Back to homePrivacy Policy

Effective Date: January 31, 2026

Blank ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App") and related services (collectively, the "Service").

We are based in the European Union and comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

1.1 Information You Provide

Account Information: When you create an account, we collect your email address, username, and password.

Profile Information: You may choose to provide additional information such as a profile photo, display name, and bio.

User Content: We collect content you create and share, including posts, comments, messages, and media files.

Communications: When you contact us for support or feedback, we collect the information you provide.

1.2 Information Collected Automatically

Device Information: We collect device identifiers, operating system version, device model, and app version.

Usage Data: We collect information about how you use the Service, including features accessed, time spent, and interactions with content.

Crash Data: We collect crash reports and diagnostic information to improve app stability.

Log Data: We collect server logs that may include your IP address, access times, and pages viewed.

1.3 Information from Third Parties

We may receive information from third-party services if you choose to link them to your account or sign in using third-party authentication.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Process transactions and send related information
  • Send administrative messages, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage patterns and trends
  • Detect, investigate, and prevent fraudulent or unauthorized activity
  • Personalize and improve your experience
  • Comply with legal obligations

Legal Bases for Processing (GDPR)

We process your personal data based on:

  • Contract: Processing necessary to provide the Service you requested
  • Legitimate Interests: Processing for our legitimate business interests, such as improving the Service and ensuring security
  • Consent: Processing based on your consent, which you may withdraw at any time
  • Legal Obligation: Processing necessary to comply with applicable laws

3. How We Share Your Information

3.1 Public Information

Your profile information and User Content may be visible to other users according to your privacy settings. Content you post publicly is accessible to anyone.

3.2 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Supabase — Cloud hosting, database, authentication, and file storage. Your data is stored on Supabase servers located in Zurich, Switzerland (EU-adequate jurisdiction).
  • Sentry — Crash reporting and performance monitoring. Collects diagnostic data such as device state, stack traces, and app version when errors occur.
  • OneSignal — Push notification delivery. See Section 10 for details on the data shared.

These providers are contractually obligated to protect your information and use it only for the services they provide to us.

3.3 Legal Requirements

We may disclose your information if required by law or if we believe disclosure is necessary to:

  • Comply with legal process or government requests
  • Protect our rights, privacy, safety, or property
  • Protect the safety of our users or the public
  • Detect, prevent, or address fraud or security issues

3.4 Business Transfers

If Blank is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

3.5 With Your Consent

We may share your information with third parties when you give us explicit consent to do so.

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain information as required by law or for legitimate business purposes, such as:

  • Resolving disputes
  • Enforcing our agreements
  • Complying with legal obligations

Anonymized or aggregated data may be retained indefinitely for analytics purposes.

5. Your Rights (GDPR)

Under the GDPR, you have the following rights:

5.1 Right of Access

You can request a copy of the personal data we hold about you.

5.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

5.3 Right to Erasure

You can request deletion of your personal data, subject to certain exceptions.

5.4 Right to Restrict Processing

You can request that we limit how we use your data.

5.5 Right to Data Portability

You can request a copy of your data in a structured, machine-readable format.

5.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

5.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw your consent at any time.

5.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority in your EU member state.

To exercise these rights, contact us at privacy@blank.is. We will respond within 30 days.

6. International Data Transfers

Your information is primarily stored and processed within the European Union. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure development practices

However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

8. Children's Privacy

Blank is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information.

For users between 13 and 16 in the EU, parental consent may be required for certain data processing activities as mandated by local law.

9. Analytics and Crash Reporting

We use Sentry, a third-party error tracking and performance monitoring service, to understand how users interact with the Service and to identify and fix technical issues. This includes:

Usage Analytics: Aggregated data about feature usage, session duration, and user flows. This helps us improve the Service.

Crash Reporting: Diagnostic information when the app crashes, including device state, stack traces, screenshots, view hierarchy, and app version. This helps us fix bugs and improve stability.

We minimize data collection and do not use analytics for advertising or profiling purposes. You can review Sentry's privacy policy at https://sentry.io/privacy/.

10. Push Notifications

We use OneSignal, a third-party push notification service, to deliver notifications to your device. When you enable push notifications or log in to the App, the following information may be shared with OneSignal:

  • Device push token: A unique identifier assigned by Apple to your device for delivering push notifications
  • User identifier: Your internal account ID, used to target notifications to your account
  • Email address: If provided, used to identify your account within the notification platform
  • Username: Stored as metadata to help identify users in the notification platform
  • Email marketing preference: Your opt-in or opt-out status for marketing communications

OneSignal processes this data to deliver push notifications on our behalf. OneSignal is based in the United States and we rely on Standard Contractual Clauses for any data transfers outside the EU. You can review OneSignal's privacy policy at https://onesignal.com/privacy_policy.

You can disable push notifications at any time through your device settings. When you delete your account, we remove your data from OneSignal.

11. Cookies and Similar Technologies

The App may use local storage and similar technologies to:

  • Remember your preferences
  • Maintain your session
  • Improve performance

You can manage these through your device settings, though some features may not function properly if disabled.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

The "Effective Date" at the top indicates when the policy was last revised.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, or wish to exercise your rights, contact us at:

Data Protection Inquiries Email: privacy@blank.is

General Inquiries Email: support@blank.is

For GDPR-related requests, we will respond within 30 days of receiving your request.