Privacy Policy

1. What data stays on your device

The majority of Jublu's data never leaves your device. This includes your blocked apps, blocking groups, schedules, notification history, usage statistics, session data, and preferences. This data is stored locally and is not transmitted to us or any third party.

Local data like notification history (30 days) and usage analytics (90 days) is automatically deleted on a rolling basis.

2. What data we collect

If you use Jublu without an account, we only receive anonymous analytics. No personal data leaves your device.

Account data (optional)

Creating an account is optional. If you create one (via email/password or Google Sign-In), we collect your email address and a unique account identifier. Passwords are securely hashed by Firebase Authentication. We never store or see your plaintext password.

Subscription data

If you subscribe to Jublu Plus, we process your subscription status, purchase dates, and entitlement history through RevenueCat. Your payment method is handled entirely by Google Play. We never receive your card or bank details.

Analytics data

We use analytics to understand how Jublu is used and to fix issues. All analytics data is anonymised or pseudonymised. We use two providers:

Firebase Analytics (Google LLC): Anonymous usage events and device info, processed in the US. Retained for 90 days.
PostHog (PostHog, Inc.): Product usage events with additional privacy protections (user IDs hashed with SHA-256, app names redacted, PII automatically blocked). Processed in the EU.

We also use Firebase Crashlytics for crash reports to maintain app stability.

What we do NOT collect

We never collect your name, phone number, location, contacts, photos, browsing history, payment card numbers, or biometric data. We do not read the content of your apps or messages.

3. How we share data

We only share data with the services needed to run Jublu. We never sell it.

We share data only with the following service providers to operate Jublu:

Firebase (Google LLC): Account management, anonymous analytics, crash reporting, feature configuration. Processed in the US.
PostHog (PostHog, Inc.): Product analytics. Processed in the EU.
RevenueCat (RevenueCat, Inc.): Subscription management. Processed in the US.
Google Play Billing (Google LLC): Payment processing. Your payment details are managed by Google and not shared with us.

For US-based services, data transfers are covered by Standard Contractual Clauses (SCCs). PostHog data stays in the EU.

We may also disclose data if required by law.

4. Permissions

Jublu requires certain Android permissions to function:

Accessibility service: Detects which app is in the foreground to display blocking messages, and reads browser URLs for website blocking. We do not read any other screen content, text fields, or keyboard input.
Usage stats: Provides app usage analytics and daily summaries.
Notification listener (optional): Intercepts notifications from blocked apps during sessions. Stored locally for up to 30 days. Never transmitted off your device.

You can revoke any permission at any time through your device settings.

5. Data retention

Local data: Notification history is deleted after 30 days. Usage analytics and behavioural events are deleted after 90 days. Preferences persist until you delete them or uninstall.
Firebase Analytics: 90 days, then automatically deleted.
PostHog analytics: Retained while our PostHog account is active.
Account data: Retained until you delete your account (Profile > Delete account).
Subscription data: Retained by RevenueCat for legal and financial record-keeping. Google Play retains transaction records per their policies. Contact privacy@jublu.app for details.

If you do not have an account, uninstalling Jublu removes all data from your device.

6. Your rights

You can:

View and delete your local data within the app
Delete your account and all associated data via Profile > Delete account
Revoke any Android permission at any time
Opt out of analytics by contacting privacy@jublu.app
Request a copy of your data in a machine-readable format

If you are in the UK or EEA, you also have rights under data protection law including the right to access, rectify, erase, restrict processing, data portability, and the right to object. You can file a complaint with the Information Commissioner's Office (ICO) in the UK.

To exercise any of these rights, contact privacy@jublu.app. We will respond within 30 days.

7. California residents

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights. We do not sell or share your personal information for cross-context behavioural advertising. You have the right to know what data we collect, request deletion, and opt out of any sale of personal information. To exercise these rights, contact privacy@jublu.app.

8. Children

Jublu is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you are under 18, use Jublu only with parental consent. If you believe a child under 13 has provided us with personal information, contact us at privacy@jublu.app.

9. Changes to this policy

We may update this policy from time to time. For significant changes, we will notify you through an in-app notification. We will always update the "Last updated" date at the top.

Privacy policy