The Pubble Web Service Privacy Statement

This Privacy Policy explains how Pubble may collect, use, and disclose "Personal Data" and other information we obtain through Pubble's messaging applications.Personal Data means any information processed by Pubble relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.Pubble will only collect, process or use Personal Data for the purposes of providing the Services. Pubble does not sell, trade or otherwise transfer your personal information to third parties in any manner that could be harmful, dangerous or violating your privacy.For citizens based in the EU, certain regulations apply to Personal Data stored on their behalf as set out by the EU General Data Protection Regulation (GDPR) - regulation (EU) 2016/679. For all Personal Data collected, regardless of location, Pubble will comply with the provisions of the GDPR in the context of its obligations as controller of the data to the extent applicable. Details of how we coply with GDPR are available here.Pubble agrees to use commercially reasonable technical and organisational measures designed to prevent unauthorised access, use, alteration or disclosure of Personal Data. Pubble will have no responsibility for errors in transmission, unauthorised third-party access or other causes beyond Pubble's control. In certain situations, it may be a legal requirement for us to disclose Personal Data to the relevant authorities.

What information does Pubble collect?

Using Pubble Apps, you may voluntarily provide Personal Data (name, email, phone number) using the Service. In addition, one other form of Personal Data, namely IP address, is collected automatically. Pubble also stores your conversation history. You should note that, while not necessary for the purposes of the Service, you may voluntarily provide extra Personal Data in the course of a conversation. You consent that Pubble collects and processes such information for the purposes outlined in this Privacy Statement.Other, non-personal information is also collected, namely User Agent (browser details) and pages browsed when using Pubble.

Where is your data stored?

Pubble stores all of its data in the EU. You should note that, depending on the information you provide, Personal Data may be temporarily transferred outside of the EU solely for the purposes of providing the service. As an example, if you voluntarily choose to submit your email address in order to be notified of a reply by email, your email address is temporarily transferred to a 3rd party service outside of the EU, in order to notify you. Note also that Pubble will only use 3rd party service providers that have adequate security measures in place aligned with the GDPR.

Your rights in relation to your Personal Data

As outlined in the GDPR, you have the following rights in relation to your Personal Data. Note, that the GDPR only stipulates that these rights are required for EU citizens. We, however, apply these rights to your Personal Data regardless of your location.

‍1. Right to access – you have to access and view any Personal Data we store relating to you.

‍2. Right to rectification – you have the right to request we update any information we hold about you that is inaccurate.

‍3. Right to be forgotten – you have the right to request we erase any information we hold you on, except where we are subject to hold that data under legislation or for legal requirements.

‍4. Right to restriction – you have the right to request we temporarily restrict the processing of your Personal Data under the conditions set out in the GDPR.

‍5.Right to data portability – you have the right to obtain a machine-readable copy of the Personal Data we store for you.Whenever you use our services, we aim to provide you with access to your personal information. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legal purposes.

What about cookies?

Cookies are small text files which are stored on a user's computer and are designed to hold a modest amount of data specific to a particular user and website e.g. time on site. They can be accessed either by the web server or the client computer. It is important to note that accepting cookies used on our site does not give us access to any personal information. Most browsers automatically accept cookies by default, but you can usually refuse cookies or selectively accept certain cookies by adjusting the preferences in your browser

Age Requirement

In line with the GDPR you must be 16 years or older to use the Pubble service. Pubble is committed to protecting the privacy of young children, and therefore does not knowingly collect or maintain personal information on the service from persons under 16 years of age.

Acceptance of Privacy Policy

By using Pubble's messaging applications, you agree to terms of this Privacy Policy. We recommend that you review this Policy periodically, as we may update it from time to time. If you continue to use the services after those changes are in effect, you agree to the revised Policy.

Revised: 05 February, 2026

What is GDPR?

The EU General Data Protection Regulation, GDPR (2016/679) is a regulation in EU law on data protection and privacy for all individuals within the European Union. It replaces the 1995 Data Protection Directive (Directive 95/46/EC). The GDPR lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

What changes have we made in order to comply with new General Data Protection Regulation (GDPR)?

The security and protection of our customers' data is of paramount importance to us and this has always been the case. We welcome the new GDPR as directed by the EU in order for every company to be more transparent about how customers' data is used. To that end, we have made changes to our Terms of Service, Privacy Policy and Data Processing Agreement as well as making significant technical changes to the Pubble app.

Changes to our Terms of Service & Privacy Policy

We have revamped our Terms of Service, Privacy Statement and Data Processing Agreements with particular emphasis on making them easier to understand and as transparent as possible. In summary, Pubble stores all personal data in the EU. Any personal data collected adheres to the "Privacy by default" guidelines as stated in the EU General Data Protection Regulation (GDPR). This means that the strictest privacy settings are applied to your personal data by default. The data collected is used solely for the purposes of providing a service to our customers and is not used for marketing purposes or sold to any third party under any circumstances.

What changes have we made to the Pubble app from a technical point of view in order to comply with GDPR regulations?

We have made significant changes to Pubble in order to comply with the GDPR.

‍Privacy Panel
‍The Admin Panel contains a new section allow our customers to set their privacy requirements in order to comply with the GDPR. We call this the "Privacy Panel". This section allows you to set your data requirements as well as being able to approve the sub-processors that Pubble uses.
‍
Full control over user data
‍Under the GDPR data subjects have the right to access the personal data stored on their behalf. In addition, they have the Right to be Forgotten, the Right to Portability and the Right to Rectification of their data. Should a user enforce their rights, Pubble gives you (the Controller) complete control to ensure that you can accommodate your customers' requests in relation to their data.
‍
Access to personal data
‍Data subjects can request and access any data that a data controller is holding on them and to find out if that data is being processed or not, where it's being held, and, for what purpose. From the visitor record, the data controller has access to and can manage all of the personal data that Pubble holds.
‍
Right to be forgotten
‍The GDPR states that, if requested by the data subject, a company will have to erase the personal data that they are holding on that data subject and to cease any further processing of that data. If requested to do so, the data controller can erase the user data from the visitor record in the admin panel.
‍
Right to portability
‍Data Portability is a new consumer right introduced under GDPR. The requirement states that a data subject will be able to receive personal data concerning them in a commonly used and machine-readable format free of charge. Users will then have the right to transfer or transmit this data to another controller or company. The data controller can export the visitor records to an electronic format from the visitor record
‍
Right to rectificationThe data subject has the right to rectification of inaccurate personal data concerning him or her. If requested to do so, the data controller can update the user data from the visitor record in the admin panel.

Extra data management options for Data Controllers

Delete community & accounts
‍On request, customers now have the option to delete their community on Pubble and/or member accounts. Note: Customers always had the ability to add/remove team members as necessary and this has not changed.
‍
Audit log & Data Breach Management
‍Organisations need to be able to capture security events in the form of audit logs to be able to confirm if a breach has taken place, and if so, how to measure the impact of that breach and determine what needs to be reported to the DPA (if necessary) and, ultimately, the affected data subjects. The Pubble audit log tracks anything on the Pubble app that can be added, updated and deleted. This is an extensive list that includes things such as community, account, team members, visitor posts etc. The audit log records who made the change with an associated time stamp. This gives a community administrator a log to refer to in case of any security breach or an audit.
‍
Privacy Statement section for data controllers
‍The Privacy Panel now has a section where our customers can reference their Privacy Statement. If the option is chosen to request consent from the data subject before submitting personal data to Pubble, the Privacy statement will be linked in the consent statement.

Individual App Settings

Consent for personal data to be processed and shared
‍Pubble has added an option to add a check box to each of the Pubble apps before a request to obtain personal data (See Image 1). This allows the data controller to explicitly request consent from the data subject to collect personal data from them.

What changes have we made to the Pubble website from a technical point of view in order to comply with GDPR regulations?

Account creation
‍On creating an account, Pubble needs certain personal data in order to allocate the account correctly. The information we collect is name and email address. We have added a checkbox for users to agree to the Pubble Terms of Service and Privacy Statement at this stage. Users have to agree to the terms wherever a Pubble account is created e.g. if a new user is invited to an existing community or if the community offers self-registration.

Revised: 05 February, 2026