Privacy Policy – Label Master
Last updated: 12 Aug 2025
Who we are
Label Master (Hubert Worsztynowicz).
Contact: trebuh23+labelmastersupport@gmail.com
This Privacy Policy explains how we collect, use, share and protect personal data in the Label Master mobile application and related services (together: the “Service”). The Service is intended for business users (restaurants/branches managed by a “Super Owner”). The app uses Google Play Billing, Firebase/Google Cloud, and our own backend hosted on Google Cloud Run & Pub/Sub.
Account data: e-mail address, password (hashed by Firebase Auth), display/user name, company name, role (owner/admin/user), optional profile info.
Organization (Super Owner): company name, license plan and validity dates, number of branches, subscription choices.
Support/feedback: rating, message content and timestamps.
Delete-my-data requests: confirmation e-mail, minimal verification data.
Technical logs: app version, device model, OS version, timestamps, coarse IP at the time of request, request/response metadata.
Activity logs (security/audit): user ID, timestamp, device ID, key app events (e.g., sign-in/out, plan change, print job started/completed).
Crash/diagnostics (if enabled on your device).
Purchase tokens and related identifiers (productId, offerId, orderId where available) provided by Google Play.
Subscription events delivered via Real-Time Developer Notifications (RTDN) from Google Play (e.g., purchased, renewed, canceled, expired).
Corporate licensing: we store a mapping of purchaseToken → organizationId to activate/maintain your corporate license.
Label/print metadata: printer/device identifiers, print job timestamps, counts and error codes (no label contents are analyzed by us).
Optional features (only if you use them):
Camera (e.g., barcode scanning) — images are processed locally; we do not store photos.
Bluetooth / local network — to connect to printers.
Notifications — to inform about license status or important updates.
We do not collect precise geolocation. We do not process special category data under GDPR.
Provide and operate the Service (account, authentication, printing, license management) — Art. 6(1)(b) contract.
Billing & subscriptions (purchase verification, fraud prevention, invoices/audit) — contract and legal obligation (tax/accounting).
Security & abuse prevention (activity logs, rate limiting) — legitimate interests Art. 6(1)(f).
Improve the Service (diagnostics, crash logs, UX analytics where enabled) — legitimate interests or consent where required.
Compliance & enforcement (terms, legal requests) — legal obligation and legitimate interests.
Create and maintain user and organization accounts.
Link Google Play purchases to the correct organization and activate/extend licenses.
Show your plan, renewal/expiry date, and branch limits.
Secure the Service, detect abuse, and generate usage/audit reports for the Super Owner.
Provide support and handle your requests (including delete-my-data).
We share data only as needed to run the Service:
Google (processors):
Firebase Authentication (auth), Firestore/Storage (data storage),
Cloud Run & Pub/Sub (backend event handling),
Google Play Billing (payments & RTDN).
All under Google’s data-processing terms and Google-managed encryption at rest and in transit.
Payment platform: Google Play — receives and processes purchase information according to its own policies.
Service providers (IT/security/monitoring) — strictly necessary, bound by contracts and confidentiality.
Legal/compliance: when required by applicable law or to protect our rights/users’ safety.
We never sell personal data.
Data may be processed on Google infrastructure in the EEA and/or other regions (e.g., US), depending on your project’s region. Where required, we rely on Standard Contractual Clauses (SCCs) and additional safeguards.
Account & organization data: for the life of the account; upon deletion we erase or irreversibly pseudonymize backups within routine cycles.
Billing/subscription records: for the subscription term + up to 6 years (accounting/legal).
Purchase token ↔ organization mapping: subscription term + up to 24 months (disputes/fraud).
Activity & print logs (metadata): up to 12 months, unless needed longer for security or legal purposes.
Support/feedback: up to 24 months.
We apply industry-standard safeguards including TLS in transit, Google-managed encryption at rest, least-privilege access (IAM), monitoring, and audit logs. No method is 100% secure; please use a strong password and keep your device updated.
Depending on your location (e.g., GDPR/UK GDPR, CCPA/CPRA) you may have rights to:
access, rectify, erase, or port your data;
restrict or object to processing (including where we rely on legitimate interests);
withdraw consent at any time (does not affect prior processing);
not be subject to automated decisions producing legal effects (we do not perform such profiling);
CCPA/CPRA: right to know, delete, correct, and opt-out of “sale”/“sharing” (we do not “sell” or “share” within the CPRA meaning).
To exercise rights: use in-app options (see below) or contact us at [privacy@twojadomena.com]. We may ask for verification.
Edit profile: e-mail/company name can be updated in Profile → Edit.
Change plan / purchase: handled via Google Play Billing.
Delete my data: Profile → Delete My Data permanently removes your Super Owner account and detaches subordinate users/devices.
Uninstall: removes local app data on your device (cloud data remains until you request deletion as above).
The Service is not directed to children. You must be at least 16 in the EEA/UK (or 13 in the US) to use the app. If you believe a child has provided data, contact us to remove it.
We do not use cookies in the mobile app. Our website (if used) may use essential and analytics cookies — see the website banner/policy. The app uses Google SDKs (Firebase, Google Play Billing); these SDKs may collect device and service usage information as described in Google’s documentation.
The Service may link to external sites we don’t control. Their privacy practices are governed by their own policies.
We may update this Policy from time to time. We will post the new version in the app and update the “Effective date”. Material changes may be notified in-app or by e-mail.
Controller: Hubert Worsztynowicz
Purposes: authentication; license & billing; security auditing; app operation; support.
Categories of data: account/contact; organization/license; purchase tokens & order IDs; device/diagnostic logs; print metadata.
Data subjects: business users (owners/admins/users) and their staff.
Recipients/processors: Google (Firebase, Cloud Run, Pub/Sub, Play Billing).
Transfers: possibly outside EEA with SCCs.
Retention: see Section 7.
Security: encryption, IAM, logging, monitoring, least privilege.