SubHome — Privacy Policy
Last updated: May 4, 2026
1. Introduction
This Privacy Policy explains how SubHome ("SubHome", "we", "us", "our") collects, uses, stores, and protects your personal data when you use our application and services.
We are committed to protecting your privacy in accordance with:
- The Swiss Federal Act on Data Protection (revDSG / nDSG)
- The EU General Data Protection Regulation (GDPR), where applicable to users in the EU/EEA
- The Swiss Ordinance on Data Protection (DSV)
This policy applies to all SubHome platforms: web (subhome.app), iOS, and Android.
2. Data Controller
The data controller responsible for processing your personal data is:
SubHome
[Your Name / Einzelfirma Name]
[Street Address]
[Postal Code City], Switzerland
Data Protection Contact: privacy@subhome.app
3. Data We Collect
3.1 Account Data
- Email address (required for registration)
- Display name (optional)
- Login credentials (password stored as salted hash only — we never store plaintext passwords)
- Family/household membership and role
3.2 Subscription & Financial Metadata
- Subscription names (e.g., Netflix, Spotify)
- Prices, currencies, and billing cycles
- Renewal and cancellation dates
- Payment method labels (e.g., "Visa ending 4242" — for display only)
- Spending summaries, categories, and analytics
- Value ratings and usage frequency assessments you provide
We do not access your bank account, payment card details, or transaction history unless you explicitly provide this information. We do not connect to your financial institutions.
3.3 Usage Data
- Feature usage patterns (e.g., which screens you visit, AI features used)
- Interaction events (e.g., subscription added, reminder set)
- Timestamps of activity
- Crash reports and error logs
3.4 Device & Technical Data
- IP address (truncated/anonymised where possible)
- Device type and model
- Operating system and version
- App version
- Browser type (web only)
- Language and locale settings
3.5 AI Interaction Data
When you use AI-powered features:
- Text inputs you provide (e.g., questions, cancellation requests, negotiation context)
- Subscription data used as context (names, costs, billing periods, tenure)
- AI-generated outputs (cached for performance)
3.6 Communication Data
When you use features that send emails on your behalf:
- Recipient email addresses you provide
- Email content you review and approve
- Send status and timestamps
3.7 Household / Shared Data
If you use family features:
- Subscription data shared with household members
- Member names and roles within the household
- Shared analytics and spending summaries
3.8 Consent Records
- GDPR/privacy consent status and timestamps
- Marketing communication preferences
- Cookie preferences (web)
4. Purpose of Processing and Legal Basis
| Purpose | Data Used | Legal Basis (GDPR Art. 6) |
|---|---|---|
| Providing the service (account, subscriptions, reminders) | Account data, subscription data | Contract performance (Art. 6(1)(b)) |
| AI-powered features (cancellation guides, negotiation, insights) | AI interaction data, subscription context | Contract performance (Art. 6(1)(b)) |
| Sending emails on your behalf | Communication data | Consent (Art. 6(1)(a)) — per-action consent required |
| Processing payments | Email, country (via Paddle) | Contract performance (Art. 6(1)(b)) |
| Service improvement and analytics | Usage data, device data | Legitimate interest (Art. 6(1)(f)) |
| Security, fraud prevention, and abuse detection | Technical data, usage patterns | Legitimate interest (Art. 6(1)(f)) |
| Legal compliance (tax records, regulatory obligations) | Account data, transaction records | Legal obligation (Art. 6(1)(c)) |
| Marketing communications | Email, name | Consent (Art. 6(1)(a)) |
Under Swiss law (revDSG), processing is lawful unless it constitutes an unlawful violation of personality rights. We process data in accordance with the principles of proportionality, purpose limitation, and transparency.
5. AI Processing and Third-Party Providers
5.1 How AI Features Work
SubHome uses AI models provided by Anthropic (Claude) to power features such as:
- Cancellation guidance and troubleshooting
- Bill negotiation strategies and email drafting
- Savings insights and alternative suggestions
- Subscription parsing from text input
5.2 Data Sent to AI Providers
When you use AI features, the following may be sent to Anthropic's API:
- Subscription names and costs
- Billing periods and tenure information
- Your free-text inputs and questions
The following is never sent to AI providers:
- Your email address or login credentials
- Your name (unless you include it in a negotiation email you explicitly approve)
- Your IP address or device information
- Your payment information
5.3 Data Minimisation
We minimise data sent to AI systems by:
- Sending only the context necessary for the specific feature
- Stripping personally identifiable information before processing
- Using cached responses where possible to reduce repeated processing
5.4 No AI Training
Your data is not used to train AI models. Anthropic's API terms prohibit using customer inputs for model training. We do not provide your data for any training, fine-tuning, or model improvement purposes.
5.5 AI Data Retention
- AI responses are cached in our database for performance (up to 90 days for guides and alternatives)
- Your conversational inputs (chat, help requests) are not stored beyond the session unless you choose to save them
- Cached AI outputs do not contain personal data
6. Payments & Billing
6.1 Paddle (Web Purchases)
Payments made through subhome.app are processed by Paddle.com Market Ltd, acting as Merchant of Record.
- Paddle collects and processes your payment information (card details, billing address)
- SubHome does not receive, store, or have access to your full payment card details
- Paddle provides us with: transaction ID, amount, country, and subscription status
- Paddle processes personal data under its own privacy policy: paddle.com/legal/privacy
6.2 Apple App Store / Google Play (Mobile Purchases)
In-app purchases are processed by Apple or Google respectively.
- SubHome receives only: purchase confirmation, subscription status, and transaction identifiers
- We do not receive your payment card information from Apple or Google
- These purchases are governed by Apple's Privacy Policy or Google's Privacy Policy
7. Data Sharing
We share data with the following categories of recipients:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Anthropic (AI provider) | AI feature processing | Subscription context, user inputs (anonymised) |
| Paddle (payment provider) | Payment processing | Email, country, transaction data |
| Firebase / Google Cloud (infrastructure) | Hosting, database, authentication | All service data (encrypted at rest) |
| Mailgun (email service) | Sending transactional emails on your behalf | Recipient address, email content |
| Apple / Google (app stores) | In-app purchases, push notifications | Device token, purchase status |
All third-party processors are bound by data processing agreements (DPAs) ensuring GDPR-compliant handling of personal data.
We do not:
- Sell your personal data to any third party
- Share your data with advertisers
- Provide your data to data brokers
- Use your data for profiling or automated decision-making with legal effects
8. International Data Transfers
Your data may be processed outside Switzerland or the EU/EEA, specifically:
- United States: Anthropic (AI processing), Google Cloud (infrastructure), Mailgun (email)
- United Kingdom: Paddle (payment processing)
Where data is transferred outside Switzerland or the EU/EEA, we ensure adequate protection through:
- EU Standard Contractual Clauses (SCCs)
- Swiss Federal Council adequacy decisions
- Provider certifications and contractual safeguards
9. Data Retention
| Data Category | Retention Period |
|---|---|
| Account data | Until account deletion + 30 days grace period |
| Subscription data | Until account deletion |
| AI interaction data (cached guides) | Up to 90 days |
| AI conversation history | Session only (not persisted) |
| Usage analytics | 24 months (then anonymised) |
| Communication records (emails sent) | 12 months |
| Payment/invoice records | 10 years (Swiss legal requirement, OR Art. 958f) |
| Security logs | 90 days |
| Consent records | Duration of account + 3 years |
Upon account deletion:
- Your data is removed within 30 days
- Data shared with household members is disassociated from your identity
- Aggregated, anonymised statistics may be retained indefinitely
- Legal retention obligations override deletion requests for the applicable period
10. Your Rights
Under GDPR (EU/EEA residents) and revDSG (Swiss residents)
You have the right to:
- Access your personal data and receive a copy
- Rectify inaccurate or incomplete data
- Delete your data ("right to be forgotten")
- Restrict processing in certain circumstances
- Object to processing based on legitimate interest
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time (without affecting lawfulness of prior processing)
How to Exercise Your Rights
- In-app: Account Settings → Privacy → Data Export / Account Deletion
- By email: privacy@subhome.app
- Response time: We will respond within 30 days (extendable by 60 days for complex requests, with notice)
- Verification: We may verify your identity before processing requests
- Cost: Free of charge (unless requests are manifestly unfounded or excessive)
Data Export
You can export all your data at any time through the app. The export includes: subscriptions, analytics, reminders, settings, and household membership in a machine-readable JSON format.
11. Household / Shared Accounts
If you participate in a shared household:
- Subscription data, spending analytics, and reminders are visible to all household members
- The household owner controls membership and can remove members
- If you leave a household, your individually-owned subscriptions are disassociated from the household
- Each member can independently exercise their data rights
- Deletion of one member's account does not delete shared subscription data that other members also access
12. Cookies and Tracking
12.1 Web Application (subhome.app)
We use the following:
| Cookie/Technology | Purpose | Type | Duration |
|---|---|---|---|
| Session cookie | Authentication | Essential | Session |
| Firebase Auth token | Login state | Essential | 1 hour (refreshed) |
| Consent preference | Remember your cookie choice | Essential | 12 months |
| Analytics (if enabled) | Usage patterns | Non-essential | 24 months |
Essential cookies are required for the service to function and do not require consent.
Non-essential cookies (analytics) are only activated after you provide consent. You can withdraw consent at any time via the cookie settings in the app footer.
12.2 Mobile Applications
Our mobile apps do not use cookies. We use:
- Firebase Analytics (only if you consent during onboarding)
- Firebase Crashlytics (for stability — processes anonymised crash data)
- Push notification tokens (only if you enable notifications)
Analytics is disabled by default and only enabled after explicit user consent (in compliance with GDPR).
13. Security
We implement appropriate technical and organisational measures to protect your data, including:
- Encryption in transit: TLS 1.2+ for all connections
- Encryption at rest: AES-256-GCM field-level encryption for sensitive subscription data
- Key management: Encryption keys stored in platform-specific secure storage (iOS Keychain, Android Keystore)
- Access controls: Role-based access, principle of least privilege
- Authentication: Firebase Authentication with secure password hashing
- Infrastructure: Google Cloud / Firebase with SOC 2 and ISO 27001 certification
- Monitoring: Automated alerting for suspicious activity
- Data isolation: Family-scoped data with Firestore security rules enforcing member-only access
No system is completely secure. If you become aware of a security vulnerability, please report it to security@subhome.app.
14. Children and Minors
SubHome may be used by persons aged 16 and older. Users aged 16–17 require parental or guardian consent.
- We do not knowingly collect data from children under 16
- If we discover that we have collected data from a child under 16 without appropriate consent, we will delete it promptly
- Parents or guardians may contact us to request deletion of a minor's data
For household features, the account owner (who must be 18+) is responsible for ensuring parental consent is obtained for any household members under 18.
15. Automated Decision-Making
SubHome does not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on you.
AI features provide suggestions and information only — all actions (cancellations, negotiations, emails) require your explicit approval and manual confirmation.
16. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or features.
- Material changes: We will notify you at least 14 days in advance via email or in-app notification
- Minor changes: Updated on this page with a revised "Last updated" date
- Your choice: If you disagree with changes, you may delete your account before they take effect
Continued use of SubHome after the effective date of changes constitutes acceptance of the revised policy.
17. Contact
For privacy questions, data requests, or concerns:
Privacy inquiries: privacy@subhome.app
Security issues: security@subhome.app
General contact: legal@subhome.app
Address: [Your Einzelfirma Name], [Street Address], [Postal Code City], Switzerland
18. Supervisory Authority and Complaints
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority.
In Switzerland:
Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1, 3003 Bern
https://www.edoeb.admin.ch
In the EU/EEA:
You may contact the data protection authority in your country of residence. A list of EU authorities is available at: edpb.europa.eu/about-edpb/about-edpb/members_en
We encourage you to contact us first at privacy@subhome.app so we can attempt to resolve your concern directly.