unbub.dev

Privacy Policy

Privacy Policy

This Privacy Policy explains what unbub.dev collects and processes in connection with its Bubble migration products, account and workspace usage, public preview flows, and pre-sales migration inquiries.

Last updated: May 15, 2026Operator: Ricardo Loureiro Nunes de Carvalhoricardo.lncarvalho@gmail.com

Trademark disclaimer

1. Who controls the data

The controller for data handled through unbub.dev is Ricardo Loureiro Nunes de Carvalho.

For privacy questions or requests, contact ricardo.lncarvalho@gmail.com.

2. What information we collect

Depending on how you use unbub.dev, we may collect and process:

  • Account data such as your email address, authentication provider, signup metadata, and OAuth avatar metadata where available.
  • Workspace and project data such as project name, Bubble app URL, and project membership or role information.
  • Credentials and configuration such as Bubble API keys, Postgres connection strings, Supabase project refs, and Supabase secret keys.
  • Migration-related data such as schema information, records, files, user-account mappings, sync history, run history, and operational logs where needed for the product.
  • Public preview data such as page names, visible data types, option sets, favicon metadata, and app name information from public Bubble app URLs.
  • Lead intake data such as email, Bubble app URL, project summary, timeline, preferred stack or PostgreSQL target, and source page when you submit a migration request form.

3. How we use it

  • To create and manage accounts, projects, and workspaces.
  • To authenticate users through email, Google, GitHub, and related account flows.
  • To validate setup requirements, credentials, and destination connectivity.
  • To run previews, migrations, syncs, troubleshooting steps, and related product workflows.
  • To show run history, sync history, and operational logs inside the product.
  • To process pre-sales migration requests and handle scheduling or service inquiries.
  • To maintain security, prevent abuse, comply with legal obligations, and resolve disputes.

4. Migration data and credentials

unbub.dev may read and process schema information, records, files, user-account information, and related app data that you make available through your Bubble app, APIs, storage, and destination systems in order to perform migration, sync, validation, and troubleshooting tasks.

Supported project credentials are stored encrypted and are not returned to the frontend after they are saved. Access to those credentials is limited to what is reasonably necessary to operate the product, troubleshoot issues, and maintain security. We also employ secure key-management controls for the encryption keys used to protect those credentials.

You can further reduce risk by rotating or regenerating the underlying Bubble, Supabase, or database credentials whenever that is appropriate for your environment.

5. Public preview data

If you submit a public Bubble app URL to the preview flow, unbub.dev may fetch and store metadata that is already publicly reachable from that URL, including page names, visible data types, option sets, favicon metadata, and app name information.

Because this preview data comes from public Bubble URLs, it is not private in the same way as authenticated project configuration or migration data.

6. Third-party services

We share data with third-party service providers that help us operate unbub.dev and deliver its products and related workflows. These include:

  • Supabase — authentication, database, and related platform services.
  • Bubble — source app access, APIs, and migration-related data flows.
  • Google — OAuth authentication.
  • GitHub — OAuth authentication.
  • Cal.com — scheduling.
  • Stripe — checkout and payment processing.
  • PostHog — product analytics.
  • Railway and Vercel — hosting and infrastructure.
  • Additional providers — infrastructure, storage, analytics, and support services that help operate the product as it evolves.

These providers only process your data as necessary to provide their services to us and are bound by their own privacy policies and, where applicable, data processing agreements.

We do not sell your personal data. We do not share your personal data with third parties for their own marketing purposes.

7. Retention and deletion

We keep account, project, preview, lead, and operational data for as long as reasonably needed to operate the product, provide support, maintain security, comply with legal obligations, and resolve disputes.

Where product controls exist, you may delete your account or projects, remove stored credentials, and revoke access by rotating or regenerating the underlying Bubble, Supabase, or database credentials. If you need additional privacy-related cleanup, you can contact us at ricardo.lncarvalho@gmail.com.

8. Your rights

Subject to applicable law, you may have rights to:

  • Access your personal data.
  • Correct inaccurate data.
  • Request deletion of personal data.
  • Object to or request restriction of certain processing.
  • Request portability where applicable.
  • Complain to a supervisory authority, including the CNPD in Portugal if appropriate.

9. Contact

For privacy questions or requests, contact ricardo.lncarvalho@gmail.com.

unbub.dev is currently a personal beta project operated from Portugal.