Privacy Policy for Jublu

Introduction

Welcome to Jublu, a digital wellness application designed to help you manage your screen time and maintain focus by blocking distracting apps, websites, and notifications. This Privacy Policy explains how we collect, use, and protect your information when you use our mobile application.

Jublu is operated by:

• Name: Soules Studio Ltd
• Companies House Number: 16797987
• Registered Address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
• Contact: privacy@jublu.app

We are committed to protecting your privacy and being transparent about our data practices.

Our privacy commitment

Information we collect

1. Information stored locally on your device

Jublu stores the following information locally on your device only:

a. App usage data

• What we collect: List of apps you choose to block, blocking schedules, usage statistics, blocking session history, and app usage time
• Purpose: To provide app blocking functionality, usage insights, and session tracking
• Storage: Local SQLite database on your device
• Sharing: Never shared with us or third parties
• Details: This includes total screen time per app, app open counts, foreground/background time, time-of-day usage patterns (hourly breakdown), and session durations

b. Blocking groups & preferences

• What we collect: Your custom blocking groups (Deep Focus, Work Mode, etc.), app preferences, settings, and blocking schedules (one-time or recurring)
• Purpose: To organize your blocking sessions and save your preferences
• Storage: Local device storage
• Sharing: Never shared
• Details: Includes group names, apps per group, schedule configurations (start time, end time, duration), and lock-in settings

c. Notification data

• What we collect: When you enable notification blocking for a group, we collect:
  • Notification title and text (stored locally only)
  • App package name and app name
  • Timestamp when notification arrived
  • Notification metadata (notification key, post time)
  • Whether notification was dismissed or interacted with
• Purpose: To prevent distractions from blocked app notifications and allow you to review missed notifications later
• Storage: Stored locally in SQLite database with 30-day automatic deletion
• Technical Details: We use an in-memory cache to preserve PendingIntent deep links for 24 hours. If the service is restarted, deep links fall back to opening the app's main screen
• Sharing: Never shared. Notification content is NEVER sent to our servers or third parties
• Spam Detection: We analyze notification frequency locally to detect spam patterns (>50 notifications/day) and suggest blocking high-notification apps

d. Blocking attempt analytics

• What we collect: When you attempt to open a blocked app, we record:
  • Package name and timestamp of attempt
  • Number of consecutive attempts within a session
  • Time spent on blocking screen
  • Conversation message shown during blocking
  • Time of day and day of week patterns
• Purpose: To show you insights about your distraction patterns and improve blocking effectiveness
• Storage: Local database with 90-day retention
• Sharing: Never shared

e. Session details & insights

• What we collect: Comprehensive data about each blocking session:
  • Session duration and active time
  • Number of blocked attempts per app
  • Notifications blocked during session
  • Focus effectiveness metrics
• Purpose: To provide detailed session breakdowns and help you understand your focus patterns
• Storage: Local database
• Sharing: Never shared

2. Analytics & crash data (collected via Firebase)

To improve app performance and fix bugs, we use Firebase Analytics and Firebase Crashlytics:

Firebase analytics

We collect anonymous usage analytics to understand how users interact with Jublu. This data helps us improve the app and prioritize features.

Events we track:

• Screen views (Home, Groups, Profile, Settings, Permission Status, etc.)
• Feature usage (group creation, app blocking activation, session start/end)
• Onboarding flow progress (steps viewed, completed, or skipped)
• Permission events (requested, granted, denied, revoked detection)
• Group management (created, edited, deleted, activated, deactivated)
• Blocking interactions (block triggered, blocking screen shown/dismissed, conversation read)
• App lifecycle (app opened, backgrounded, session duration)

User properties we track:

• Total groups count, total blocked apps count
• Permission status (accessibility, notification, usage stats)
• Days since install
• Engagement metrics (total sessions, blocking sessions started)

Data collected:

• Device model, OS version, app version
• Anonymous user identifier (Firebase-generated)
• General usage patterns (which features are used, how often)
• Session durations and app open frequency

What we don't track:

• ❌ Specific app names you block (only counts)
• ❌ Notification content
• ❌ Your personal information
• ❌ Any personally identifiable information

Data retention: 90 days for analytics events, then automatically deleted

Firebase Privacy Policy: https://firebase.google.com/support/privacy

Firebase crashlytics

• What we collect: Crash reports, device state at time of crash, stack traces, non-fatal exceptions
• Purpose: Identify and fix bugs to improve app stability
• Personally identifiable information: None
• Firebase Privacy Policy: https://firebase.google.com/support/privacy

Note: Firebase Analytics and Crashlytics are provided by Google LLC. These services may collect limited device information to provide their functionality. You can learn more in Google's Privacy Policy.

3. Background permission monitoring

To ensure Jublu remains functional, we use WorkManager to periodically check permission status:

• What we check: Accessibility Service, Notification Listener, and Usage Stats permissions
• Frequency: Every 6 hours in the background
• Purpose: Detect if permissions are revoked and notify you to restore them
• Data collected: Permission status (granted/denied) stored locally
• Battery impact: Minimal (<1% per day)
• Notifications: We send you a notification if a critical permission is revoked

4. AI features & recommendations (future)

When AI features launch, we will:

• Use locally-stored data to generate personalized recommendations
• Suggest blocking groups based on your usage patterns
• Provide smart category search to help you find distracting apps
• All AI processing happens on-device or with anonymized data only
• You will be able to opt-out of AI features

5. Information we do not collect

Jublu does NOT collect, store, or transmit:

• ❌ Your name, email, or phone number
• ❌ Your location data
• ❌ The content of your notifications (beyond local storage for your viewing)
• ❌ The content of apps you use
• ❌ Your contacts, photos, or files
• ❌ Your browsing history or web traffic
• ❌ Specific app names in analytics (only anonymous counts)
• ❌ Any personally identifiable information

Permissions we request

Jublu requires certain Android permissions to function. Here's exactly why we need each one:

1. Accessibility service permission (critical)

• Why we need it: To monitor which app is currently in the foreground, block access to apps on your blocking list, and detect blocked websites in supported browsers
• What we access: Current foreground app package name and browser URL bar text (for website blocking)
• What we DON'T access: We do not read, collect, or transmit any content from your apps, text you type, passwords, or personal information. We never access webpage content, only the URL displayed in the address bar.
• How we use it: When a blocked app is launched or a blocked website is visited, we immediately navigate you away and show a blocking screen with motivational content
• Data storage: The list of apps and websites you choose to block is stored locally on your device only
• Background monitoring: This permission is periodically checked every 6 hours to ensure blocking remains active
• Google Play requirement: Accessibility services are intended for users with disabilities. Jublu uses this permission to help users with digital wellness by blocking distracting apps and websites, improving focus and productivity.

2. Usage stats permission (required)

• Why we need it: To display your app usage statistics, insights, and session details
• What we access: Time spent in each app, app open times, app foreground/background events (read-only)
• How we use it:
  • Show you analytics about your digital habits
  • Generate daily summaries and insights
  • Track blocking effectiveness
  • Calculate distraction scores and focus streaks
• Data storage: Usage statistics are processed daily and stored locally on your device only
• Data retention: 90 days of historical usage data, then automatically deleted

3. Notification listener permission (optional)

• Why we need it: To block notifications from apps during blocking sessions and store them for later review
• What we access:
  • Notification title and text
  • App package name and app name
  • Timestamp when notification arrived
  • Notification PendingIntent (for deep linking)
• What we DON'T access: We do not read notifications from apps that are not being blocked
• How we use it:
  • Suppress distracting notifications during focus sessions
  • Store notification history locally for 30 days
  • Count notifications per app to detect spam patterns
  • Preserve deep links for easy access when you're ready
• Data storage: Notifications are stored locally only, deleted after 30 days
• Per-group control: You can enable/disable notification blocking for each blocking group separately
• Privacy guarantee: Notification content NEVER leaves your device

4. Other permissions

• Foreground Service: To keep blocking active while you use your device
• Boot Completed: To restore your blocking schedules after device restart
• Post Notifications (Android 13+): To show you notifications about:
  • Active blocking sessions
  • Permission revocation alerts
  • Spam app suggestions
  • Session summaries
• Schedule Exact Alarm: To start and stop blocking sessions at precise times
• Battery Optimization Exemption (Optional): To ensure blocking works reliably in the background (you can decline this)

Website blocking (premium feature)

Your browsing stays private

Website blocking helps you stay focused by gently reminding you when you visit sites you've chosen to limit. Here's how it works and why your privacy is protected.

How it works

When you're using a supported browser, Jublu checks if the website address matches your personal blocklist. If it does, you'll see a thoughtful reminder message. That's it.

The entire process happens on your phone. Your browsing data never leaves your device and is never sent to our servers.

What stays on your device only

• Your blocklist: To know which sites to block (stored on your phone only)
• Attempt counts: To personalize message tone (stored on your phone only)
• Browser in use: To ensure compatibility (stored on your phone only)

What we never access

• The content of any webpage you visit
• Your browsing history
• Anything you type into websites
• Data from unsupported browsers

You're always in control

• Turn it off anytime in your group settings
• Choose your browsers so blocking only works where you want
• Revoke permission in Android settings to stop all website detection instantly
• Delete everything by uninstalling Jublu. All local data is removed

Supported browsers

Chrome, Samsung Internet, Firefox, and DuckDuckGo. Other browsers are unaffected by website blocking.

Technical note

If website detection experiences errors, we send anonymous diagnostic information (browser version, device model) to help us fix bugs. This never includes any website addresses or browsing content.

How we use your information

Local processing only

All your personal data (apps you block, usage stats, preferences, notifications) is:

• ✅ Processed entirely on your device
• ✅ Never uploaded to our servers (unless you opt-in for anonymous analytics)
• ✅ Never shared with third parties
• ✅ Under your complete control
• ✅ Automatically deleted based on retention policies (30 days for notifications, 90 days for analytics)

Analytics for improvement

Anonymous, non-personal analytics data collected via Firebase is used to:

• Understand which features are most popular
• Identify bugs and crashes to fix
• Improve app performance and user experience
• Make informed decisions about new features
• Measure engagement and retention
• Optimize onboarding flow

Aggregation & Anonymization:

• Analytics data is aggregated daily
• Individual data points cannot be traced back to you
• No notification content or app names are included in analytics
• All analytics respect our 90-day retention policy

Data sharing & third parties

We do not share your data

Jublu does not sell, rent, or share your personal information with third parties for marketing or advertising purposes.

Third-party services we use

We use the following third-party services that may collect limited data:

1. Firebase Analytics (Google LLC)
   • Purpose: Anonymous usage analytics
   • Data collected: Device info, app usage patterns, event tracking (anonymous)
   • Data retention: 90 days
   • Privacy Policy: https://firebase.google.com/support/privacy
2. Firebase Crashlytics (Google LLC)
   • Purpose: Crash reporting and bug fixes
   • Data collected: Crash logs, device state, stack traces (anonymous)
   • Privacy Policy: https://firebase.google.com/support/privacy

Data Minimization: These services are configured to collect minimal, anonymous data only. We have disabled any optional data collection features.

Data security

How we protect your data

• Local Storage: All personal data is stored locally on your device using Android's secure storage mechanisms (SQLite with Android's built-in encryption)
• No Cloud Transmission: Your blocking lists, preferences, notification content, and usage data never leave your device
• In-Memory Security: PendingIntent cache for deep linking is stored in memory only and cleared after 24 hours or when service restarts
• Encryption: Android's built-in security protects your local data
• No Accounts: Since we don't require accounts, there's no password or login credentials to compromise
• Secure Analytics: Firebase Analytics uses TLS encryption for any data transmission
• Background Worker Security: Permission monitoring workers use secure system APIs only

Your responsibility

• Keep your device secure with a PIN, password, or biometric lock
• Only install Jublu from official sources (Google Play Store)
• Keep your device's operating system updated
• Review and understand the permissions you grant
• Regularly check permission status in the app's Profile screen

Data retention & deletion

Local data retention policies

Different types of data have different retention periods:

1. Blocking Groups & Preferences: Stored indefinitely until you delete them
2. Notification History: Automatically deleted after 30 days
3. App Usage Analytics: Automatically deleted after 90 days
4. Block Attempt Analytics: Automatically deleted after 90 days
5. Session Details: Automatically deleted after 90 days
6. Daily Summaries: Automatically deleted after 90 days

Automatic Cleanup: A background worker runs daily at midnight to delete data older than the retention period.

Analytics data

• Firebase Analytics: 90 days retention, then automatically deleted
• Firebase Crashlytics: Retained according to Google's policies (typically 90 days)
• Note: This data is anonymous and cannot be tied back to you

Manual data deletion

You can delete all app data at any time by:

1. Within the app: Settings > Privacy > Delete All Data (when available)
2. Android Settings: Settings > Apps > Jublu > Storage > Clear Data
3. Uninstall: Uninstalling the app removes all local data permanently

GDPR data export

For users in the European Economic Area (EEA):

• You can export all your data in JSON format
• Export includes: blocking groups, usage analytics, notification history, session details, and settings
• Export is generated within 30 seconds and saved to your device storage
• No data is transmitted during export (fully local operation)

Your rights & choices

You have the following rights regarding your data:

1. Access your data

• All your data is stored locally on your device
• You can view your blocking lists, preferences, usage stats, notification history, and session details within the app
• You can export all data in JSON format (Settings > Privacy > Export Data - when available)

2. Delete your data

• Delete specific items (notifications, sessions, groups) within the app
• Clear all app data via Android Settings
• Uninstall the app to delete all local information permanently
• Automatic deletion based on retention policies (30-90 days)

3. Control analytics

• Analytics are used to improve the app and are anonymous
• You can opt-out by contacting us at privacy@jublu.app
• Future versions will include in-app analytics toggle (Settings > Privacy > Anonymous Analytics)

4. Withdraw permissions

• You can revoke any permission (Accessibility, Usage Stats, Notifications) in Android Settings > Apps > Jublu > Permissions at any time
• The app will detect permission revocation within 6 hours and notify you
• Note that the app may not function properly without required permissions
• You can check permission status anytime in Profile > Permissions

5. Control notification blocking

• Enable/disable notification blocking for each blocking group individually
• Review and delete stored notifications at any time
• Control notification retention period (future feature)

Children's privacy

Jublu is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has used Jublu, please contact us at privacy@jublu.app so we can delete any data.

Age Requirement: Users must be at least 13 years of age. Users under 18 should have parental consent before using the app.

International users & GDPR compliance

For European Union users

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Access: You can access your data stored locally on your device at any time. Use the in-app data export feature to obtain a complete copy.
• Right to Deletion (Right to be Forgotten): You can delete your data by clearing app data or uninstalling the app. For analytics data, contact us to opt-out.
• Right to Data Portability: Export your data in machine-readable JSON format via Settings > Privacy > Export Data.
• Right to Object: You can object to analytics processing by contacting us or using the in-app opt-out toggle (when available).
• Right to Rectification: You can correct your data (groups, settings, preferences) within the app at any time.
• Right to Restriction of Processing: You can limit data processing by revoking permissions or disabling features.

Legal Basis for Processing:

• Contract Performance: To provide app blocking, notification management, and usage insights as core app functionality
• Legitimate Interest: To improve the service, fix bugs, and develop new features through anonymous analytics
• Consent: For optional features like notification blocking and analytics (you can withdraw consent anytime)

Data Controller: Soules Studio Ltd (contact: privacy@jublu.app)

Data Transfers: Since all personal data is stored locally on your device and never transmitted to our servers, there are no international data transfers. Anonymous analytics data sent to Firebase (Google LLC) is subject to Google's GDPR compliance measures.

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect new features, legal requirements, or operational changes. When we do, we will:

• Update the "Last Updated" date at the top of this document
• Notify you through the app (in-app banner or notification)
• For material changes, we may provide more prominent notice or request renewed consent
• Post the updated policy on our website and in the app

Your Rights: Your continued use of Jublu after changes constitutes acceptance of the updated Privacy Policy. If you do not agree with changes, you may stop using the app and delete your data.

Version History: Major versions of this Privacy Policy are archived and available upon request.

Google Play Store disclosure

Accessibility service use statement

Jublu uses the Accessibility Service API to provide app and website blocking functionality for digital wellness purposes. Specifically:

• Purpose: To detect when a user opens a blocked app or visits a blocked website in supported browsers, and immediately redirect them to a blocking screen, helping maintain focus and reduce digital distractions.
• Functionality: The Accessibility Service monitors the foreground app package name and reads the browser URL bar in supported browsers (Chrome, Samsung Internet, Firefox, DuckDuckGo). When a blocked app or website is detected, Jublu navigates the user away or displays a blocking screen with motivational content.
• Data Collection: Jublu does NOT collect, store, or transmit any data accessed through the Accessibility Service beyond the local device. All blocking preferences are stored locally on the user's device. Website URLs are checked in real-time and immediately discarded - we do not store browsing history.
• User Control: Users explicitly choose which apps and websites to block and can disable the service at any time through Android Settings.
• Privacy Guarantee: We do not use the Accessibility Service to read webpage content, capture keystrokes, access passwords, or collect any personal information. We only read the URL displayed in the browser's address bar to check against the user's blocklist.

Notification listener service use statement

Jublu uses the Notification Listener Service API to provide notification blocking functionality:

• Purpose: To intercept and store notifications from blocked apps during focus sessions, allowing users to review them later.
• Functionality: The service reads notification metadata (title, text, app name, timestamp) from blocked apps only and stores it locally.
• Data Collection: Notification content is stored locally on the user's device for 30 days, then automatically deleted. No notification content is transmitted to our servers.
• User Control: Users can enable/disable notification blocking per blocking group and can view/delete stored notifications at any time.
• Privacy Guarantee: We do not read, store, or transmit notifications from apps that are not actively being blocked.

Jublu does not use these services to collect, store, or transmit any personal or sensitive user data beyond the local device for app functionality. Website URLs checked for blocking are processed in real-time and never stored or transmitted.