BACK TO REALITY

PRIVACY POLICY

Last Updated: December 10, 2025

We (Arunaka, the developer of Subskuy) built the Subskuy app as a Freemium app. This SERVICE is provided by Arunaka at no cost for basic features and is intended for use as is. We take a "Local First" approach to your data.

1. Introduction

This Privacy Policy explains how Subskuy ("we," "our," or "us") handles information when you use our mobile application. We are committed to protecting your privacy and being transparent about our data practices.

Key Principle: Subskuy operates on a "Local First" architecture. This means your subscription data, payment information, and personal notes are stored locally on your device by default. We do not maintain servers that store your financial information.

2. Information We Do NOT Collect

We do NOT collect the following information:

  • Your subscription details: Names of services, amounts, payment dates, or notes you enter
  • Financial account information: Bank account numbers, credit card details, or payment methods
  • Personal identification: Real names, addresses, phone numbers, or email addresses (unless you contact support)
  • Location data: GPS coordinates or location history
  • Contact information: Your contacts or address book
  • Biometric data: Your fingerprint or face scan data (handled entirely by your device's secure enclave)

🔒 Your subscription data never leaves your device unless you explicitly enable Cloud Sync to your own account.

3. Information Collection and Use

3.1 Local Device Storage

All your subscription details, payment amounts, billing cycles, notes, and categories are stored in an SQLite database directly on your device. This includes:

  • Subscription names and service information
  • Payment amounts and currencies
  • Billing dates and cycles
  • Custom notes and categories
  • Payment history (if you mark subscriptions as paid)
  • App preferences and settings

Important: If you delete the app without enabling Cloud Sync, this data is permanently lost. We cannot recover it because we never had access to it.

3.2 Third-Party Services

The app uses third-party services that may collect information used to identify you anonymously for analytics, functionality, and service delivery:

A. Google Play Services & Firebase Analytics (Android)

  • Purpose: Crash reporting, performance monitoring, and understanding app usage patterns
  • Data Collected: Anonymized crash reports, device model, OS version, app version, screen views (which screens you visit, not what data you enter), session duration
  • What We See: "User visited Settings screen" - NOT "User has Netflix subscription for $15.99"
  • Privacy: All data is anonymized and aggregated. No personal identifiers are collected.
  • Opt-Out: You can disable analytics in your device settings, though this may affect our ability to fix bugs
  • Privacy Policy: Google Privacy Policy

B. Apple Analytics (iOS)

  • Purpose: Crash reporting and app performance monitoring
  • Data Collected: Anonymized crash logs, device type, OS version, app version
  • What We See: Technical error information only - no subscription data
  • Privacy: Apple anonymizes all analytics data
  • Opt-Out: Disable "Share Analytics" in iOS Settings → Privacy & Security → Analytics & Improvements
  • Privacy Policy: Apple Privacy Policy

C. RevenueCat (In-App Purchases)

  • Purpose: Managing Pro subscription purchases, verifying receipts, handling subscription renewals
  • Data Collected: Purchase receipts, subscription status (active/cancelled), transaction IDs, device identifiers (for fraud prevention)
  • What We See: "User purchased Pro subscription" - NOT "User tracks Netflix, Spotify, and Adobe subscriptions"
  • What They DON'T See: Your subscription tracking data, payment amounts, or service names
  • Privacy: RevenueCat processes payment data but does not receive your subscription content
  • Privacy Policy: RevenueCat Privacy Policy

D. Google Drive / iCloud (Cloud Sync - Pro Feature Only)

  • Purpose: Backup and sync your subscription data across devices
  • How It Works: If you enable Cloud Sync, encrypted backup files are uploaded to YOUR personal Google Drive (Android) or iCloud (iOS) account
  • What We See: NOTHING. We cannot access your Google Drive or iCloud files. They are stored in your account, encrypted, and only accessible by you
  • Data Stored: Encrypted backup files containing your subscription data
  • Your Control: You can disable sync, delete backup files, or revoke access at any time
  • Privacy Policies:Google Drive /iCloud

E. Currency Exchange Rates

  • Purpose: Converting subscription amounts between different currencies
  • How It Works: Exchange rates are fetched automatically from a third-party API when the app opens
  • Data Collected: Currency pair requests (e.g., USD to EUR) - no personal data included
  • What We See: Nothing. Currency requests are made directly to the exchange rate API
  • Third-Party API: We use an open-source exchange rate API for currency conversion
  • Privacy: No personal information is sent with currency rate requests. Fetched rates are stored locally on your device

💡 Exchange rates are automatically refreshed when you open the app. An internet connection is required for updates.

3.3 Support Communications

If you contact us via email (al.askariyy@gmail.com), we collect:

  • Your email address
  • Message content and any attachments
  • Device information you voluntarily provide (for troubleshooting)

We use this information solely to respond to your inquiries and provide support. We do not use support emails for marketing purposes.

4. Log Data and Error Reporting

When the app encounters an error or crash, we automatically collect diagnostic information through third-party analytics services. This Log Data may include:

  • Device Internet Protocol ("IP") address (anonymized)
  • Device name and model
  • Operating system version
  • App version and build number
  • Time and date of the error
  • Stack traces and error messages (technical details only)
  • App configuration at the time of error

What This Does NOT Include: Your subscription data, payment amounts, notes, or any personal information you entered into the app.

This data helps us identify and fix bugs, improve app stability, and enhance user experience. All crash reports are anonymized and aggregated.

5. How We Use Information

We use the limited information we collect for the following purposes:

  • App Functionality: Processing in-app purchases, verifying subscriptions, enabling cloud sync
  • Improvement: Analyzing crash reports and usage patterns to fix bugs and improve features
  • Support: Responding to your support requests and troubleshooting issues
  • Legal Compliance: Complying with applicable laws and regulations

We do NOT use your information for advertising, marketing, or selling to third parties.

6. Data Sharing and Disclosure

6.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information or subscription data to third parties. Ever.

6.2 Limited Sharing

We only share information in the following limited circumstances:

  • Service Providers: With third-party services necessary for app functionality (as described in Section 3.2), subject to their privacy policies
  • Legal Requirements: If required by law, court order, or government regulation
  • Protection of Rights: To protect our rights, property, or safety, or that of our users
  • Business Transfers: In the event of a merger, acquisition, or sale of assets (we would notify users of any such change)

6.3 Cloud Sync Data

When you enable Cloud Sync, your data is stored in your personal Google Drive or iCloud account. This data is:

  • Encrypted before upload
  • Stored in YOUR account, not ours
  • Subject to Google's or Apple's privacy policies
  • Accessible only by you (we cannot access it)

7. Data Security

We implement security measures to protect your information:

  • Local Encryption: Subscription data stored locally uses device-level encryption (iOS) or Android's built-in security
  • Biometric Protection: Pro users can enable FaceID/Fingerprint lock (handled by device secure enclave)
  • Cloud Encryption: Backup files are encrypted before upload to Google Drive/iCloud
  • No Server Storage: By design, we don't store your data on servers, reducing attack surface
  • Secure APIs: All API communications use HTTPS/TLS encryption

⚠️ However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Data Retention

8.1 Local Device Data

Your subscription data remains on your device until you:

  • Delete the app (data is permanently removed)
  • Manually delete individual subscriptions
  • Clear app data through device settings

8.2 Cloud Backup Data

If you enable Cloud Sync, backup files remain in your Google Drive/iCloud account until you manually delete them. We do not have access to delete these files.

8.3 Analytics Data

Anonymized analytics data is retained by third-party services according to their policies:

  • Firebase Analytics: Retained for up to 14 months
  • Apple Analytics: Retained according to Apple's policies
  • RevenueCat: Retained as long as necessary for subscription management

8.4 Support Communications

Support emails are retained for up to 2 years for reference and troubleshooting purposes.

9. Your Rights and Choices

9.1 Access and Control

You have the following rights regarding your data:

  • Access: View all your subscription data directly in the app
  • Modification: Edit or delete subscriptions at any time
  • Export: Pro users can export data to CSV format
  • Deletion: Delete the app to remove all local data (we cannot recover it)
  • Cloud Sync Control: Enable, disable, or delete cloud backups at any time

9.2 Analytics Opt-Out

You can opt out of analytics data collection:

  • Android: Disable "Usage & Diagnostics" in Google Play Services settings
  • iOS: Disable "Share Analytics" in Settings → Privacy & Security → Analytics & Improvements

Note: Disabling analytics may affect our ability to identify and fix bugs.

9.3 GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

  • Right to Access: Request a copy of any personal data we hold (though we hold minimal data)
  • Right to Rectification: Correct inaccurate data (you can do this directly in the app)
  • Right to Erasure: Request deletion of personal data (delete the app or contact us)
  • Right to Data Portability: Export your data (Pro feature: CSV export)
  • Right to Object: Object to processing of your data (opt out of analytics)

To exercise these rights, contact us at al.askariyy@gmail.com.

9.4 CCPA Rights (California Users)

If you are a California resident, you have rights under CCPA:

  • Right to Know: Request information about data collection and sharing
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
  • Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at al.askariyy@gmail.com.

10. International Data Transfers

Subskuy is developed and operated from Indonesia. If you use the app from outside Indonesia, your data may be transferred to and processed in Indonesia or other countries where our service providers operate.

Third-party services we use (Google, Apple, RevenueCat) may process data in various countries. By using the app, you consent to such transfers.

We ensure that appropriate safeguards are in place for international data transfers, including:

  • Standard contractual clauses with service providers
  • Compliance with applicable data protection laws
  • Encryption of data in transit

11. Children's Privacy

Subskuy is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at al.askariyy@gmail.com. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

If you are between 13 and 18 years old, you must have your parent or guardian's permission to use Subskuy.

12. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Investigate the breach immediately
  • Notify affected users within 72 hours (where required by law)
  • Provide details about what information was affected
  • Recommend steps you can take to protect yourself
  • Report to relevant data protection authorities if required

💡 Note: Since we don't store your subscription data on servers, the risk of data breaches affecting your financial information is significantly reduced.

13. Cookies and Tracking Technologies

Subskuy is a mobile app and does not use cookies or web-based tracking technologies. However, we use:

  • Device Identifiers: Anonymous device IDs for analytics (not linked to your identity)
  • Local Storage: SQLite database on your device (not cookies)
  • App Preferences: Stored locally on your device

We do not use cross-app tracking, fingerprinting, or other invasive tracking methods.

14. Third-Party Links and Services

The app may contain links to third-party websites or services (e.g., subscription service websites). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

When you use Cloud Sync, you are using Google Drive or iCloud services, which are subject to Google's and Apple's respective privacy policies.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:

  • Post the updated Privacy Policy on this page
  • Update the "Last Updated" date at the top
  • Notify users of material changes through the app or via email (if we have your contact information)
  • Provide a summary of significant changes

Your continued use of the app after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the app and delete it.

We recommend reviewing this Privacy Policy periodically to stay informed about how we protect your information.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email:

al.askariyy@gmail.com

Response Time:

We aim to respond within 24-48 hours

Data Protection Inquiries:

For GDPR or CCPA requests, please include "Privacy Request" in the subject line

17. Effective Date and Acknowledgment

This Privacy Policy is effective as of December 10, 2025, and applies to all users of Subskuy.

By downloading, installing, or using Subskuy, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please do not use the app.

🔒 Your privacy matters. We're committed to keeping your data local, private, and under your control.