That's the average cost per desktop install on Google Ads.
And 100% of that money leaves your ecosystem forever.
Stories-mode UI. Not a popup. Not a banner.
An experience they want to swipe through.
No. The last companies that did cross-promotion — ironSource, Download Valley — got flagged as malware and died. Here's why we're different:
Every install goes through a 7-day verification window.
No real usage? Full refund. Automatically.
No monthly fees. No minimums. You set the CPI.
In 2013, ironSource looked like the future. Cross-promote desktop apps, share users, everyone wins. Except they got greedy. Pre-checked boxes. Silent installs. Malware disguised as "partner offers." By 2015, their SDK was flagged by antivirus engines worldwide. Millions of users got toolbars they never wanted, search hijackers they never asked for, and a burning hatred for any software that dared suggest "recommended apps."
They didn't just kill their own product. They poisoned the entire category.
AdDuplex tried to be the clean alternative for Microsoft Store apps. Decent concept, tiny market. They shut down in 2023. Quietly. No fanfare. Just another tombstone in the desktop distribution graveyard.
"The desktop distribution space wasn't disrupted. It was destroyed by the very people who built it."
You build a great desktop app. You pour your soul into it. And then you need users. So you go to Google Ads. $5 per install. Meta? $4.50. And it only goes up. Every quarter, the auction gets more expensive. Every year, the floor rises.
Mobile developers have Unity Ads, AppLovin, Chartboost, AdMob — an entire ecosystem of cross-promotion networks that lets them acquire users for a fraction of the cost. They have alternatives. You have nothing.
52% of Mac software revenue happens outside the App Store. The stores take 30% and give zero distribution help. You're paying the tax without getting the benefit.
Your budget's on fire, your growth is dire — you deserve better than this wire.
We're not ex-adtech bros chasing growth metrics. We're developers who got screwed by the same system you're stuck in. We know what it feels like to watch your CAC eat your runway. We know the rage of seeing a competitor with worse software outgrow you because they can afford the ads.
GHAN was born from that rage. But rage alone doesn't build trust. So we went the other way entirely:
Every app that enters the GHAN marketplace gets the same treatment: binary scan across 70+ antivirus engines, code signing verification, isolated sandbox testing, and a human security review. No exceptions. No fast-track for big spenders. No "trusted partner" bypasses.
"If your app can't pass our 7-layer pipeline, it doesn't belong next to anyone else's users. Period."
Imagine this: you acquire a user for $5 on Google Ads. During their install flow, they see a transparent panel of 3 verified, complementary apps — not competitors, not junk, not adware. Hand-picked matches. The user clicks "Get" on one of them. You just earned $1.50 in cross-promotion revenue. Your effective CAC dropped to $3.50. If two apps get installed? $2.00.
Now flip it. Your app is in someone else's install flow. Users are discovering you — for free. You're getting installs at $0 acquisition cost. The other developer already paid for the user. You just showed up at the right time, in the right context, fully verified.
That's not a marketing hack. That's a distribution layer. And now you have one.
Less cost, more gain — GHAN rewrites the game.
Our team has 20+ years in ad-tech, programmatic distribution, and desktop software. We've seen every model — the ones that worked, and the ones that burned. We built GHAN from the ashes with one rule: trust is the product, distribution is the feature.
You've built something great. You know your app deserves more users.
You're tired of watching your ad budget disappear into Google's pockets.
You want growth — but not at the cost of your users' trust.
You know there has to be a better way. Now there is.
Your app, your call — GHAN gives you all.
5 minutes to set up. Every app scanned for safety.
Less spend, more trend — let growth ascend.
Run campaigns to get installs at a fraction of Google/Meta costs.
Earn money from users you already have by showing verified apps.
Log in to your dashboard
Set your CPI bid, target geo, and start acquiring users from verified apps.
Add your app to the marketplace. Earn revenue from every verified cross-install.
Last updated: February 12, 2026 · Albert D Matalon LLC
GHAN is a product of Albert D Matalon LLC, headquartered in Cascais, Portugal. We operate the GHAN cross-promotion marketplace for desktop software ("Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.
Account Information: When you create an account, we collect your name, email address, company name, and password (hashed and encrypted). We never store plaintext passwords.
Campaign Data: Information you provide when creating campaigns including app names, CPI bids, budget amounts, target geographies, and platform preferences.
App Submission Data: When you submit an app, we collect the app name, description, download URLs, platform, category, and any binaries submitted for security review.
Usage Data: We automatically collect IP addresses, browser type, device information, pages visited, and interaction timestamps to improve our Service.
Install Analytics: Anonymized install event data including timestamps, geographic region, and referral source. We do not collect personal information about end users who install promoted applications.
We use your information to: operate and improve the Service; match your campaigns with relevant app placements; process payments and track earnings; perform security reviews on submitted applications; send you service-related communications; detect fraud and enforce our Terms of Service; and comply with legal obligations.
We do not sell your personal information. We may share data with: payment processors (Stripe) to process transactions; security scanning services (VirusTotal, sandbox providers) to verify app safety; analytics providers to improve our Service; and law enforcement when required by law.
We implement industry-standard security measures including: AES-256 encryption at rest; TLS 1.3 encryption in transit; SOC 2 Type II certified infrastructure; regular penetration testing; access controls and audit logging. Despite these measures, no method of transmission over the Internet is 100% secure.
We retain account information for as long as your account is active. Campaign and analytics data is retained for 3 years after the last campaign activity. Security scan results are retained indefinitely for audit purposes. You may request deletion of your account and associated data at any time.
Depending on your jurisdiction, you may have the right to: access, correct, or delete your personal data; port your data to another service; restrict or object to processing; withdraw consent at any time; and lodge a complaint with a supervisory authority. To exercise these rights, contact privacy @ ghan.io.
We use essential cookies to maintain your session and preferences. We use analytics cookies (opt-in only) to understand how you use our Service. You can control cookies through your browser settings.
Your data may be transferred to and processed in countries outside your jurisdiction. We ensure adequate safeguards through Standard Contractual Clauses (SCCs) and compliance with GDPR requirements.
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our website at least 30 days before changes take effect.
Albert D Matalon LLC
Cascais, Portugal
privacy @ ghan.io
Last updated: February 12, 2026 · Albert D Matalon LLC
These Terms of Service ("Terms") constitute a legally binding agreement between you ("Developer," "you") and Albert D Matalon LLC ("GHAN," "we," "us"), governing your use of the GHAN cross-promotion platform ("Service"). By creating an account or using the Service, you agree to these Terms.
You must be at least 18 years old and have the legal authority to bind the entity you represent. You must provide accurate and complete registration information. You are responsible for maintaining the confidentiality of your account credentials.
GHAN provides a marketplace where desktop software developers can cross-promote their applications to users of complementary software. The Service includes: campaign creation and management tools; app submission and security review pipeline; analytics and reporting dashboard; payment processing for earned commissions.
All applications submitted to GHAN must pass our 7-layer security verification pipeline before being listed in the marketplace. This includes automated binary scanning, code signing verification, sandbox testing, and human review. We reserve the sole right to approve, reject, or remove any application at any time. Rejection does not entitle you to any compensation.
You represent and warrant that: your application does not contain malware, spyware, adware, or any malicious code; your application complies with all applicable laws; you hold all necessary rights and licenses to distribute your application; and your application does not infringe any third-party intellectual property rights.
Advertisers set a cost-per-install (CPI) bid and daily budget. You are charged only for verified installs where the end user has explicitly opted in. GHAN charges a platform fee (30% Starter, 25% Growth, Custom Enterprise) deducted from each CPI transaction. Payments are processed monthly for balances exceeding $50. We reserve the right to withhold payments pending fraud investigation.
All cross-promoted installs must be fully opt-in. You must not use pre-checked boxes, dark patterns, deceptive UI, or any mechanism that bypasses explicit user consent. Violation of this policy will result in immediate account termination and forfeiture of all pending payments.
You may not: submit applications containing malware or unwanted software; manipulate install counts through bots, click farms, or artificial means; reverse engineer, decompile, or interfere with the Service; use the Service to distribute illegal content; misrepresent your application's functionality or purpose; or create multiple accounts to circumvent platform limits.
GHAN maintains a $100,000 Malware Bond. If any application distributed through our platform is found to contain malware that bypassed our security pipeline, affected partners may claim compensation from this bond. Total claims are limited to the bond amount. This bond does not constitute insurance or a guarantee against all possible security incidents.
You retain all rights to your applications. By submitting an app, you grant GHAN a non-exclusive, worldwide license to display your app name, icon, and description within the marketplace and promotional materials. GHAN retains all rights to its platform, technology, and brand.
Either party may terminate this agreement at any time. Upon termination: active campaigns will be paused immediately; pending payments for verified installs will be processed within 30 days; your apps will be removed from the marketplace; and account data will be retained per our Privacy Policy retention schedule.
To the maximum extent permitted by law, GHAN's total liability shall not exceed the greater of (a) amounts paid to you in the 12 months preceding the claim, or (b) $1,000. We are not liable for indirect, incidental, consequential, or punitive damages.
These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions. Any disputes shall be resolved through binding arbitration under ICC rules, with proceedings conducted in English.
We may modify these Terms at any time. Material changes will be communicated via email at least 30 days in advance. Continued use of the Service after changes constitutes acceptance.
Albert D Matalon LLC
Cascais, Portugal
legal @ ghan.io
Last updated: February 12, 2026 · Albert D Matalon LLC
This Data Processing Agreement ("DPA") supplements the Terms of Service and applies when Albert D Matalon LLC ("Processor" / "GHAN") processes personal data on behalf of you ("Controller" / "Developer") in connection with the GHAN Service. This DPA applies to the extent the processing of personal data is subject to the EU General Data Protection Regulation 2016/679 ("GDPR"), the UK GDPR, or the Swiss Federal Act on Data Protection.
"Personal Data," "Processing," "Data Subject," "Controller," "Processor," and "Supervisory Authority" have the meanings given in Article 4 of the GDPR.
Subject Matter: Provision of the GHAN cross-promotion marketplace.
Duration: The term of the agreement between Controller and Processor.
Nature & Purpose: Processing install event data, campaign analytics, and app metadata to facilitate cross-promotion campaigns.
Categories of Data Subjects: Developer account holders; end users who interact with cross-promotion offers.
Types of Personal Data: Name, email, company name, IP address, device information, install timestamps, geographic region (country-level).
The Processor shall: process Personal Data only on documented instructions from the Controller; ensure persons authorized to process Personal Data have committed themselves to confidentiality; implement appropriate technical and organizational security measures (including AES-256 encryption, access controls, SOC 2 Type II certification); not engage another processor without prior written authorization; assist the Controller in responding to data subject rights requests; delete or return all Personal Data upon termination; make available all information necessary to demonstrate compliance; and allow and contribute to audits.
The Controller authorizes the Processor to engage the following sub-processors: Amazon Web Services (infrastructure hosting, US/EU); Stripe (payment processing, US); VirusTotal / Google (security scanning, US); and analytics providers as listed on our sub-processor page. The Processor will notify the Controller of any new sub-processors at least 30 days in advance.
Where Personal Data is transferred outside the EEA, the Processor will ensure appropriate safeguards are in place, including: EU Standard Contractual Clauses (Module 2: Controller to Processor); compliance with supplementary measures as required by the Schrems II decision; and data processing agreements with all sub-processors that provide equivalent protections.
Technical measures include: encryption at rest (AES-256) and in transit (TLS 1.3); network segmentation and firewalls; intrusion detection systems; regular vulnerability scanning and penetration testing. Organizational measures include: SOC 2 Type II certification; employee background checks; security awareness training; incident response procedures; and documented access control policies.
The Processor shall notify the Controller without undue delay (and in any event within 72 hours) after becoming aware of a Personal Data breach. Notification shall include: the nature of the breach; categories and approximate number of data subjects affected; likely consequences; and measures taken to address the breach.
The Processor shall provide reasonable assistance to the Controller with data protection impact assessments and prior consultations with supervisory authorities, where required by GDPR Articles 35 and 36.
This DPA shall be governed by the laws of the jurisdiction specified in the Terms of Service, except that GDPR-related provisions shall be interpreted in accordance with EU law. The competent supervisory authority shall be the Portuguese data protection authority (CNPD) for matters arising in Portugal.
Data Protection Contact
Albert D Matalon LLC
Cascais, Portugal
dpo @ ghan.io