Privacy Policy
Last updated: February 15, 2026
The short version: Lugs is local-first. Your watch collection lives on your device. There is no account, no signup, no email, and no login. We don't know who you are. Cloud sync is an optional Premium feature - when enabled, your data is hosted in the EU.
1. Who We Are
Lugs is developed by Ovidiu-Cristian Damian, an independent developer based in Romania. For questions about this policy or your data:
Email: damian@leveluplabs.eu
2. Data We Collect
Data you provide:
- Watch collection information (brands, models, serial numbers, photos, purchase details, service records)
- Wear tracking data and accuracy measurements
- Wishlist items and market valuations
Data collected automatically:
- Device identifier (anonymous UUID) - for app functionality, rate limiting, and promo code tracking
- App usage analytics (screens viewed, features used) via PostHog (EU) - to improve the app
- Crash reports and error logs via Sentry (EU) - to fix bugs
- Device type and OS version - for compatibility
What we do NOT collect:
- Email addresses - there is no signup or account creation
- Phone numbers
- Names or any personal identity information
- Location data
3. Legal Basis for Processing (GDPR)
- Legitimate interest: Core app functionality (storing and displaying your watch collection, wear logs, service records). This is the data you explicitly enter for the app to work.
- Consent: Optional cloud sync to Supabase, analytics via PostHog. You can opt out at any time.
- Contract performance: Processing premium subscription purchases via RevenueCat and the app stores.
4. Data Storage
- Local storage: All watch data is stored locally on your device using SQLite. The app works fully offline. This is the default for all users.
- Cloud sync (optional, Premium only): If you enable cloud sync, data is synced to Supabase, hosted in the EU (Frankfurt, Germany). No separate login is required - your device is identified by an anonymous UUID.
- Photos: Watch photos are stored on your device. If cloud sync is enabled, photos may be uploaded to secure cloud storage in the EU.
- Security: All data in transit is encrypted via HTTPS/TLS.
5. How We Use Your Data
- To provide and maintain the app's core functionality
- To sync your collection across devices (if you opt in to Premium cloud sync)
- To process premium subscriptions
- To generate insurance documents and export data at your request
- To improve app performance and fix bugs (via analytics and crash reports)
- To prevent abuse (rate limiting via device identifier)
6. Third-Party Services
We do not sell, rent, or share your personal data for advertising or marketing. Your watch collection is yours.
We use the following service providers solely to operate the app:
- Supabase (EU - Frankfurt) - cloud database for synced data (privacy policy)
- PostHog (EU) - anonymous usage analytics (privacy policy)
- Sentry (EU) - crash reporting and diagnostics (privacy policy)
- RevenueCat - subscription management (privacy policy)
- Apple App Store / Google Play - payment processing for premium purchases
7. International Data Transfers
All primary data processing occurs within the EU. RevenueCat may process some subscription-related data in the United States under standard contractual clauses. No watch collection data leaves the EU.
8. Your Rights
Under GDPR and applicable data protection laws, you have the right to:
- Access your data - export your full collection anytime (JSON/CSV) from within the app
- Delete your data - use "Delete My Data" in the app's Profile settings, or email us
- Portability - export and take your data with you in standard formats
- Rectification - correct any inaccurate data directly in the app
- Withdraw consent - disable cloud sync or analytics at any time in Settings
- Lodge a complaint with Romania's data protection authority (ANSPDCP) at www.dataprotection.ro
Since there is no account, local data is entirely under your control. Uninstalling the app removes all local data. Cloud-synced data can be deleted from the app settings or by emailing us.
9. Data Retention
Local data remains on your device until you delete it or uninstall the app. Cloud-synced data (Premium only) is retained while sync is active. If you request deletion, all cloud data is permanently removed within 30 days.
10. Children's Privacy
Lugs is not directed at children under 16. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this policy from time to time. Significant changes will be communicated through the app. Continued use of the app after changes constitutes acceptance of the updated policy.