Google and participating advertising providers may process advertising identifiers, IP address, device and app information, consent signals, app interactions, diagnostics, and ad performance data. See Google's Privacy Policy and Google's advertising privacy controls for more information.
- APT house ads. Internal APT promotional cards are served by our own app/backend. They may link to APT pages or external services, but they do not involve a third-party ad auction by themselves.
- Email delivery. Transactional email providers process recipient addresses and message delivery information when APT sends verification, password reset, security, or support messages.
- Google Play and Android platform services. If you install or update APT through Google Play, or if Play services help deliver notifications, attribution, integrity, or library functionality, Google may process your interaction with those services under Google's Privacy Policy. We do not control that processing.
- Website fonts. This website serves its font files locally from
aveeplayertemplates.com. We do not send font requests to Google or another third-party font provider when you load these pages. - Legal obligations. If we are legally required to disclose data — for example in response to a valid court order — we will do so to the extent required.
In other words: the Android app relies on Google and Firebase providers for sign-in, notifications, diagnostics, advertising, consent management and related delivery functions. We try to keep those integrations limited to what is needed to run, secure, fund and deliver the service.
6. Data retention
- Account data: kept while your account is active.
- Server logs: kept for up to 30 days, then automatically rotated and deleted, unless retained longer for security investigations.
- Templates and metadata you publish: kept until you remove them or delete your account, unless they violate our Terms of Use.
- Push tokens and app-instance records: kept while needed to deliver notifications, maintain account state, or support Firebase / Google service operation, then refreshed, invalidated or deleted in the normal course of service operation.
- Contact and support requests: kept while needed to answer the request, maintain support history, prevent abuse, and meet legal obligations.
- Account deletion: when you delete your account, your personal data is removed within 30 days. See our Data Deletion page for the full procedure.
7. Your rights and choices
Subject to applicable law (including the EU GDPR), you have the right to:
- Request a copy of the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Request deletion of your account and associated data.
- Object to or restrict certain types of processing.
- Lodge a complaint with your local data protection authority.
To exercise any of these rights, use the APT privacy contact form with the email address associated with your account, or follow the instructions on the Data Deletion page.
8. Security
We use industry-standard technical and organisational measures to protect your data, including TLS for all traffic to aveeplayertemplates.com, hashed credentials and access controls on backend systems. No method of transmission or storage is 100% secure, but we do our best to keep your data safe and we will notify affected users if a serious breach occurs.
9. Children
APT is not directed at children under 13 (or the equivalent minimum digital consent age in your country). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, use the privacy contact form and we will review the request.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If the changes are material, we will also notify users in-app or by email where appropriate.
11. Contact
Questions, requests or complaints about privacy in APT can be submitted through the:
APT privacy contact form