BubbleExport - Bubble App Export Service

Privacy Policy

How we collect, use, and protect your information — including your Bubble app data.

Last updated: February 1, 2026

1. Information We Collect

We collect different types of information depending on how you interact with us:

Information you provide directly

  • Contact information: Name, email address, and company name when you book a consultation, submit a contact form, or sign up for our email list
  • Project information: Details about your Bubble app (URL, number of pages, features, plugins used) shared during consultation
  • Payment information: Billing details processed securely through Stripe — we never store your full credit card number on our servers
  • Communication: Emails, messages, and notes from our conversations about your project

Bubble app data (during export projects)

When you engage us for an export project, we require temporary access to your Bubble app. During this process, we may access:

  • Your Bubble app’s page structure, workflows, and design elements
  • Database schema (table structures, field types, relationships)
  • API configurations and plugin settings
  • Sample data for testing purposes (we do not access or migrate your full production database unless specifically agreed)

Information collected automatically

  • Website analytics: Pages visited, time on site, referral source, and device type (collected via Vercel Analytics)
  • Cookies: Essential cookies for site functionality and optional analytics cookies (see Section 6)

2. How We Use Your Information

  • To deliver our service: Accessing your Bubble app, converting it to code, and delivering the finished project
  • To communicate with you: Project updates, consultation scheduling, support requests, and responding to inquiries
  • To process payments: Invoicing and payment collection through Stripe
  • To improve our service: Anonymized, aggregated analytics to understand how visitors use our website and to improve the export process
  • To send relevant updates: If you opt in, occasional emails about Bubble migration tips, service updates, or new offerings (you can unsubscribe at any time)
  • To comply with legal obligations: Tax reporting, legal requests, and fraud prevention

3. How We Handle Your Bubble App Data

We understand that your Bubble app contains proprietary business logic and potentially sensitive user data. Here is exactly how we handle it:

  • Access is temporary: We access your Bubble app only for the duration of the export project
  • Minimal data principle: We only access the data necessary to complete the export (structure and schema, not your users’ personal data)
  • Encrypted storage: Any data downloaded during the export process is stored on encrypted, access-controlled systems
  • Deletion after completion: All client app data, credentials, and working files are permanently deleted within 14 days of project completion
  • No data reuse: We will never use your app’s business logic, design, or data to build competing products or share with other clients
  • Limited access: Only team members directly working on your project will have access to your app data

If your app handles sensitive data (health records, financial data, etc.) and you have specific compliance requirements, please let us know during consultation so we can accommodate additional safeguards.

4. Third-Party Services

We use the following third-party services that may process your information:

  • Stripe (payments) — Processes your payment information securely. Stripe is PCI DSS Level 1 certified. Stripe Privacy Policy
  • Calendly (scheduling) — Processes your name and email when you book a consultation. Calendly Privacy Policy
  • Vercel (hosting & analytics) — Hosts our website and collects anonymized analytics. Vercel Privacy Policy
  • Slack (internal communication) — Contact form submissions are routed to our internal Slack for faster response times. Your message content and contact details are transmitted via Slack’s API.

We do not sell, rent, or trade your personal information to any third party. The services listed above receive only the minimum information necessary to perform their function.

5. Data Retention

  • Contact information: Retained for as long as we have a business relationship or until you request deletion
  • Project files and Bubble app data: Permanently deleted within 14 days of project completion
  • Payment records: Retained for 7 years as required by tax and accounting regulations
  • Email list subscribers: Retained until you unsubscribe
  • Website analytics: Aggregated data retained indefinitely; individual session data retained per Vercel’s standard retention policy

6. Cookies

Our website uses a minimal number of cookies:

  • Essential cookies: Required for site functionality (theme preference, session management). These cannot be disabled.
  • Analytics cookies: Used by Vercel Analytics to understand site traffic in aggregate. These do not track you across other websites and do not collect personally identifiable information.

We do not use advertising cookies, retargeting pixels, or any third-party tracking scripts. You can control cookie settings through your browser preferences.

7. Your Rights

Regardless of where you are located, you have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Objection: Object to processing of your information for marketing purposes
  • Withdraw consent: Withdraw previously given consent at any time (e.g., unsubscribe from emails)

To exercise any of these rights, email us at hello@bubblexport.com. We will respond within 30 days.

For EU/EEA residents (GDPR)

Our legal basis for processing your personal data is: (a) contractual necessity (to deliver the export service you purchased), (b) legitimate interest (to improve our service and communicate with you), and (c) consent (for marketing emails). You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

For California residents (CCPA)

We do not sell your personal information. You have the right to know what personal information we collect, request its deletion, and not be discriminated against for exercising your privacy rights.

8. Data Security

We implement the following measures to protect your information:

  • All data in transit is encrypted via TLS/HTTPS
  • Access to client data is restricted to authorized team members only
  • Credentials and sensitive information are stored in encrypted vaults
  • Client app data is permanently deleted within 14 days of project completion

No method of electronic transmission or storage is 100% secure. If we become aware of a data breach that affects your personal information, we will notify you within 72 hours.

9. Children’s Privacy

Our service is designed for businesses and is not directed at individuals under 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated “Last updated” date. We will notify existing clients of material changes via email. Changes do not apply retroactively to data already collected under a previous version of this policy.

11. Contact Us

If you have any questions about this privacy policy or how we handle your data, contact us at hello@bubblexport.com or visit our contact page.

AB
Made byAbhi