Privacy Policy Summary

To make our privacy policy easier to digest, here is a quick summary of key points. This does not replace the full Privacy Policy, which you can read below.
Do we share your data?

Absolutely not!
We don't sell data, we don't even know how.

What do we collect?

We store your scraps, access keys, and timestamps so you can access them later.

IP & API Usage Logging

We log IPs and API usage to prevent spam and keep Rubiš fast, stable and safe.

Payments (If Applicable)

We don't store payment details - only the API key linked to your Paddle account.

Retention & Deletion

Scraps don't expire by default - delete them manually or set an expiry.

Data Security

Scraps are protected and private by default.

Rubiš Privacy Policy

Effective date: 6th April, 2025

Rubiš respects your privacy. In fact, we collect almost nothing. This document explains what minimal data we do collect, why we collect it, and how we handle it.

1. What data do we collect and why?

Scraps: When you create a scrap, we store its content and any associated access keys or metadata (e.g. timestamps). This is so that you can access them later - that's it!

IP Addresses: We log IP addresses for basic operation and abuse prevention. This helps keep Rubiš fast, stable, and free from spam and malicious activities.

API Usage Data: We track API usage to prevent people from abusing and spamming the service into oblivion (via RubisGuard™).

Payments (if applicable): If you purchase a paid plan, transactions, billing, and taxes are handled entirely by Paddle. We do not store your payment details, and we only store what's necessary for API authentication (e.g. linking an access key to your Paddle account).

2. Do we share your data?

No. We don't even know how to sell your data - who the hell buys it?

The only third party involved is Paddle for payment processing, and they have their own privacy policy. If you buy something, your data is handled by them, not us.

3. Retention & Deletion

Scraps: Currently, scraps do not expire automatically. If you want them deleted, delete them manually or use the planned expiry feature.

IP Addresses & API Usage Data: Stored for a limited time to prevent abuse and rate-limit violations.

Payments (if applicable): Paddle handles this, not us.

We may periodically clear outdated data, but we make no guarantees about how long scraps are stored unless you set an explicit expiry.

4. Your Rights

We believe in keeping things simple, so here's what you can do:

Delete your scraps: If you no longer want a scrap stored, you can delete it manually through the API or the Rubiš website, provided you have the owner key to a scrap.

Use a private scrap: Scraps are private by default unless you specifically set them to public.

Opt out of payments: Don't want Paddle to store any payment metadata? Don't buy a plan. 🤷🏻

Request deletion of associated metadata: If you believe we hold any metadata about you that should be removed, please contact us.

5. Data Security

We do our best to keep your data safe. Scraps are private by default, and we do not expose sensitive data to third parties.
However, security via obscurity isn't a real security measure - so don't paste sensitive info in public scraps even if it doesn't have any context.

RubisGuard automatically detects and mitigates abuse. This ensures that bad actors are blocked, keeping the service reliable for legitimate users.

6. Changes to this policy

If we update this privacy policy, we will try to notify users via Discord announcements and Mastodon.

7. Contact Information

For any inquiries or concerns regarding these policies, please contact us.