Privacy Policy

1. Introduction

Welcome to RapidRebus! This Privacy Policy explains how we handle information when you use our mobile puzzle application. RapidRebus offers both anonymous gameplay and optional account creation for enhanced features. Please read this Privacy Policy carefully to understand how we collect, use, and protect your information.

2. Information We Collect

2.1 Personal Information

Anonymous Users: You can play RapidRebus completely anonymously without providing any personal information. No registration or accounts are required for basic gameplay.

Optional Account Creation: If you choose to create an account for cloud sync and enhanced features, we collect minimal personal information through trusted third-party authentication providers:

• Email Address: From Google or Apple sign-in for account identification and recovery
• Display Name: From your Google or Apple account (if provided) for personalization
• Unique User ID: Generated by Firebase Authentication for secure account management

Important: Account creation is entirely optional. You can enjoy all core puzzle features without providing any personal information.

2.2 Game Data

Anonymous Users: All your game data (progress, scores, achievements, preferences) is stored locally on your device only. We do not access, collect, or store any of your game data on our servers.

Authenticated Users: If you create an account, your game data is synchronized between your device and our secure Firebase Cloud Firestore database. This includes:

• Puzzle progress and completion statistics
• Game scores and achievements
• User preferences (theme, sound, haptics)
• Streak data and notification settings
• In-game currency (coins) and purchases
• Custom username (if set)

Cloud sync allows you to access your progress across multiple devices and provides backup protection for your game data.

2.3 Technical Information

For basic app functionality and crash reporting, we may collect minimal technical information:

• Device Information: Device type, operating system version (for compatibility)
• App Performance: Crash reports to help us fix bugs and improve stability
• Basic Usage: App opens and general usage patterns (no personal identification)
• Device ID: Anonymous device identifier for local data storage and analytics
• FCM Token: For push notifications (authenticated users only)
• Timezone Information: For accurate streak tracking and notifications

This information is anonymous and cannot be used to identify you personally unless you create an account.

2.4 Third-Party Authentication Services

When you choose to create an account, we use trusted third-party authentication services:

• Google Sign-In: Handled by Google's authentication servers with their privacy policies
• Apple Sign-In: Handled by Apple's authentication servers with their privacy policies
• Firebase Authentication: Google's secure authentication service for user management

These services may collect additional information according to their own privacy policies. We only receive the email address and display name you authorize them to share.

2.5 Advertising Information

To support our free app, we show advertisements. Our advertising partners may collect:

• Advertising ID: Anonymous identifier for ad targeting
• Ad Interaction: Which ads you view or interact with
• Basic Device Info: For ad compatibility and delivery

This information is handled by our advertising partners according to their own privacy policies.

3. How We Use Information

We use information differently depending on whether you play anonymously or create an account:

3.1 App Functionality

Technical information is used to:

• Ensure app compatibility with your device
• Fix crashes and improve app stability
• Understand general usage patterns to improve the app
• Provide accurate streak tracking and notifications

3.2 Account Services (Authenticated Users Only)

For users who create accounts, we use personal information to:

• Account Management: Identify and authenticate your account securely
• Cloud Sync: Synchronize your game progress across devices
• Data Recovery: Restore your progress if you lose access to your device
• Personalization: Display your chosen username and preferences
• Notifications: Send game reminders and streak notifications (if enabled)
• Customer Support: Provide assistance with account-related issues

3.3 Advertising

We show advertisements to support our free app. Advertising partners use information to:

• Display relevant ads based on your interests
• Measure ad effectiveness and performance
• Prevent fraudulent ad interactions

3.4 Privacy Protection

We do not:

• Sell or rent your personal information to third parties
• Use your email for marketing communications without consent
• Track your identity across other apps or websites
• Share your game data with other users without permission
• Require account creation for core gameplay features

4. Information Sharing and Disclosure

We share information only as necessary to provide our services and as described below:

4.1 Third-Party Authentication Providers

When you create an account, we work with trusted authentication providers:

• Google: For Google Sign-In authentication (governed by Google's Privacy Policy)
• Apple: For Apple Sign-In authentication (governed by Apple's Privacy Policy)
• Firebase/Google Cloud: For secure data storage and authentication services

These providers handle authentication securely and only share the information you authorize (email and display name).

4.2 Advertising Partners

We partner with advertising networks to show ads in our app. These partners may collect:

• Anonymous advertising identifiers
• Ad interaction data
• Basic device information for ad delivery

Common advertising partners include Google AdMob and other ad networks. Each has their own privacy policy governing how they handle information.

4.3 Technical Service Providers

We may share minimal technical information with:

• Firebase/Google Cloud: For cloud data storage and synchronization (authenticated users only)
• Crash Reporting: To help us fix app issues and improve stability
• App Stores: Apple App Store and Google Play Store for app distribution
• Analytics: Basic usage analytics to improve our app (anonymized data only)

4.4 Legal Requirements

We may disclose information if required by law, court order, or government request. For authenticated users, this could include account information if legally compelled.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction. Users will be notified of any such change.

4.6 No Sale of Data

We do not sell, trade, or otherwise transfer your personal information to third parties for their own marketing purposes.

5. Data Security

We implement appropriate security measures to protect your information, with different protections for anonymous and authenticated users:

5.1 Anonymous User Security

For users playing without accounts:

• Device Protection: Your device's security features protect your local game data
• No Cloud Storage: Your progress isn't stored on our servers
• App Deletion: Deleting the app removes all your game data
• Anonymous Identifiers: Only device-based IDs that cannot identify you personally

5.2 Authenticated User Security

For users with accounts, we provide enterprise-grade security:

• Firebase Security: Google's enterprise-grade cloud infrastructure
• Encryption: All data encrypted in transit (TLS) and at rest (AES-256)
• Access Controls: Strict access controls and authentication requirements
• Regular Audits: Security monitoring and regular security assessments
• Data Isolation: Your data is isolated and accessible only to you

5.3 Technical Security Measures

For all users, we implement:

• Secure Transmission: All data transmitted using HTTPS/TLS encryption
• Regular Updates: Security patches and updates applied promptly
• Incident Response: Procedures in place for security incident management
• Privacy by Default: Minimal data collection and secure defaults

6. Your Privacy Rights

Your privacy rights depend on whether you play anonymously or create an account. We respect your choices and provide full control over your data:

6.1 Anonymous User Rights

• No Account Required: Use the app without any registration or personal information
• Local Data Control: All your game data stays on your device under your control
• Easy Deletion: Delete the app to remove all your data instantly
• Ad Control: Use device settings to limit ad tracking

6.2 Authenticated User Rights

If you create an account, you have additional rights under privacy laws including GDPR, CCPA, and others:

• Access: Request a copy of all personal data we have about you
• Correction: Update or correct your account information at any time
• Deletion: Delete your account and all associated data permanently
• Portability: Export your game data in a machine-readable format
• Restriction: Limit how we process your personal information
• Objection: Object to certain types of data processing
• Withdraw Consent: Remove consent for data processing at any time

6.3 Account Management

Authenticated users can manage their data directly in the app:

• Settings Screen: Update preferences, notification settings, and account information
• Sign Out: Disconnect from cloud sync while keeping local data
• Delete Account: Permanently remove your account and cloud data
• Data Export: Contact us for a complete data export

6.4 Advertising Control

• iOS: Turn off "Allow Apps to Request to Track" in Settings > Privacy & Security
• Android: Turn off "Opt out of Ads Personalization" in Settings > Privacy
• Reset Ad ID: Reset your advertising identifier in device settings

6.5 Exercising Your Rights

To exercise your privacy rights, contact us at privacy@rapidrebus.com. We will respond within 30 days and may need to verify your identity for security purposes.

7. Data Retention and Deletion

We retain information only as long as necessary to provide our services and comply with legal obligations:

7.1 Anonymous User Data

• Local Data: Stored on your device until you delete the app
• Technical Data: Anonymous analytics retained for up to 2 years for app improvement
• Crash Reports: Retained for up to 1 year to fix bugs and improve stability

7.2 Authenticated User Data

• Account Data: Retained while your account is active
• Game Progress: Stored in Firebase Cloud Firestore while account is active
• Inactive Accounts: Accounts inactive for 3+ years may be deleted after notice
• Deleted Accounts: All personal data permanently deleted within 30 days

7.3 Automatic Deletion

We automatically delete certain data:

• Notification Tokens: Expired FCM tokens are automatically removed
• Session Data: Temporary session information deleted after logout
• Backup Data: Automated backups retained for 90 days maximum

7.4 Legal Retention

Some data may be retained longer if required by law, such as:

• Financial records for tax and accounting purposes
• Security logs for fraud prevention and investigation
• Legal compliance records as required by applicable laws

8. Children's Privacy

RapidRebus is designed to be family-friendly and suitable for all ages. We take special care to protect children's privacy in compliance with COPPA and other applicable laws.

8.1 Anonymous Play for Children

• No Personal Information: Children can play without providing any personal details
• No Accounts Required: Full gameplay available without registration
• Local Data Only: All game progress stays on the child's device
• Family-Friendly Ads: Advertising content is appropriate for all ages

8.2 Parental Consent for Accounts

If a child under 13 wants to create an account:

• Parental Consent Required: We require verifiable parental consent before collecting any personal information from children under 13
• Limited Data Collection: Only email address and display name collected through parent-supervised sign-in
• Parental Control: Parents can request deletion of their child's account at any time
• No Marketing: We do not send marketing communications to children

8.3 Parental Rights

Parents have the right to:

• Review their child's personal information
• Request deletion of their child's account and data
• Refuse further collection of their child's information
• Contact us with questions about our children's privacy practices

For questions about children's privacy, contact us at privacy@rapidrebus.com.

9. Global Availability and Data Transfers

RapidRebus is available worldwide. For authenticated users, we may transfer data internationally as part of our cloud services:

9.1 Firebase Cloud Infrastructure

Authenticated user data is stored using Google Firebase, which operates globally:

• Data Centers: Your data may be stored in Google's secure data centers worldwide
• Adequate Protection: Google provides adequate data protection safeguards
• EU-US Framework: Google participates in approved international data transfer frameworks

9.2 Advertising Partners

Our advertising partners may operate globally and may use your advertising ID across different countries. This is handled according to their privacy policies and local advertising regulations.

9.3 Local Compliance

We comply with local privacy laws in all regions where RapidRebus is available, including:

• GDPR: European Union General Data Protection Regulation
• CCPA: California Consumer Privacy Act
• PIPEDA: Canadian Personal Information Protection and Electronic Documents Act
• UK GDPR: United Kingdom data protection laws
• LGPD: Brazilian General Data Protection Law

10. Mobile App Tracking

As a mobile app, RapidRebus doesn't use cookies like websites do. However, we use mobile-specific technologies:

10.1 App Tracking Technologies

• Advertising ID: Anonymous identifier for ad targeting (can be reset by user)
• Local Storage: Game data stored on your device (anonymous users) or synced to cloud (authenticated users)
• Crash Reporting: Anonymous crash information for bug fixes
• Basic Analytics: App usage patterns (no personal identification for anonymous users)
• Firebase Analytics: For authenticated users, usage analytics tied to your account for personalization

10.2 Managing Tracking

You can control tracking through device settings:

• iOS: Settings > Privacy & Security > Tracking
• Android: Settings > Privacy > Ads
• Reset Advertising ID: Available in device privacy settings

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website
• Displaying a prominent notice in our app
• App store update notifications

Your continued use of our app after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

13. Additional Resources

For more information about privacy and data protection:

• GDPR Information Portal
• Australian Privacy Principles
• Privacy Commissioner of Canada
• California Consumer Privacy Act