It’s a cliche, but we do take your privacy as a Mabui user very seriously. In fact concerns about privacy issues in social networks are one of the driving forces behind the product.
Mabui apps can be published with the following privacy settings:
- Personal/Private Network (membership by invitation only)
- Access can be further controlled by requirement of user password entry (setting in the app properties).
- Access can be even further controlled by requirement of activation code entry (another setting in the app properties)
- A personal app is simply a private network with the app creator as the only user.
- Public (membership open to all)
- Template (each user gets their own personal/private copy app)
Personal data we collect and store
The only personal data we collect from users are the Google account email addresses selected for Mabui registration. These are stored to uniquely identify users and enable synchronisation of Mabui apps across multiple devices.
We do not share your registered email address or any of your content with any third party.
Your address is not visible to other members of multi-user Mabui apps that you join, with the exception of the app owner and any additional administrator users.
Please see the following section for more information.
User email addresses
A Mabui user’s registered Google account email address is stored in the following locations:
- The user database of each Mabui app the user is a member of. Email addresses are stored in an encoded form (not human readable, even when viewed as part of a decoded Mabui app file). Addresses are only visible to owner and administrator users.
- A non-public area of the mabui.co.uk domain (currently hosted by Siteground but subject to change). This is used for the delivery of user notifications sent from Mabui apps, and installation data for any private apps created by the user (following installation of a template app for example).
As a company our policy is that user’s email addresses will never be shared, sold, or passed on to any third parties, in any way.
We may occasionally use your registered email address to notify you of important service announcements, but that’s it.
All users of the Mabui app platform are required to agree to comply with the following terms and conditions related to privacy and personal data.
“We require a valid email address in order to create and identify your Mabui account. An encoded copy of this email address is used as your unique identifier on the Mabui platform and within any Mabui built apps that you use.
We collect no other personally identifiable data from you, but we do collect some details of your device, such as Android version, to help us improve the quality of our service should an error occur. From v3.03 onward we do not collect your device id (SSAID or Android ID).
Your email address, in encoded form, may be transmitted electronically over a secure internet connection by Mabui in order to support the operation of the platform. Your email address is stored in encoded form in a private database on the Mabui server.
We will never attempt to share, sell, send spam, or otherwise exploit your email address or device information. It is only used to support the operation and functionality of the Mabui platform, and for occasional important Mabui service announcements.
Your valid email address will never be visible to other users of Mabui built apps, with the exception of the app owner and any other administrator users.
Some implementations of this app use Google’s AdMob Mobile Services to display ads. Where AdMob ads are displayed they can always be removed with a small in-app purchase upgrade.
Privacy for app owners and administrators
If you build an app and publish it you are the app owner. As app owner you may give other users of your app administrator rights.
End of policy.
Portable shareable app technology
One of the great advantages of Mabui apps is that they are portable files that can be easily shared by email, or download link, without publishing to the app stores. For this reason it is possible that a Mabui file containing a private app could fall into the hands of an individual that is not a member of the app.
In that situation, the individual would only be able to run the app with a Mabui client if they had access (email and password) to the Google account already linked by a legitimate user of the app. They would also need to know the user’s app password and/or activation code where these optional extra levels of security have been set by the app administrators.
Mabui App Encryption
Mabui app files are encoded to make them non-human readable, so simple attempts to access the content of a Mabui app by means other than a Mabui client (for example opening the email attachment in a text editor) will always fail.
It is important to note however that Mabui app files are not strongly encrypted, and should never be considered to be completely unhackable.
For example, if you are involved in criminal activities, and are hoping that Mabui can provide an impenetrable communication channel, you should understand that security and law enforcement agencies, or any other sufficiently technically skilled and determined operatives, might eventually be able to gain access to the content of your private app.
When you install the Mabui client app, or any standalone app “Powered by Mabui” you are presented with a list of permissions for access to various elements of your mobile device. You may be understandably wary of granting these permissions, but we hope we can reassure you that they are the minimum required to support the wide range of functionalities provided by Mabui, and will never be used for any reasons other than those listed below.
The sensitive permission groups required, and the reasons, are listed below:
- Internet: Required for Mabui app and studio synchronisation, Google Drive access, web page modules and numerous other functions.
- Camera: Required for integration of image modules with device camera. Allows you or your app users to add photo content to apps.
- Contacts: Used for easy addition of users in the Mabui User Management and app publishing functions (removed in Mabui 3.03).
- Location: Used for operation of the current location functionality of Google Maps modules.
- Microphone: Required for operation of the audio recording/voicenote modules.
- Phone: Required to enable Mabui modules to initiate telephone calls in response to user actions. (where supported by device), for example when interacting with user adverts posted in the Shop Window module
- Storage: Required for Mabui to read and write files on device SD cards in support of numerous functions.
- Accounts: Required to link a user’s Google account during the Mabui installation process (please note from Mabui version 77 onwards this is not required).
It should be noted that all of these permissions are required, even for standalone “Powered by Mabui” apps that may not appear to require them (for example a standalone to-do list app doesn’t include Google Maps, and doesn’t therefore use the Location permission).
This is because standalone apps are actually just different implementations of the Mabui client app, packaged with a pre-built Mabui app file that replaces the normal client app homescreen. Standalone apps still allow users to install other apps, and build and publish their own apps too, hence the full range of permissions are always required.
Please note that this section is only applicable to legacy installations of Mabui earlier than v77. Google Drive is no longer used for essential operations of the Mabui platform.
In order to complete installation of the Mabui client app, or get the most out of standalone apps powered by Mabui, it is necessary for each user to link a Google account plus.
This is required because Google Drive cloud storage is used to store:
- All media content used by Mabui apps (images and PDF files for example), including media content added by users.
- A “master” copy of the portable app file itself, used for synchronisation of the app data across multiple devices.