RemalApps
Back to DualMate

Privacy Policy

DualMate Updated 18 Jun 2026

Privacy Policy for DualMate

Last updated: 18 June 2026

DualMate is an unofficial student app for DHBW-related information such as schedules, Dualis results, DHBW date information, canteen menus, widgets, and local notifications.

This Privacy Policy explains what data DualMate processes, where it is stored, which external services may receive data directly from your device, and how you can contact us about privacy questions.

DualMate is designed to avoid a developer-operated backend. We do not operate user accounts, and we do not receive or store your Dualis credentials, grades, schedules, canteen choices, or local app database on our own server.

1. Controller and contact

The person or entity responsible for DualMate is:

Developer / controller: RemalApps Address: 23442 Jeddah, Saudi Arabia Privacy contact: [email protected]

For privacy questions or data protection requests, contact us at the email address above.

2. What DualMate does

DualMate helps users access and organize DHBW-related information, including:

  • schedules from Rapla, iCal, Mannheim schedule sources, or similar schedule sources selected by the user;
  • Dualis information such as modules, exams, grades, and results;
  • DHBW date database information;
  • canteen menu information;
  • local widgets;
  • local notifications;
  • app preferences such as theme, language, selected canteen, selected schedule source, and notification settings.

DualMate is not operated by DHBW and is not an official DHBW service.

3. No DualMate account and no developer backend

DualMate does not require a DualMate account.

We do not run a backend server that stores your app account, schedules, Dualis credentials, grades, canteen choices, or app settings. Most app data is either:

  1. stored locally on your device; or
  2. sent directly from your device to the external service you choose to use, such as Dualis, Rapla/iCal, DHBW-related websites, or canteen menu providers.

4. Data stored locally on your device

DualMate stores app data locally so the app, widgets, and notifications can work properly.

This may include:

  • app settings, such as language, theme, onboarding status, notification preferences, and selected canteen;
  • schedule source settings, such as a Rapla URL, iCal URL, or Mannheim schedule identifier;
  • cached schedule entries, including title, time, room, lecturer/professor, type, and details;
  • schedule filters;
  • DHBW date entries;
  • cached canteen meals, including date, name, category, price, notes, and allergens where available;
  • saved Dualis credentials, only if you choose to save them.

On Android, app backup is disabled in the inspected release configuration. Local data is normally removed when you clear the app’s storage or uninstall the app.

5. Dualis credentials and Dualis data

If you use Dualis features, DualMate sends your Dualis login details directly from your device to the Dualis service at dualis.dhbw.de.

We do not receive your Dualis username, password, grades, exams, or Dualis pages on a developer-operated server.

If you choose to save your Dualis credentials, they are stored locally on your device using secure device storage. You can remove them by clearing the app’s data or using app functionality where available.

Dualis data may include information such as modules, exams, grades, credits, and results. This data is processed locally in the app and through direct communication with Dualis.

6. Schedule sources

If you configure a schedule source, DualMate uses the schedule information you provide or select to request your schedule directly from the relevant source.

This may include:

  • Rapla URLs;
  • iCal URLs;
  • Mannheim schedule identifiers;
  • schedule entries returned by those services.

Schedule URLs can contain private access keys or identifiers. Treat them as confidential.

DualMate stores schedule source information locally on your device so it can refresh your schedule. We do not receive your schedule URL or schedule content on a developer-operated server.

Some schedule sources are controlled by third parties. Their own privacy and security practices apply. DualMate uses HTTPS where supported, but user-provided or third-party schedule sources may use their own transport security.

7. Canteen and DHBW date information

DualMate may request canteen menu data and DHBW date information from supported external sources.

This may include:

  • selected canteen or campus;
  • selected date database and year;
  • menu data such as meal names, categories, prices, notes, and allergens;
  • DHBW date entries.

This information is used to show canteen menus and DHBW dates in the app and widgets. It is stored locally on your device as a cache.

We do not receive your selected canteen, campus, or date database choices on a developer-operated server.

8. Sentry crash reporting and diagnostics

DualMate uses Sentry for crash reporting, error diagnostics, release health, and limited performance monitoring. This helps us fix crashes and technical problems.

Sentry is operated by Functional Software, Inc. d/b/a Sentry. Sentry processes telemetry on our behalf under Sentry’s Data Processing Addendum version 5.1.0.

DualMate uses a privacy-focused Sentry configuration:

  • Sentry is configured in the EU zone.
  • Sentry IP retention is disabled.
  • Sentry privacy protections and data scrubbing are enabled.
  • Sentry default PII collection is disabled in the app.
  • Screenshots are disabled.
  • Session Replay is disabled.
  • Sentry logs are disabled.
  • User interaction breadcrumbs are disabled.
  • User interaction tracing is disabled.
  • Sentry user data is removed before events are sent.
  • Request URLs, query strings, cookies, authorization headers, tokens, email addresses, Dualis-related values, grades, schedule details, room names, event titles, and similar sensitive values are scrubbed or redacted where detected.

Sentry telemetry may include technical information such as:

  • app version, build, release, and environment;
  • operating system and device category information;
  • crash stack traces;
  • exception types;
  • performance diagnostics such as loading time, latency, frames, or technical spans;
  • sanitized transaction names;
  • technical event identifiers created for crash and diagnostic processing.

We do not use Sentry for advertising, marketing, user profiling, or tracking users across apps.

We do not intentionally send Dualis credentials, grades, full schedule content, private schedule URLs, canteen choices, or other student information to Sentry.

9. Calendar access

The local calendar sync feature is currently disabled.

In the inspected Android release configuration, DualMate does not request calendar read or write permissions. Calendar permissions are only added if the app is explicitly built with the disabled local calendar feature flag enabled.

While calendar sync is disabled, DualMate does not read from or write to your device calendar.

10. Notifications and widgets

DualMate may use local notifications and widgets to show schedule or canteen information.

Notification and widget data is based on information stored locally on your device. We do not send notification content or widget content to a developer-operated server.

On Android, DualMate may request notification permission where required by the operating system. DualMate may also use exact alarm functionality for local notification timing.

DualMate may contain links to external websites, such as DHBW pages, Dualis, webmail, e-learning pages, student union pages, sports pages, and the app’s source code repository.

When you open an external website, that website is controlled by its own operator. Its own privacy policy applies.

12. Data sharing

We do not sell personal data.

We do not share personal data for advertising.

We do not operate a backend that receives your Dualis credentials, grades, schedules, or canteen choices.

Data may be transmitted in the following cases:

  • directly from your device to Dualis when you use Dualis features;
  • directly from your device to your selected schedule source when you use schedule features;
  • directly from your device to canteen or DHBW date sources when you use those features;
  • to Sentry for crash reporting and technical diagnostics, with privacy protections and scrubbing enabled;
  • to app store or operating system providers as part of normal app distribution, installation, update, crash, review, or platform functionality.

For users in the European Union and Germany, we process data under the following legal bases:

  • App functionality: Art. 6(1)(b) GDPR, because processing is needed to provide the app features you choose to use.
  • Optional saved Dualis credentials: Art. 6(1)(a) GDPR, based on your choice to save credentials locally.
  • Crash reporting and diagnostics: Art. 6(1)(f) GDPR, based on our legitimate interest in keeping the app stable, secure, and reliable.
  • Support requests: Art. 6(1)(b) or Art. 6(1)(f) GDPR, depending on the request.
  • Legal compliance: Art. 6(1)(c) GDPR, where processing is necessary to comply with legal obligations.

Our legitimate interest in Sentry diagnostics is limited to fixing crashes, improving reliability, and maintaining security. We reduce privacy impact by disabling IP retention, disabling unnecessary Sentry features, enabling Sentry privacy protections, and applying app-side scrubbing.

14. Data retention

Local app data remains on your device until it is replaced, deleted, the app storage is cleared, or the app is uninstalled.

Saved Dualis credentials remain in secure local storage until you remove them, clear app data, or uninstall the app.

Cached schedules, canteen menus, and DHBW date information may remain locally so the app and widgets can work faster and offline.

Sentry crash and diagnostic data is retained according to the active Sentry project retention settings. IP retention is disabled. Sentry privacy protections and data scrubbing are enabled.

Support emails or other direct support communications may be kept as long as needed to answer the request, handle follow-up questions, and protect legitimate interests such as abuse prevention or legal defense.

15. Data deletion

Because DualMate does not use DualMate accounts and does not store your app content on a developer-operated backend, most deletion is done directly on your device.

You can delete local DualMate data by:

  • clearing the app’s storage in your operating system settings;
  • uninstalling the app;
  • removing saved credentials or changing app settings where the app provides such controls.

For Sentry telemetry or direct support communications, you can contact us at [YOUR PRIVACY EMAIL ADDRESS]. We may need technical information, such as the approximate crash time, app version, device type, or Sentry event ID, to locate related telemetry.

16. Security

DualMate uses technical safeguards intended to reduce privacy risk, including:

  • local-first processing;
  • no developer-operated account backend;
  • secure local storage for saved Dualis credentials;
  • Android backup disabled in the inspected release configuration;
  • Sentry IP retention disabled;
  • Sentry privacy protections and data scrubbing enabled;
  • no Sentry screenshots;
  • no Sentry session replay;
  • no Sentry default PII;
  • additional app-side Sentry scrubbing;
  • HTTPS for supported external services.

No app or network transmission can be guaranteed to be completely secure. You should keep your device protected, use a device lock, keep DualMate updated, and avoid sharing private schedule URLs or Dualis credentials.

17. Your rights

If the GDPR applies to you, you may have the right to:

  • access personal data;
  • correct inaccurate personal data;
  • request deletion;
  • restrict processing;
  • object to processing based on legitimate interests;
  • withdraw consent where processing is based on consent;
  • request data portability;
  • lodge a complaint with a data protection supervisory authority.

To exercise your rights, contact us at [email protected].

Because DualMate does not operate user accounts and does not centrally store your app content, we may not be able to identify app data stored only on your device. The most direct way to delete local app data is to clear the app’s storage or uninstall the app.

18. Children

DualMate is intended for DHBW students and similar users. It is not directed at children.

We do not knowingly collect personal data from children.

19. No advertising

DualMate does not use your personal data for advertising.

DualMate does not sell personal data.

DualMate does not share personal data with advertising partners.

20. Changes to this Privacy Policy

We may update this Privacy Policy when DualMate changes, when third-party services change, or when legal requirements change.

The “Last updated” date at the top shows when this Privacy Policy was last changed.