Back to Home

Privacy Policy

Last Updated: March 16, 2026

1. Introduction

Welcome to Quby. This Privacy Policy explains how Damir Rama ("we", "us", or "our") collects, uses, and protects your information when you use the Quby mobile application ("App"). We are committed to protecting your privacy and being transparent about our data practices.

Damir Rama
Switzerland
Email: quby@ramalabs.io

2. Information We Collect

2.1 Information You Provide

Feedback Submissions: When you submit feedback through the App, we collect:

  • Feedback type (Bug Report, Feature Request, or General Comment)
  • Feedback message content (10-1000 characters)
  • Timestamp of submission

This data is submitted anonymously—we do not collect your name, email, or any user identifier with feedback submissions.

2.2 Information Stored Locally on Your Device

The following information is stored only on your device and is never transmitted to our servers:

  • Scan History: A record of up to 50 QR codes you have scanned or generated, including the QR code type, content, timestamp, and source (scanned vs. created)
  • App Settings: Your preferences for theme (light/dark/system), haptic feedback, and auto-save toggle
  • Onboarding Status: A flag indicating whether you have completed the initial app tutorial

Note: This data is stored in plain text using your device's local storage (AsyncStorage). It is not encrypted and remains only on your device. You can delete this data at any time through the App's Settings menu.

2.3 Camera Access

The App requests camera permission to scan QR codes. The camera feed is processed in real-time on your device to detect QR codes. We do not capture, store, or transmit any camera images or video.

2.4 Analytics and Crash Reporting

We use third-party services to understand how users interact with the App and to identify crashes or errors:

  • Sentry (Crash Reporting): Automatically collects error reports, crash logs, device information (model, OS version), IP address, and app session data when the App encounters an error. Sentry may collect personally identifiable information (PII) such as IP addresses and device identifiers.
  • PostHog (Product Analytics): Collects anonymized usage data including screen views, app lifecycle events (launch, background, foreground), and basic device information. PostHog data is hosted on EU servers.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide App Functionality: To enable QR code scanning and generation
  • Improve the App: To understand usage patterns and prioritize feature development
  • Fix Bugs: To identify and resolve crashes, errors, and technical issues
  • Respond to Feedback: To review user suggestions and bug reports (note: we cannot respond directly as feedback is submitted anonymously)
  • Enhance User Experience: To optimize app performance and design

4. Third-Party Services

The App uses the following third-party services that may collect or process information:

ServicePurposeData SharedPrivacy Policy
SupabaseBackend database for feedback storageFeedback type, message, timestampSupabase Privacy
SentryError tracking and crash reportingCrash logs, device info, IP address, session dataSentry Privacy
PostHogProduct analyticsScreen views, app events, device info (anonymized)PostHog Privacy

These services have their own privacy policies. We encourage you to review them to understand how they handle data.

5. Data Storage and Security

  • Local Storage: Your scan history and app settings are stored only on your device using AsyncStorage. This data is not encrypted but is protected by your device's security features.
  • Cloud Storage: Feedback submissions are stored in a Supabase PostgreSQL database with row-level security enabled to prevent unauthorized access.
  • Encryption in Transit: All data transmitted between the App and our servers uses HTTPS/TLS encryption.
  • Access Controls: Anonymous users can only insert feedback into the database—they cannot view, modify, or delete existing feedback.

6. Data Retention

  • Local Data: Scan history and settings remain on your device indefinitely until you manually clear them or uninstall the App.
  • Feedback Data: Feedback submitted through the App is retained for up to 2 years, after which it may be automatically deleted.
  • Analytics Data: Crash reports and analytics data are retained according to Sentry's and PostHog's retention policies (typically 90 days for events, longer for aggregated data).

7. Your Rights and Choices

You have the following rights regarding your data:

  • Access: You can view your scan history and settings within the App at any time.
  • Deletion: You can delete individual scan history items or clear all history from the Settings menu. Uninstalling the App will permanently delete all local data.
  • Camera Permission: You can revoke camera access at any time through your device settings. The App will not function without camera permission but will display a prompt to re-enable it.
  • Data Portability: Since the App does not require user accounts and stores data locally, your data is already under your control on your device.
  • Opt-Out of Analytics: Currently, there is no in-app toggle to disable analytics. You may limit tracking through your device's privacy settings (iOS: Settings → Privacy & Security → Tracking → Limit Ad Tracking).

If you have questions about your data or wish to exercise your rights under applicable privacy laws, please contact us at quby@ramalabs.io.

8. Children's Privacy

The App is rated for ages 4 and up. We do not knowingly collect personal information from children. Because the App does not require user registration and only collects anonymous feedback, we do not have mechanisms to verify user age. Parents and guardians should supervise their children's use of the App.

9. International Data Transfers

We are based in Switzerland. The third-party services we use may process data in different locations:

  • Sentry: Data is processed in Germany (EU region)
  • PostHog: Data is stored on EU servers (eu.i.posthog.com)
  • Supabase: Data location depends on project configuration (likely EU or US)

If you are located in the European Economic Area (EEA) or Switzerland, we ensure that data transfers comply with applicable data protection laws, including the use of standard contractual clauses where necessary.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by:

  • Updating the "Last Updated" date at the top of this policy
  • Providing notice through the App or via app store update notes

Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

11. No User Accounts or Authentication

The App does not require user registration, login, or authentication. You can use all features anonymously. We do not collect email addresses, passwords, or create user profiles.

12. No Advertising or Marketing

The App is completely free and does not display advertisements. We do not use your data for marketing purposes or share it with advertising networks.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: quby@ramalabs.io
Developer: Damir Rama, Switzerland

This Privacy Policy is effective as of March 16, 2026 and applies to the Quby mobile application available on iOS.