User Data Privacy in Backend

Hi Folks.

I have seen some amazing apps built, such as, and I am having some thoughts around user data privacy. My limited understanding is that the app developer has full access to all data in the application backend. This would be a concern if my app was dealing with sensitive information. Is there a way to prevent this in order to give users some form of surety or is this essentially all apps (not only Bubble) work.

Just a thought.

1 Like

Hi there, @sebastianvangreunen… no offense here, but this topic has been done to death, up to and including literally a day ago. The bottom line is Bubble developers (not to mention Bubble employees themselves) have full access to the data in their apps via the editor, and that is how all Bubble apps work unless you jump through what I consider to be some pretty ridiculous hoops. If it is imperative that the data in your app be hidden from you (i.e., the app developer), it can be done, but as a former colleague of mine used to say, is the juice really worth the squeeze? Your call, friend.



But that severely limits the usefulness of bubble and low code in general - if that’s the case with the other nocode tools. Bubble claims that you can do anything, but what’s the point of doing if it’s not secure?
So if you do it commercially you literally have to tell users - “I will be able to see your data”. And then good luck getting customers.

I’m not trying to be a jerk here, but it certainly hasn’t hurt me or thousands of other Bubblers who have plenty of customers. Honestly, I just don’t get the concern here. I have been in the software world for decades, and I literally can’t remember a time when customers were concerned over the folks who are building the software being able to see their data. Hell, they actually expect that we can see their data (especially for troubleshooting purposes when there are issues), so again, I just don’t get it.

The above being said, none of that matters at all if it’s a concern for you and your potential customers. So, either don’t use Bubble or jump through the hoops to make sure nobody can see the data… it really is that simple.


just a note that you can as the app admin for every app editor set if they can only see test data or live data.
or you can have data go to external databases which only the admin as the credentials for.

just that i as a developer would not accept projects where I cannot see live data as that makes testing way difficult with nocode as it is not as far a long yet as testing with real code.

Yeah, I guess I was naive about web… You scared me ****less now.

If it helps, I can pretty much assure you the developers of any sites/apps you use don’t know you exist and don’t give a damn about your specific data. Feel better now? :slight_smile: