Privacy Policy

Overview

Unbubble News is a fact-checking and context tool. Users submit content — a URL, text, or images — to be analyzed, and the generated report can be saved to their account and shared via a link. The Service is available via our website, browser extension, and other integrations (such as messaging bots, email forwarding, and developer APIs).

Browser extension

The Unbubble News browser extension allows you to analyze articles directly from your browser. This section describes the specific data practices of the extension.

• Authentication tokens: when you connect your Unbubble News account, the extension stores an authentication token locally in your browser (using the browser's storage API). This token is used to authenticate requests to our servers. The token is never shared with third parties.

• Page content extraction: when you explicitly request an analysis (by clicking the extension icon or using the context menu), the extension extracts the article content from the current page and sends it to our servers for analysis. We only access page content when you explicitly request it.

• Language preferences: your preferred language setting is stored locally in your browser.

The extension requires certain browser permissions (activeTab, scripting, storage, contextMenus) solely to provide its functionality. These permissions are used only when you explicitly interact with the extension.

Data controller

Carlo Martinucci
Via Fulvio Testi 1, 35125 Padova (PD) - Italy
Email: legal@unbubble.news

What data we collect and process

• Authentication / account data: when you sign in with Google or via a magic link (email-based passwordless login), we receive and store your email address, name (when available), profile image (when available), and provider identifiers to create and manage your account.

• Report input data: the content you submit for analysis — a URL, text, or images. When using the browser extension, this may also include article content extracted from the page. When using messaging bots (e.g. Telegram) or email forwarding, this includes the content of your messages or forwarded emails.

• Page metadata: we may fetch the target URL to extract basic publicly available metadata (e.g., Open Graph title/description/image/site name) to improve presentation and context.

• Generated report data: the report output (e.g., summary, key facts with verdicts, contextual points, viewpoints, language) plus operational metadata (report ID, timestamps, status).

• Issue reports and messages: if you contact us or report a problem, we process the content you submit (e.g., name, email, message) and any details you provide about the report or URL.

• Communications and email notifications: if you opt in or interact with certain features, we may send you service notifications (e.g. when a report is ready), daily news digests, product updates, and — with your explicit consent — marketing communications. You can manage your email preferences in your account settings or via unsubscribe links in each email. We also track email delivery events (bounces, opens) to maintain list health and automatically disable delivery after repeated bounces.

• Messaging bot data: if you interact with the Service via a messaging bot (e.g. Telegram), we process your messaging platform user ID, language preference, and the content of your messages. If you link your messaging account to your Unbubble account, your platform user ID is stored alongside your account data.

• Email forwarding data: if you generate a personal forwarding email address, emails you forward to that address are processed to extract content for analysis. We process the email subject and body. The forwarding address can be revoked at any time from your settings.

• Third-party integrations (OAuth): if you authorize a third-party application to access Unbubble on your behalf, we store the authorization details (client identifier, scope, and your email). You can revoke third-party access at any time.

• Interactive features and surveys: if you participate in interactive analyses, discussions, or surveys, we store your responses (such as stance selections, argument ratings, and survey answers) to provide you with a record of your sessions. This data is only used in aggregate form to improve the Service.

• Technical identifiers & usage analytics: we set a first-party cookie unbubble_visitor_id (random UUID) and store usage events such as page views, report creation and status, share clicks, source clicks, feature interactions, form submissions, rate-limit encounters, email opens, and email bounces. We also collect HTTP referrer, UTM campaign parameters, presence of advertising click IDs, device type inferred from User-Agent, and automated bot detection signals.

Please do not include sensitive personal data in the content you submit. We do not intentionally collect special categories of personal data.

How we use data (purposes) and legal bases

• Provide the service (contract): to generate reports, display them, and save them to your account.

• Account management (contract / legitimate interests): to authenticate you and maintain your profile and access.

• Security and abuse prevention (legitimate interests): to protect the service and users.

• Product analytics and improvements (legitimate interests): to understand usage patterns and improve reliability and UX.

• Support and issue handling (legitimate interests / contract): to respond to messages and improve report quality.

• Email communications (consent / legitimate interests): to send service notifications, daily news digests, product updates, and — with your explicit consent — marketing communications.

• Legal obligations (legal obligation): to comply with applicable laws and requests.

Cookies & analytics

We use a first-party cookie to support basic analytics and security:

• unbubble_visitor_id (first-party, 1 year): stores a random UUID used to recognize a browser across visits. It does not store your name or email.

When you sign in, the authentication framework sets session cookies strictly for session management. These are deleted when you sign out and do not track you across other websites.

We do not use third-party advertising cookies. Usage analytics are stored in our own database. When you are signed in, we may log your account email together with the visitor identifier to understand usage and performance (e.g., from first visit to sign-in).

Sharing, public links

Reports can be shared via a link. Anyone with the link may be able to access the report. If you do not want a report to be shared, do not distribute the link.

Children’s privacy

The service is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has provided personal data to us, please contact us at legal@unbubble.news and we will take steps to delete it.

Service providers (processors) and transfers

We use the following categories of third-party service providers, who act as data processors under contractual terms:

• Cloud infrastructure and hosting providers: application hosting, database hosting, and serverless functions (including Google Firebase / Google Cloud).

• AI service providers: used to generate reports, search for related sources, and verify facts. We send submitted content (or queries derived from it) to these providers (including OpenAI). They act as data processors under contractual terms restricting use of data for training.

• Email delivery provider: used for login links, report notifications, newsletters, and other service communications. Processes email addresses and email content.

These providers may process data in countries outside your country of residence. Where applicable, we rely on contractual safeguards (such as standard contractual clauses) and provider security measures. You may request a copy of applicable safeguards by contacting us.

Retention

• Account data: retained for as long as needed to provide the service, or until you request deletion (subject to legal obligations).

• Saved reports: retained so you can access them in your account (and potentially via any shared link).

• Analytics: typically retained no longer than the visitor identifier lifetime (1 year), unless needed longer for security or legal reasons.

• Messages: retained as long as needed to respond and improve the service.

Your rights

If you are in the EEA/UK, you may have rights under GDPR (Arts. 15–22), including:

• access to your personal data;
• rectification of inaccurate data;
• erasure (where applicable);
• restriction of processing;
• objection to processing based on legitimate interests;
• data portability (where applicable);
• withdrawal of consent (where processing is based on consent);
• lodging a complaint with your supervisory authority.

How to contact us

Email legal@unbubble.news describing your request. We may ask for information to verify your identity. We aim to respond within 30 days where required.

Chrome Web Store compliance

Our use of information received from Google APIs, including through the browser extension, adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. We only use the data necessary to provide and improve the Unbubble News service. We do not sell user data, use it for advertising purposes, or share it with third parties except as described in this policy.

Changes to this policy

We may update this policy to reflect changes to the product or legal requirements. We will publish updates on this page and change the "Last updated" date.