This page explains what data CubTime collects, why we collect it, and what you can do about it. We’ve tried to write it in plain English. If anything is unclear, email hello@cubtime.com and we’ll fix the wording.
The Short Version
- CubTime is a parental-control app. Parents sign up, add children as family members, and install agents on their children’s devices.
- The agent records which apps and windows the child uses, and for how long. The parent sees that. Nobody else does.
- We never sell your data and never share it with advertisers. We do not use it to train AI models.
- We use a small set of trusted services (Stripe for payments, Hetzner for hosting, Google for Android push notifications). They process data on our behalf, under contract.
- You can export or delete everything from your account settings, or by emailing us.
Who we are
CubTime is operated under the trading name LevelUp B3 (“CubTime”, “we”, “us”). We are the data controller for personal data processed through the CubTime apps and website. A formal company registration is in progress; this page will be updated with the registered entity name and address once that is complete.
Contact: hello@cubtime.com
Who’s in the picture
Three roles to keep clear:
- The parent or guardian — creates the CubTime account, sets up the family, and consents to processing on behalf of their child. They are the account holder.
- The child — added by the parent as a “family member”. Children do not sign up themselves and do not enter any data into CubTime directly. We collect data about the child’s device use, on the parent’s instruction.
- The managed device — a Windows PC, Android phone, or tablet that the parent has placed under management. The CubTime agent runs on the device and reports activity.
What we collect
Only what’s needed for the app to do its job.
About the parent / account holder
- Email address, password (stored as a one-way hash, never in plain text)
- Account language and locale preference
- If you turn on multi-factor authentication, an encrypted TOTP secret
- Login activity (timestamps, failed-login counts) for security
- Subscription state and billing identifiers if you subscribe — we never store card numbers; Stripe handles that
- Device push token, if you’ve installed the parent app and enabled notifications
About the family
- The names you give to your family group and family members
- Optional: a birthday for each child member, used to give age-appropriate defaults
- Optional: an email address, if you invite a family member as a separate user
About managed devices
- Device name and identifier — on Windows, the computer hostname; on Android, the device model and the platform-provided
ANDROID_ID(a per-app, per-device identifier that does not contain any other personal information) - Agent version, last-seen timestamp
- The settings you choose for that device (e.g. whether to pause tracking when idle)
- An API key generated when the device is paired with your family. The agent stores this locally in encrypted storage (Android
EncryptedSharedPreferenceswith AES‑256, or the equivalent on Windows) so it can authenticate with our server without storing any password on the device.
About activity on the managed device
The exact data the agent reads depends on the operating system, because Windows and Android expose different information:
- Windows: the agent reads the name of the application in the foreground (e.g.
chrome.exe,RobloxPlayerBeta.exe) and the title of its active window (which can include document names or website page titles). Please be aware of this when setting up the agent. - Android: the agent reads only the package name of the app in the foreground (e.g.
com.android.chrome,com.roblox.client) and how long it has been in the foreground. Android does not expose window titles to other apps, so we cannot and do not collect them.
In addition, on both platforms:
- How long each app was in the foreground
- Whether an attempt to use the device was blocked by a schedule or time limit
- Daily totals: minutes used per child per day, plus a per-app breakdown
Android permissions used by the child agent
The agent requests several Android permissions to do its job. Each is shown to the child during onboarding with a plain-language explanation before the system permission dialog appears. The permissions and what they do:
| Permission | What we use it for | What we do not do with it |
|---|---|---|
Usage Access (PACKAGE_USAGE_STATS) |
Read the package name of the foreground app and how long it’s been there, so we can enforce screen-time limits and the schedule. | We do not read passwords, messages, photos, browsing history, or any content inside apps. |
Display over other apps (SYSTEM_ALERT_WINDOW) |
Display a CubTime lock screen on top of other apps when the time limit is reached or you’re outside allowed hours. | We do not record, capture, or transmit anything that’s on the screen underneath. The overlay only displays. |
Battery exemption (REQUEST_IGNORE_BATTERY_OPTIMIZATIONS) |
Keep the agent running in the background so screen-time tracking continues when the phone is idle. | This permission grants no additional data access. It only changes how aggressively Android may stop our background process. |
Device administrator (BIND_DEVICE_ADMIN) |
Adds an extra step before the agent can be uninstalled, so the parent can be alerted. The receiver is registered solely for this uninstall friction; no admin policy is exercised at runtime. | We do not lock the device, wipe data, change passwords, or use any other device-admin capability. |
Foreground service (FOREGROUND_SERVICE, FOREGROUND_SERVICE_SPECIAL_USE) |
Run the screen-time monitor as a foreground service. Android shows a persistent notification while it’s running, which is required by the platform. | — |
Boot complete (RECEIVE_BOOT_COMPLETED) |
Restart the monitor automatically after the device reboots. | — |
Internet (INTERNET) |
Send the data described above to your family’s CubTime account on cubtime.com over HTTPS. | — |
Install packages (REQUEST_INSTALL_PACKAGES) |
Install agent updates that we deliver from updates.cubtime.com. The Android system shows a confirmation dialog before each install. |
We do not install any third-party app. |
Server-side logs (security only)
- IP addresses, request timestamps, and basic request metadata, kept for a short period to investigate abuse and security incidents.
What we do not collect
- The contents of documents, messages, or websites — only what the operating system already shows in the title bar of the active window
- Microphone, camera, or screen recordings
- Browsing history beyond the active page title
- Location, unless you have explicitly enabled location sharing on a device
- Anything from devices that are not registered to your CubTime family
Why we collect it (lawful basis)
Under UK GDPR Article 6, we rely on:
- Performance of a contract — account, family, device, schedule, and limit data are processed to deliver the service you’ve signed up for. (Art. 6(1)(b))
- Legitimate interests — activity monitoring is performed in pursuit of the parent’s legitimate interest in safeguarding their child online, balanced against the child’s right to privacy. We pause tracking when the device is idle, collect only what’s needed for the parent to make decisions, and never share with third parties for their own purposes.
- Legal obligation — for example, retaining billing records for tax purposes.
- Consent — for optional features such as marketing emails. You can withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
Children’s data
CubTime is, by design, a service that collects data about children, on a parent’s instruction. We’ve aligned our handling with the UK Information Commissioner’s Age Appropriate Design Code (Children’s Code) and US COPPA:
- We do not market to children. The app the child interacts with is the agent — it shows time remaining and lock screens, and nothing else.
- A verified parent or guardian creates the account, adds the child as a family member, and decides what to monitor. Children do not sign up.
- We collect only what’s necessary to give the parent the information they need to set healthy boundaries. We do not enrich child profiles, build behavioural models for advertising, or share child data with anyone outside our processing chain.
- We will delete a child’s data on the parent’s request, or on the child’s own request when they are legally able to make one.
If we ever change anything material about how we handle children’s data, we’ll update this policy and notify account holders.
Who we share data with
We use a small set of trusted “sub-processors” that handle data on our behalf under contract. None of them are permitted to use your data for their own purposes.
| Service | What they do | Where |
|---|---|---|
| Contabo GmbH | Hosts the CubTime backend, database, and update server | Germany (EU) |
| Stripe | Processes subscription payments | Ireland (EU) / United States, with Standard Contractual Clauses |
| Fastmail Pty Ltd | Sends transactional email (verification, password reset, family invites) and hosts our administrative inboxes | Australia, with appropriate transfer safeguards |
| GoDaddy | DNS and domain registration for cubtime.com | United States, with appropriate transfer safeguards |
| Google (Firebase Cloud Messaging) | Delivers push notifications to the parent app on Android. Push notifications themselves contain only generic prompts (e.g. “new extension request”), never personal content. | United States, with Standard Contractual Clauses |
| Google Play | Distributes our Android apps and the agent updates we publish there | United States, governed by Google’s terms |
We do not share data with advertisers, data brokers, or analytics companies. We do not sell your data. We do not use your data to train AI models.
We may disclose data if compelled by a valid legal request (e.g. a court order), but only what is strictly required, and we will inform you unless legally prohibited from doing so.
Where your data is stored
Primary storage is in Germany (Contabo). Backups are encrypted and held in the same region. Some sub-processors operate from outside the UK and EU; in those cases we rely on the UK Government’s adequacy regulations or Standard Contractual Clauses to ensure your data remains protected to UK / EU standards.
How long we keep it
| Data | Retention |
|---|---|
| Account, family, device, schedule, and limit configuration | While your account is active. Deleted within 30 days of account closure. |
| Activity events (app names, window titles, durations) | 90 days, then deleted. Daily aggregates are kept while the account is active. |
| Daily usage aggregates | While your account is active. Deleted within 30 days of account closure. |
| Server access logs | 90 days. |
| Backups | Encrypted, retained for 30 days, then overwritten. |
| Billing records | 7 years, as required by HMRC for UK tax purposes. |
You can request earlier deletion at any time — see Your rights below.
Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you (and your children).
- Rectify anything that’s wrong.
- Delete (“right to be forgotten”) your account and the data associated with it.
- Port your data to another service in a structured, machine-readable form.
- Restrict or object to certain types of processing.
- Withdraw consent for any processing that is based on consent (such as marketing emails), without affecting the lawfulness of processing before withdrawal.
- Complain to the UK Information Commissioner’s Office at ico.org.uk, or to your local supervisory authority if you’re outside the UK.
The fastest way to exercise these rights is from your account settings — there are direct controls for export and deletion. Or email hello@cubtime.com and we’ll respond within 30 days.
Security
We take security seriously and try to be honest about where we are:
- In transit: all connections to our servers use HTTPS (TLS 1.2+).
- Authentication: passwords are stored using bcrypt one-way hashing. Multi-factor authentication is available and recommended.
- At rest: as of the effective date of this policy, application data on our database is protected by underlying disk and operating-system controls. Encryption-at-rest at the database or column level is on our roadmap; this section will be updated when implemented. Backups are encrypted.
- Access controls: database access is restricted to a small number of named individuals on least-privilege principles.
- Monitoring: server access is logged; suspicious patterns trigger alerts.
- Independent review: we have an independent security review planned before broad public release.
If you discover a security issue, please email security@cubtime.com before disclosing publicly. We’ll acknowledge within 48 hours.
Cookies and similar technologies
The CubTime website uses a small number of essential cookies for the sign-in flow and to remember your preferences. We do not use third-party analytics cookies, advertising cookies, or tracking pixels on our website. The CubTime apps (parent and child) do not use cookies as such, but they store data locally on the device to function (account session, cached settings, queued usage data when offline).
Changes to this policy
If we change anything material about how we handle data, we’ll:
- Update the “Effective” and “Last updated” dates at the top.
- Notify account holders by email at least 30 days before the change takes effect.
- Keep older versions available on request.
Minor wording changes (typo fixes, layout updates) won’t trigger a notification.
How to contact us
| General privacy questions | hello@cubtime.com |
| Security issues | security@cubtime.com |
| UK supervisory authority | Information Commissioner’s Office (ICO) |