VisPrivacy Policy for Vis
Last updated: 3 June 2026
This Privacy Policy explains how Modulus Binarius ("we", "us", "our") handles your personal data when you use the Vis mobile application ("Vis", the "App"). We are the data controller responsible for your personal data.
We have written this policy in plain language. If anything is unclear, contact us at modulusbinarius@gmail.com.
1. Who we are
Vis is operated by Modulus Binarius, an independent software developer based in the Netherlands.
- Contact for privacy questions and requests: modulusbinarius@gmail.com
For the purposes of the EU General Data Protection Regulation (GDPR), Modulus Binarius is the data controller for the personal data described below.
The third-party providers we use (Google/Firebase and Sentry) act as our processors for the data we send them: under our agreements with them, they are contractually required to process that data only to provide their services to us and on our instructions. They may also process limited technical data as independent controllers for their own service security and operation, as described in their own privacy policies (linked below). Their handling of data is governed by their own terms.
2. The short version
- Vis works offline and on your device by default. You can create and complete tasks without an account.
- If you sign in with Google, your app data is synced to the cloud (Google Firebase) so that — when sync succeeds — it can be restored and used across your devices. Sync depends on connectivity and provider availability and is not a guaranteed backup; keep your own copy of anything critical.
- We use Sentry to receive crash and error reports so we can fix bugs.
- We do not show ads, we do not use advertising trackers, and we do not sell or rent your personal data to anyone.
3. What we collect, why, and our legal basis
| Data | Where it comes from | Why we process it | Legal basis (GDPR) |
|---|---|---|---|
| Account identity — your Google account email, display name, profile photo URL, and a Firebase user ID | When you choose to sign in with Google | To authenticate you and link your synced data to your account | Performance of a contract (Art. 6(1)(b)) |
| Synced app data — a snapshot of your tasks, completion history, reminders, recurrence rules, and in-app settings | Created by you in the App; uploaded only when you are signed in | To sync your data to the cloud and across your devices | Performance of a contract (Art. 6(1)(b)) |
| Crash & diagnostic data — error reports, stack traces, app version, device model, OS version, your IP address, and limited technical context attached automatically to an error (such as log breadcrumbs) | Automatically, via the Sentry SDK, when an error occurs | To detect, diagnose, and fix faults and keep the App stable | Legitimate interests (Art. 6(1)(f)) — keeping the App working |
| On-device data — your tasks and settings stored locally, and any background image you choose | Stored on your device | To run the App locally; this data is not transmitted to us | Not applicable (processing is local to your device) |
We do not collect: advertising identifiers, precise location, contacts, browsing history, or payment-card details.
A note on diagnostic data: crash reports are generated automatically, and we do not control exactly which technical details a given crash includes. They may incidentally include small fragments of text present in the App at the time of an error. We do not intentionally send your task content to Sentry, and we use it only to diagnose faults.
You can object to this diagnostic processing at any time (see Section 7). We currently do not rely on consent as a legal basis for any processing.
4. Cloud sync and the third parties we use
When you sign in, Vis stores your data using Google Firebase, and we use Sentry for crash reporting. These are our only processors. They may engage their own sub-processors under their respective data-processing terms.
Google / Firebase (authentication and cloud sync)
- Firebase Authentication verifies your Google sign-in and gives us your account email, name, profile photo URL, and a user ID. Your Google password is never shared with us.
- Cloud Firestore stores your synced app data as a single snapshot tied to your account, readable and writable only by your signed-in account.
- Google acts as our processor under Google's Cloud Data Processing Addendum. See Google's Privacy Policy at https://policies.google.com/privacy and Firebase's privacy information at https://firebase.google.com/support/privacy.
Sentry (crash & error reporting)
- Sentry receives crash reports and diagnostic data, including your IP address and device/OS information, when the App encounters an error. Diagnostic reports are generated automatically and we configure Sentry to collect what is needed to diagnose errors. Our Sentry data is received in Sentry's European (Germany) region.
- Sentry acts as our processor. See Sentry's Privacy Policy at https://sentry.io/privacy/.
Sign-in with Google
When you sign in using Google, your sign-in is handled by Google under Google's own terms and Privacy Policy (https://policies.google.com/privacy), over which we have no control. We receive only a verified identity token and the basic profile fields listed above; we never receive or store your Google password, and we are not responsible for Google's own processing of your account.
Payments
Vis is free and ad-free. If paid ("Pro") features are offered, any purchase is processed by the app store (Google Play or the Apple App Store). We do not collect, store, or have access to your payment-card details.
We do not sell, rent, or share your personal data with any third party for their own marketing or commercial purposes. You can request a copy of the safeguards governing our use of these providers by emailing us.
5. International data transfers
Your synced data is stored on Google Cloud infrastructure. Depending on Google's data-centre configuration for our project, your data may be processed in the European Union and in other countries where Google operates, including the United States. Where data is transferred outside the European Economic Area (EEA), such transfers are intended to be covered by the appropriate safeguards in our providers' data-processing terms, including the Standard Contractual Clauses where applicable.
Crash data sent to Sentry is received in Sentry's European (Germany) region. Sentry's parent company is based in the United States; any transfer outside the EEA is intended to be covered by Sentry's Data Processing Addendum and the Standard Contractual Clauses.
6. How long we keep your data
- Account and synced data: kept while your account is active. After you request deletion (see Section 8), we delete it within the period required by law; residual copies may persist briefly in our providers' routine backups before they expire.
- Crash & diagnostic data (Sentry): retained for a limited period (we currently use Sentry's standard retention) and then deleted.
- On-device data: stays on your device until you delete it, clear the App's data, or uninstall the App. We have no access to it and cannot recover it for you.
7. Your rights
If you are in the EEA or the United Kingdom, you have the right to: access your data; correct inaccurate data; delete your data ("right to be forgotten"); restrict or object to processing (including the diagnostic processing described above); and receive your data in a portable, machine-readable format. You may also withdraw consent where we rely on it (we currently do not), and lodge a complaint with a supervisory authority.
To exercise any of these rights, email modulusbinarius@gmail.com. We will respond without undue delay and within one month of receiving your request. Where a request is complex or you make several requests, we may extend this by up to two further months, as permitted by the GDPR, and will tell you if we do. We do not charge for this, and you will not be treated differently for exercising your rights.
California residents: in the last 12 months we collected these categories of personal information: identifiers (email, name, user ID, IP address) and internet/app activity (your task and usage data); we draw no inferences. We disclose these only to our processors (Google, Sentry). We do not sell or share your personal information as those terms are defined under the CCPA/CPRA, so no "Do Not Sell or Share" action is needed. You have the right to know what we collect, to delete it, to correct it, and to non-discrimination for exercising these rights. Use the same email above.
Supervisory authority: if you are in the EEA, you may complain to your local authority. Our lead authority is the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), https://www.autoriteitpersoonsgegevens.nl.
8. Deleting your account and data
You can delete your account and all associated cloud data at any time directly in the app: open Settings → Delete account. This removes your Firebase Authentication record and your synced data. You can also email modulusbinarius@gmail.com with the subject "Delete my account" and we will do it for you without undue delay and, in any event, within the period required by applicable law (generally one month). Residual copies in our providers' routine backups expire shortly afterward.
Data stored only on your device is deleted when you clear the App's data or uninstall the App; you do not need to contact us for that.
9. Security
Data you sync is transmitted over encrypted connections (TLS). Our cloud providers (Google Firebase and Sentry) state that they encrypt data at rest on their infrastructure; that encryption is provided and controlled by them, not by us. Access to our cloud accounts is limited to the developer of Vis, and your synced data is restricted to your own signed-in account.
We take commercially reasonable technical and organisational measures to protect your data, but no method of transmission or storage is completely secure, and the security of provider infrastructure ultimately depends on those providers. We cannot guarantee absolute security. If a personal-data breach is likely to put your rights at risk, we will notify you and the relevant supervisory authority without undue delay, as required by law.
The App and its sync features are provided on a reasonable-efforts basis. To the extent permitted by law, we do not warrant uninterrupted availability, error-free operation, or that data will never be lost, and we are not liable for loss or unauthorised access arising from the acts, omissions, outages, or security failures of our third-party providers or the app stores.
10. Data stored only on your device
If you do not sign in, your tasks and settings never leave your device, and any background image you select stays on your device. We cannot access, back up, restore, or delete on-device-only data, and we are not responsible for its loss if you clear app data or uninstall the App.
11. Children
Vis is not directed at children under the age of 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, contact us at modulusbinarius@gmail.com and we will delete it without undue delay.
12. Changes to this policy
We may update this policy from time to time, and changes apply only going forward (they are not retroactive). The "Last updated" date above shows the latest version. For material changes, we will give reasonable notice through the App or by other means before the change takes effect. Where a change requires your consent under applicable law, we will ask for it.
13. Governing law and contact
This policy is governed by the laws of the Netherlands. If any part of it is found to be unenforceable, the remainder continues in effect.
Modulus Binarius
Netherlands
Email: modulusbinarius@gmail.com