Matteo Perotta

Check out my Apps

Luvbu Privacy

Last updated: March 3, 2026

1. Data Controller

The Data Controller is:

Matteo Perotta
Italy
Email: matteoperotta7@gmail.com

For any privacy-related request, you may contact the address above.

2. Data We Collect

Luvbu may process the following categories of data:

2.1 Account & Identifiers

  • User UID (Anonymous Firebase Authentication)

2.2 Profile Data

  • Display name
  • Profile color
  • Time zone
  • Notification preferences
  • App preferences (e.g. reduced motion, notification privacy, biometric lock)

2.3 Couple Data

  • coupleId
  • Member roles (A/B)
  • Couple status
  • Invite code

2.4 User Content

  • Text notes between partners
  • Routine messages (default and custom)
  • “Next meeting” metadata (title, location, date)

2.5 In-app Functional Data

  • Daily tap/mood/challenge data
  • Streaks and event feed
  • Presence timestamps (lastSeen)
  • Read timestamps

2.6 Diagnostics

  • Crash reports via Firebase Crashlytics

3. Data NOT Collected

The app does NOT collect or upload:

  • Personal photos (widget images are stored locally only)
  • Contacts
  • Location
  • Microphone data
  • Health data
  • Advertising tracking data

4. Notifications

The app uses local notifications for routines and reminders.

Firebase Cloud Messaging infrastructure is present but currently disabled.

5. Biometrics

Biometric unlock (Face ID / Touch ID) uses system APIs only (local_auth).

Biometric data:

  • Is never accessed by the app
  • Is never stored
  • Is never transmitted to servers

6. Purpose and Legal Basis

Data is processed for:

  • Account creation and management (contract performance)
  • Core app functionality (contract performance)
  • Local notifications (user consent)
  • Security and crash prevention (legitimate interest)
  • Infrastructure protection (legitimate interest)

7. Data Retention

Data is retained for as long as the account remains active.

Upon:

  • Account deletion
  • Explicit deletion request

Data will be deleted within 30 days, unless legal obligations apply.

Diagnostic data may be retained in aggregated form for statistical and technical purposes.

8. Account Deletion

Users may request account deletion:

Deletion includes:

  • Firebase account removal
  • Profile data deletion
  • Couple-related data deletion
  • User content deletion

Deletion is irreversible.

9. International Data Transfers

Data is processed using Firebase (Google Cloud).

Servers may be located outside the European Union.

Processing complies with EU Standard Contractual Clauses (SCC).

10. Security

Data is protected through:

  • Firebase Authentication
  • Firestore security rules
  • Encrypted HTTPS/TLS connections

11. User Rights

Under GDPR, users have the right to:

  • Access their data
  • Rectify inaccuracies
  • Request deletion
  • Restrict processing
  • Data portability
  • Object to processing

Users may also lodge a complaint with their local Data Protection Authority.

To exercise rights

email me at matteoperotta7@gmail.com