← Back to Puzzle Duel Language:

Privacy Policy

Last updated: April 19, 2026

Puzzle Duel ("we", "our", or "us") operates the Puzzle Duel mobile application and the website at puzzleduel.net (collectively, the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

1. Information We Collect

Account Information

When you sign in with Google or Apple, we receive your name, email address, and profile photo from the identity provider.
If you sign in as a guest, we create an anonymous account with no personal data attached. Anonymous session identifiers are stored locally on your device so you can reclaim your account if you sign out.
Display names you choose within the app.
A unique friend code assigned to your account for social features.

Photos

During gameplay, you take photos using your device camera or select photos from your photo library. These photos are uploaded to our servers, shared with your opponent during the duel, and stored temporarily.
Photos are automatically deleted after the duel expires (within 24 hours).
Content sharing within the application takes place only between people on the mutually approved "Friends" list. Users personally assume responsibility for the individuals they add as friends. As a hosting provider, we are not obligated to monitor private communication between two users, and all legal and criminal responsibility for uploaded content rests with the user who uploads it.

Gameplay Data

Duel results (wins, losses, completion times, accuracy statistics, piece placement counts).
Solo mode results (best times per puzzle configuration).
Career mode progress (stages completed, attempts).
Leaderboard rankings (all-time and weekly) and win streak data.
Difficulty level and grid size preferences.

Device and Usage Data

Device type, operating system, app version, locale, and timezone.
Crash reports, error breadcrumbs, and performance diagnostics (via Sentry).
General usage analytics (e.g., screens visited, features used, matchmaking events, ad interactions) collected via Firebase Analytics.

Notification Data

Push notification tokens (FCM) for delivering game invitations and updates.
Notification permission status and engagement events.

Purchase Information

Subscription status and in-app purchase history are managed by RevenueCat. We do not directly collect or store your payment details (credit card numbers, billing addresses). These are handled by Apple App Store or Google Play Store.
Game credit balance, daily free game claims, and ad reward history.

2. How We Use Your Information

To provide and maintain the Service, including matchmaking, gameplay, leaderboards, and social features (friends, invitations).
To manage your account, subscriptions, and in-game economy (credits).
To send push notifications about duel invitations, game updates, and account activity.
To display personalized ads (for free-tier users) via Google AdMob (mobile) and Google AdSense (web).
To analyze usage patterns and improve the Service via Firebase Analytics.
To monitor errors, crashes, and performance issues via Sentry.
To detect, prevent, and address cheating, abuse, or technical issues via server-side validation and rate limiting.
To deliver remote configuration updates (feature flags, game balance, version requirements) via Firebase Remote Config.
To communicate with you about updates or support.

3. Third-Party Services

We use the following third-party services that may collect information:

Firebase (Google) — Authentication, Firestore database, Cloud Storage, Cloud Functions, Analytics, Cloud Messaging (FCM), Remote Config, and App Check. Firebase Privacy Policy.
Sentry — Error tracking, crash reporting, and performance monitoring. Sentry receives crash data, error breadcrumbs, and device information. We do not send personally identifiable information to Sentry. Sentry Privacy Policy.
Google AdMob / Google AdSense — Advertising for free-tier users. AdMob (mobile) and AdSense (web) may use cookies and device identifiers to serve personalized ads. Google Privacy Policy.
RevenueCat — Subscription and in-app purchase management. RevenueCat Privacy Policy.
Apple Sign-In / Google Sign-In — Authentication providers. Subject to their respective privacy policies.
Google reCAPTCHA — Used as part of Firebase App Check on web to verify authentic app instances. Subject to Google's Privacy Policy and Terms of Service.

4. Data Retention

Photos: Deleted automatically within 24 hours after the duel ends.
Gameplay data: Retained as long as your account exists, including duel history, solo mode records, career progress, and leaderboard entries.
Account data: Retained until you request deletion.
Error and crash data: Retained by Sentry according to their data retention policies (typically 90 days).
Notification tokens: Retained while your account is active and removed upon account deletion.

5. Data Security

We implement industry-standard security measures including:

Firebase App Check to verify authentic app instances (Play Integrity on Android, App Attest on iOS, reCAPTCHA v3 on web).
Server-side validation and rate limiting on all sensitive operations via Cloud Functions.
Encrypted data transmission (HTTPS/TLS).
Firestore security rules that restrict data access to authorized users.
Encrypted local storage for sensitive credentials.

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Children's Privacy

Our Service is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we discover that a child has provided us with personal data, we will delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

7. Your Rights

Depending on your location, you may have the following rights:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate data.
Deletion: Request deletion of your account and associated data. You can request account deletion directly within the app or by contacting us.
Portability: Request your data in a structured, machine-readable format.
Opt-out of personalized ads: You can opt out via your device settings or the ad consent dialog.
Notification preferences: You can disable push notifications via your device settings at any time.

To exercise any of these rights, contact us at the email below.

8. GDPR (European Users)

If you are located in the European Economic Area (EEA), our legal basis for processing your data is:

Consent: When you sign in and agree to this policy, and when you grant permissions (camera, notifications).
Contract: To provide the Service you requested (gameplay, matchmaking, subscriptions).
Legitimate interest: Analytics, error monitoring, security, and fraud prevention.

9. CCPA (California Users)

If you are a California resident, you have the right to:

Know what personal information we collect and how it is used.
Request deletion of your personal information.
Opt out of the sale of personal information. We do not sell your personal information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Email: privacy@puzzleduel.net