GDPR
Last Revised: July 2025
Introduction
Gubb ("Company", "we", "us", or "our") is committed to protecting the privacy and security of the personal data of our users, especially those residing in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland. This statement outlines our practices regarding the collection, use, processing, and protection of personal data in compliance with the General Data Protection Regulation (GDPR) and applicable local data protection laws.
This statement applies to the Gubb desktop application (the "App") available through the Apple App Store and Microsoft Store, and the Gubb website (https://www.gubb.net/) (the "Website"), collectively referred to as the "Services".
Personal Data We Collect and Process
The Gubb app is designed to work completely offline, which significantly limits the personal data we collect and process. The types of personal data may include:
For the App:
- User Content: Notes, tasks, and other content you create within the App. This data is stored locally on your device and is not transmitted to our servers.
- Crash Reports: Optional crash reports that may be sent to help us improve the App (only if you opt-in through your device's settings).
- App Store Information: Purchase and download information managed by Apple App Store or Microsoft Store (we do not have direct access to this data).
For the Website:
- Website Interaction Data: Basic information when you visit our Website, such as IP address and browser type.
- Support Communications: Information you provide when you contact us for support, including your email address and the content of your communications.
Legal Basis for Processing Personal Data
We process your personal data based on the following legal grounds under GDPR:
- Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate interests, provided these are not overridden by your interests or fundamental rights. This includes:
- Providing and maintaining the App functionality.
- Improving the App based on crash reports (when provided with consent).
- Ensuring the security and integrity of our Website.
- Responding to support requests.
- Consent (Art. 6(1)(a) GDPR): For crash reporting and support communications where we ask for your explicit consent. You can withdraw your consent at any time.
- Contract Necessity (Art. 6(1)(b) GDPR): Processing necessary to provide you with the App through app store distribution.
Data Sharing and Third Parties
We do not sell your personal data. Due to the offline nature of our App, we have minimal data sharing:
- App Store Platforms: Apple App Store and Microsoft Store handle app distribution, updates, and purchase processing. We do not have access to your personal payment information or detailed user data from these platforms.
- Support Communications: We may use email service providers to respond to your support requests.
- Crash Reporting: If you opt-in to crash reporting through your device settings, anonymized crash data may be shared with us through the respective app store's crash reporting systems.
Your content created within the App (notes, tasks, etc.) remains entirely on your device and is never shared with us or any third parties.
International Data Transfers
Since the App works offline and your content remains on your device, there are minimal international data transfers. Any limited data transfers (such as support communications) are handled with appropriate safeguards:
- Using Standard Contractual Clauses (SCCs) approved by the European Commission when necessary.
- Ensuring adequate data protection measures are in place.
Data Security
We implement appropriate technical and organizational measures to protect any personal data we process:
- App Security: Your content within the App is protected by your device's security features and remains under your control.
- Website Security: We use encryption and access controls to protect our Website and any support communications.
- Minimal Data Collection: By design, we collect minimal personal data, reducing privacy risks.
Data Retention
Due to the offline nature of our App, data retention is primarily under your control:
- App Content: Your notes, tasks, and other content are stored on your device for as long as you choose to keep them.
- Support Communications: We retain support communications for a reasonable period to assist with ongoing issues and for legal/audit purposes.
- Website Data: Basic website interaction data may be retained for security and analytical purposes in anonymized form.
Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
- Right of Access: You can request a copy of the personal data we hold about you (note that most of your data remains on your device under your control).
- Right to Rectification: You can request correction of inaccurate or incomplete personal data.
- Right to Erasure ('Right to be Forgotten'): You can request deletion of your personal data under certain conditions.
- Right to Restriction of Processing: You can request that we limit the processing of your personal data under certain circumstances.
- Right to Data Portability: You can request to receive your personal data in a structured, commonly used, machine-readable format.
- Right to Object: You can object to the processing of your personal data based on legitimate interests.
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw your consent at any time.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your Member State.
To exercise these rights, please contact us through our contact page. We may need to verify your identity before processing your request.
App Store Privacy
The Gubb app is distributed through:
- Apple App Store: Subject to Apple's App Store privacy policies
- Microsoft Store: Subject to Microsoft Store privacy policies
These platforms may collect their own analytics and usage data according to their respective privacy policies. We do not have access to this platform-specific data.
Offline Operation
Our App is designed to work completely offline. This means:
- Your content (notes, tasks, etc.) never leaves your device
- No internet connection is required for core App functionality
- We do not track your usage or collect analytics from within the App
- Your privacy is enhanced by the offline-first design
Children's Privacy
Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take steps to delete it promptly.
Changes to This Statement
We may update this GDPR Compliance Statement from time to time. We will notify you of any significant changes by posting the new statement on our Website. We encourage you to review this statement periodically.
Contact Us
If you have any questions or concerns about this GDPR Compliance Statement or our data protection practices, please contact us through our contact page.