UNIT LAB GLOBAL
[ SYSTEM_INIT: 0% ]
Back to Home

Privacy Policy

Last Updated: February 2026 | Effective Date: February 2026

Unit Lab Global ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, and safeguard your personal data when you use our website, mobile applications (including Brickly Scan on iOS and Android), and services, in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

1. Principles of Data Processing

We process your personal data in accordance with the following principles:

  • Lawfulness, Fairness, and Transparency: Data is processed lawfully, fairly, and transparently.
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes.
  • Data Minimization: We only collect data that is adequate, relevant, and limited to what is necessary.
  • Accuracy: We take reasonable steps to ensure data is accurate and kept up to date.
  • Storage Limitation: Data is kept in a form which permits identification for no longer than is necessary.
  • Integrity and Confidentiality: Data is processed in a manner that ensures appropriate security.

2. Information We Collect

We may collect and process the following data:

  • Account Data: Email address and display name provided when signing in via Google, Apple, or email. Anonymous sign-in creates a temporary account with no personal identifier until you link a provider.
  • Collection Data: LEGO sets, parts, and minifigures you add to your inventory, wishlist, and owned collections, including quantities and build status.
  • Scan History: Records of items you have scanned (piece IDs, timestamps). Images or photos captured during scanning are transmitted securely to our backend for recognition processing. By default, images are discarded after the result is returned. With your explicit consent, scan images may be retained and used to train and improve our LEGO piece recognition AI model. You can withdraw this consent at any time (see Section 10).
  • Usage Data: Information on how the app and website are accessed and used (e.g., page views, session duration, device type, operating system).
  • Communication Data: Content of messages sent to our support channels.
  • Purchase Data: Subscription and purchase status managed via RevenueCat. We do not store raw payment information; billing is handled by Apple App Store or Google Play.

3. Device Permissions (Mobile App)

The Brickly Scan mobile app (available on iOS and Android) may request the following device permissions:

  • Camera: Required to scan LEGO pieces and sets in real time. The camera feed is processed locally and/or sent to our backend solely to identify LEGO items. Images are not stored or shared after processing.
  • Photo Library / Media Access: Required if you choose to import an image from your gallery instead of using the camera. Selected images are processed solely for piece recognition and are not stored.

You can revoke these permissions at any time via your device settings (iOS: Settings > Brickly Scan; Android: Settings > Apps > Brickly Scan > Permissions). Revoking camera or photo permissions will disable the scanning functionality of the app.

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide the core features of the app (collection tracking, scanning, inventory management).
  • Consent: Where you have given explicit consent — including consent to retain scan images for AI model training, or joining a waitlist. You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Legitimate Interests: Processing necessary for our legitimate interests (e.g., improving our services, security, fraud prevention), unless your rights and interests override those interests.

4a. AI Model Training

We are developing an AI model for LEGO piece recognition. To improve its accuracy, we may use scan images collected through the app as training data, but only if you have given explicit, informed consent to this specific use. This consent is separate from the general terms of use of the app.

  • Consent is requested in-app and is entirely optional — declining does not limit any app functionality.
  • Images used for training are stored securely and are not shared with third parties for commercial purposes.
  • You may withdraw your consent at any time by contacting us, and we will cease using your future images for training. Existing images already incorporated into a trained model may not be individually removable (we will document this limitation clearly at the point of consent collection in the app).

5. Third-Party Services

We use the following third-party services which may process your data on our behalf:

  • Supabase: Backend-as-a-service for authentication, database storage, and cloud functions. Data is stored in EU-based infrastructure. See Supabase's Privacy Policy.
  • RevenueCat: In-app subscription and purchase management. See RevenueCat's Privacy Policy.
  • Google Sign-In: Authentication provider. See Google's Privacy Policy.
  • Apple Sign-In: Authentication provider. See Apple's Privacy Policy.
  • Rebrickable / BrickLink: When you use export features, data is formatted for these platforms but is not transmitted to them automatically — the export files are generated locally on your device for you to upload manually.

6. Anonymous Accounts & Account Migration

You may use Brickly Scan with an anonymous account (no sign-in required). Anonymous accounts are assigned a temporary identifier. If you later link your account to a Google or Apple identity, your collection data is migrated to your new account. Anonymous accounts that remain unlinked may be deleted after a period of inactivity.

7. Data Retention

We retain your account and collection data for as long as your account is active or as needed to provide our services. Scan images are discarded immediately after processing unless you have consented to their retention for AI training purposes, in which case they are stored securely for as long as necessary for this purpose or until you withdraw consent. You may request deletion of your data at any time (see Section 10).

8. Data Security

We have implemented an Information Security Management System (ISMS) generally aligned with ISO 27001 standards to protect your data. This includes technical and organizational measures such as encryption in transit (TLS), encrypted storage, access controls, and regular security assessments.

9. International Data Transfers

Your data may be processed on servers located outside your country of residence. When transferring data from the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.

10. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right to Access: You can ask for copies of your personal data.
  • Right to Rectification: You can ask us to rectify inaccurate personal data.
  • Right to Erasure: You can ask us to erase your personal data ("Right to be Forgotten"). To delete your account and all associated data, contact us at contact@unitlabglobal.com with the subject line "Data Deletion Request".
  • Right to Restriction of Processing: You can ask us to restrict the processing of your data.
  • Right to Object: You can object to the processing of your personal data.
  • Right to Data Portability: You can ask that we transfer your data to another organization. Brickly Scan also supports self-service export to Rebrickable CSV and BrickLink XML formats.

To exercise these rights, please contact us at contact@unitlabglobal.com.

11. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we may also notify you within the app.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:
Email: contact@unitlabglobal.com
Address: Unit Lab Global, Paris, France.

This document is provided for informational purposes. For legal advice specific to your situation, consult a qualified attorney.