Privacy Policy

Effective Date: February 7, 2026
Last Updated: February 7, 2026

    Just Sudoku ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Just Sudoku (the "App"). This policy applies to users worldwide and complies with applicable data protection laws including GDPR (EU/EEA), UK GDPR, CCPA/CPRA (California, USA), LGPD (Brazil), DPDPA (India), and other international privacy regulations.

1. Data Controller

For the purposes of applicable data protection laws, the data controller responsible for your personal data is:

Just Sudoku
Developer: [Your Full Legal Name]
Address: [Your Address, City, Country]
App Package: com.ondran.sudoku.free
Email: 0ndr4N@proton.me

2. Information We Collect

We collect information automatically when you use the App through the following third-party services:

2.1 Information Collected Automatically

Category	Data Types	Purpose
Device Information	Device type, model, operating system version, unique device identifiers (Advertising ID, App Instance ID), language settings, time zone	App functionality, analytics, advertising
Usage Data	App interactions, screens viewed, session duration, feature usage, in-app events	Analytics, app improvement
Network Information	IP address (used for approximate geolocation), network type, carrier	Geolocation for ads, analytics
Crash Data	Crash logs, stack traces, device state at time of crash	Bug fixing, app stability
Advertising Data	Ad interactions, impressions, clicks, advertising identifiers	Personalized/non-personalized advertising

2.2 Information We Do NOT Collect

Name, email address, or other direct contact information
Payment or financial information directly (all payment processing is handled by Google Play; see Section 5.8)
Precise GPS location
Photos, contacts, or other device content
Biometric data
Health or medical information

3. How We Use Your Information

We use the collected information for the following purposes:

App Functionality: To provide and maintain the App's features
Analytics: To understand how users interact with the App and improve user experience
Advertising: To display advertisements, including personalized ads (with your consent where required)
Crash Reporting: To identify and fix bugs and improve app stability
Performance Monitoring: To optimize app performance across different devices

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data based on the following legal grounds:

Processing Activity	Legal Basis
Personalized advertising	Consent (Article 6(1)(a) GDPR)
Non-personalized advertising	Consent (Article 6(1)(a) GDPR) for storage on device
Analytics (Firebase Analytics)	Consent (Article 6(1)(a) GDPR)
Crash reporting (Crashlytics)	Consent (Article 6(1)(a) GDPR)
Anonymous authentication (Firebase Auth)	Legitimate Interest (Article 6(1)(f) GDPR) — enabling leaderboard and cloud sync without collecting personal identity
Push notifications (Firebase Cloud Messaging)	Consent (Article 6(1)(a) GDPR) — notifications are sent only when you opt in via App settings
App configuration (Firebase Remote Config)	Legitimate Interest (Article 6(1)(f) GDPR) — delivering feature flags and configuration for proper app operation
Cloud data sync (Cloud Firestore)	Legitimate Interest (Article 6(1)(f) GDPR) — leaderboard scores and cross-device game progress synchronization
In-app purchases (Google Play Billing)	Contract Performance (Article 6(1)(b) GDPR) — necessary for fulfilling purchase transactions you initiate
Essential app functionality	Legitimate Interest (Article 6(1)(f) GDPR) — ensuring proper operation, security, and stability of the App

    Your Right to Withdraw Consent: You have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can manage your consent preferences through the App's settings menu.

5. Third-Party Services

The App uses the following third-party services that may collect and process your data:

5.1 Google AdMob

We use Google AdMob to display advertisements in the App.

Provider: Google LLC
Data collected: Advertising ID, device information, IP address, ad interaction data
Purpose: Serving personalized or non-personalized advertisements
Privacy Policy: https://policies.google.com/privacy
How Google uses data: https://policies.google.com/technologies/partner-sites

5.2 Firebase Analytics (Google Analytics for Firebase)

We use Firebase Analytics to understand how users interact with the App.

Provider: Google LLC
Data collected: App Instance ID, device information, usage data, IP address (for geolocation)
Purpose: Analytics, understanding user behavior, improving the App
Privacy Policy: https://firebase.google.com/support/privacy

5.3 Firebase Crashlytics

We use Firebase Crashlytics to collect crash reports and improve app stability.

Provider: Google LLC
Data collected: Crash logs, stack traces, device state, Crashlytics Installation ID, and contextual gameplay data at the time of a crash (such as game difficulty, user level, and current screen) to help diagnose issues
Purpose: Identifying and fixing bugs, improving app stability
Privacy Policy: https://firebase.google.com/support/privacy

5.4 Firebase Authentication

We use Firebase Authentication for anonymous sign-in to enable cloud features such as leaderboards.

Provider: Google LLC
Data collected: Anonymous user ID, authentication tokens
Purpose: Identifying users for leaderboard and cloud sync functionality without requiring personal information
Privacy Policy: https://firebase.google.com/support/privacy

5.5 Firebase Cloud Messaging

We use Firebase Cloud Messaging (FCM) to send push notifications such as daily challenge reminders and streak alerts.

Provider: Google LLC
Data collected: FCM registration token, device type, app version
Purpose: Delivering push notifications you have opted in to receive
Privacy Policy: https://firebase.google.com/support/privacy

5.6 Firebase Remote Config

We use Firebase Remote Config to dynamically configure app behavior and feature flags.

Provider: Google LLC
Data collected: App Instance ID, device platform, app version, country (derived from IP)
Purpose: Delivering configuration updates and feature flags without requiring an app update
Privacy Policy: https://firebase.google.com/support/privacy

5.7 Cloud Firestore

We use Cloud Firestore to store leaderboard scores and synchronize game progress across devices.

Provider: Google LLC
Data collected: Anonymous user ID, leaderboard scores, game statistics, nickname (if set by you)
Purpose: Leaderboard functionality and cloud data synchronization
Privacy Policy: https://firebase.google.com/support/privacy

5.8 Google Play Billing

We use Google Play Billing to process in-app purchases and subscriptions. We do not directly collect or store your payment details — all payment processing is handled by Google Play.

Provider: Google LLC
Data collected by us: Purchase tokens, order IDs, product IDs, purchase state (used to verify and fulfill purchases)
Data collected by Google Play: Payment method details, billing address, transaction history (processed under Google's own privacy policy)
Purpose: Processing in-app purchases, verifying entitlements, managing subscriptions
Privacy Policy: https://policies.google.com/privacy

6. Advertising

6.1 Types of Advertisements

Depending on your consent preferences and location, you may see:

Personalized Ads: Tailored to your interests based on your activity across apps and websites (with consent in EEA/UK)
Non-Personalized Ads: Not based on your past behavior but may use contextual information
Limited Ads: Minimal data processing for advertising purposes

6.2 Managing Ad Preferences

You can manage your advertising preferences through:

In-App Settings: Access "Privacy Settings" or "Manage Consent" in the App's settings menu
Device Settings:
- Android: Settings → Google → Ads → Reset advertising ID or Opt out of Ads Personalization
Google Ad Settings: https://adssettings.google.com

7. Cookies and Similar Technologies

The App and its third-party services use cookies, SDKs, and similar technologies to:

Store user preferences and consent choices
Enable advertising functionality
Collect analytics data
Prevent fraud

In the EEA/UK, we obtain your consent before using non-essential cookies and similar technologies, in compliance with the ePrivacy Directive.

We may share your information in the following circumstances:

8.1 Third-Party Service Providers

We share data with Google LLC (as described in Section 5) for advertising, analytics, crash reporting, authentication, push notifications, app configuration, cloud data synchronization, and in-app purchase processing. Google acts as a data processor on our behalf and also as an independent controller for certain processing activities (including payment processing via Google Play).

8.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

8.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

8.4 What We Do NOT Do

We do not sell your personal information
We do not share your data for purposes unrelated to the App's functionality

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where Google's servers are located.

For EEA/UK Users

When we transfer your data outside the EEA/UK, we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs): Google uses EU-approved Standard Contractual Clauses for data transfers
Adequacy Decisions: Transfers to countries with adequate data protection (as determined by the European Commission)
EU-US Data Privacy Framework: Google LLC is certified under the EU-US Data Privacy Framework

10. Data Retention

We retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Data Type	Retention Period
Analytics data	26 months (Google Analytics default)
Crash reports	90 days
Advertising data	Varies by Google's policies
Consent preferences	Until you withdraw consent or uninstall the App
Leaderboard scores and nicknames	Until you request deletion or indefinitely for active accounts
Anonymous user ID	Until you uninstall the App or request deletion
Push notification tokens (FCM)	Until token is refreshed or you uninstall the App
Purchase data (order IDs, entitlements)	Duration of account activity or as required by tax/legal obligations

You can request deletion of your data at any time by contacting us (see Section 15).

11. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

11.1 Rights for All Users

Access: Request information about what data we collect
Deletion: Request deletion of your personal data
Opt-Out of Personalized Ads: Disable personalized advertising

11.2 Additional Rights for EEA/UK Users (GDPR/UK GDPR)

Right of Access: Obtain confirmation and a copy of your personal data
Right to Rectification: Correct inaccurate personal data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
Right to Lodge a Complaint: File a complaint with your local data protection authority
Right Related to Automated Decision-Making: Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you (Article 22 GDPR). Personalized advertising delivered through Google AdMob involves profiling; you can opt out via the consent management options in the App's settings.

How to Exercise Your Rights (EEA/UK): Use the "Manage Consent" option in the App's settings to modify your consent preferences, or contact us at 0ndr4N@proton.me.

11.3 Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by CPRA):

Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out of Sale/Sharing: We do not sell your personal information. Personalized advertising through Google AdMob may constitute "sharing" under CPRA; you can opt out of personalized ads at any time through the App's consent settings or device settings
Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by CPRA
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Categories of Personal Information Collected (CCPA):

Identifiers (device identifiers, IP address)
Internet or electronic network activity (usage data, ad interactions)
Geolocation data (approximate, derived from IP address)
Inferences (derived from the above to create a profile)

11.4 Rights for Brazilian Users (LGPD)

Under Brazil's Lei Geral de Proteção de Dados (LGPD), we process your data based on consent (Article 7, I, LGPD) for advertising and analytics, and legitimate interest (Article 7, IX, LGPD) for essential app functionality. You have the following rights:

Confirmation of processing and access to data
Correction of incomplete or inaccurate data
Anonymization, blocking, or deletion of unnecessary data
Data portability
Information about sharing with third parties
Withdrawal of consent
Filing a complaint with the ANPD (Autoridade Nacional de Proteção de Dados)

11.5 Rights for Indian Users (DPDPA)

Under India's Digital Personal Data Protection Act (DPDPA), you have rights including:

Right to access information about your personal data
Right to correction and erasure
Right to grievance redressal
Right to nominate another person to exercise rights on your behalf

11.6 How to Exercise Your Rights

To exercise any of your privacy rights, you can:

In-App: Navigate to Settings → Privacy Settings → Manage Consent
Email: Send a request to 0ndr4N@proton.me

We will respond to your request within the timeframe required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

12. Children's Privacy

The App is not directed to children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages.

COPPA Compliance (United States)

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 years of age. If you believe we have collected information from a child under 13, please contact us immediately at 0ndr4N@proton.me and we will promptly delete such information.

Children's Privacy in the EEA/UK (Article 8 GDPR)

In the EEA/UK, we do not knowingly process personal data of children under the age of digital consent as set by each member state (ranging from 13 to 16 years) without parental consent. The App is designed for users aged 13 and above.

Age-Gating

The App may be age-gated on app stores to prevent download by users under the minimum age.

13. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit (HTTPS/TLS)
Secure data storage by our third-party service providers
Regular security assessments
Access controls and authentication

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

We will update the "Last Updated" date at the top of this policy
For material changes, we will notify you through the App or other means
Where processing is based on consent, we will seek your renewed consent for material changes before continuing such processing

We encourage you to review this Privacy Policy periodically for any changes.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: 0ndr4N@proton.me

Subject Line Suggestions:

For data access requests: "Data Access Request - Just Sudoku"
For data deletion requests: "Data Deletion Request - Just Sudoku"
For privacy concerns: "Privacy Inquiry - Just Sudoku"

We will respond to all legitimate requests within the timeframe required by applicable law.

16. Jurisdiction-Specific Provisions

16.1 European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland:

We process your data in accordance with GDPR and UK GDPR
You have the right to lodge a complaint with your local Data Protection Authority
We use Google's User Messaging Platform (UMP) to obtain and manage your consent
You can withdraw consent at any time through the App's settings

16.2 United States

If you are located in the United States:

California: CCPA/CPRA rights apply (see Section 11.3)
Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and other states: If you are a resident of these states, you may have rights including access, deletion, correction, and opt-out of targeted advertising under your respective state privacy law. To exercise these rights, contact us at 0ndr4N@proton.me
We do not sell your personal information
We do not share personal information for cross-context behavioral advertising without consent where required

16.3 Brazil

If you are located in Brazil, your data is processed in accordance with the Lei Geral de Proteção de Dados (LGPD). You may contact us or the ANPD (Autoridade Nacional de Proteção de Dados) with any concerns.

16.4 India

If you are located in India, your data is processed in accordance with applicable Indian data protection laws, including the Digital Personal Data Protection Act (DPDPA) as it comes into effect.

16.5 Canada

If you are located in Canada, your data is processed in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to access your personal information, request corrections, and withdraw consent. To file a complaint, you may contact the Office of the Privacy Commissioner of Canada.

16.6 Japan

If you are located in Japan, your data is processed in accordance with the Act on Protection of Personal Information (APPI). You have the right to request disclosure, correction, suspension of use, or deletion of your personal data. Cross-border transfers are conducted under appropriate safeguards as required by APPI.

16.7 South Korea

If you are located in South Korea, your data is processed in accordance with the Personal Information Protection Act (PIPA). You have the right to access, correct, delete, and suspend processing of your personal data. We ensure that cross-border data transfers comply with PIPA requirements.

16.8 Australia

If you are located in Australia, your data is processed in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs). You have the right to access and correct your personal information. To file a complaint, you may contact the Office of the Australian Information Commissioner (OAIC).

16.9 Other Jurisdictions

If you are located in a jurisdiction not specifically mentioned above, we will process your data in accordance with applicable local laws. If there is a conflict between this Privacy Policy and local law, the local law shall prevail.