Privacy Policy

Last updated: 2026-05-08 — Beta placeholder. Subject to legal review before public launch.

This document is a beta placeholder written in plain language. It accurately reflects what the app collects today, but it has not been reviewed by counsel. A revised version will replace this before public launch.

Who we are

Roundup (“the app”) is operated as a sole proprietorship. Reach us at accounts@roundup.day.

What we collect

We collect only what we need to run the app:

Email address — when you sign in. Required for streak sync and leaderboards.
Display name — you set it after sign-in. Shown on leaderboards alongside a four-character disambiguator.
Gameplay data — puzzle outcomes, mistake counts, streaks, submission timestamps. Stored against your account.
Donations — if you donate, Stripe handles your payment details. We receive only the donation amount, your Stripe payment ID, and a non-identifying metadata field.
Device info — OS (iOS/Android), app version, and a randomly generated install identifier (used during beta to deduplicate puzzle votes; not tied to your real identity).
Beta-only: if you submit feedback or report a puzzle issue, we store the comment text plus the optional reference puzzle and your platform/version. Submission is anonymous unless you’re signed in.
Crash and error events — via Sentry. Includes your account ID (when signed in) but never your email or comment text.

We do not collect: contacts, photos, location, microphone, camera, advertising identifiers, browsing history, or any third-party tracking data.

How we use it

To run the puzzle, save your streak, and show leaderboards.
To process donations through Stripe.
To diagnose bugs (Sentry crash reports) and triage beta feedback (Resend transactional email to the operator’s inbox).
To compute aggregate statistics — daily active users, total donations, total debt paid down. These aggregates are publicly shared as part of the project’s public debt-payoff record. Aggregates never include personal identifiers.

Who we share it with

We use the following processors, each with strict access scoped to its purpose:

Supabase — database, authentication, edge functions.
Apple and Google — sign-in providers. Their policies apply to the sign-in flow.
Stripe — payment processing for donations. We do not store your payment card data; Stripe does.
Resend — transactional email (verification codes, beta digests).
Sentry — crash and error tracking.
Cloudflare — DNS, content delivery, this website.

We do not sell your data. We do not run advertising.

How long we keep it

Account data — until you delete your account. Deleting cascades to your gameplay results and feedback rows.
Anonymous play data — lives only on your device until you sign in; cleared if you uninstall the app.
Donations — retained per Stripe’s policy and accounting requirements (typically seven years).
Aggregate stats — retained indefinitely as part of the public debt-payoff record. These do not include personal identifiers.

Your rights

Access — you can see your data via the Stats and You tabs in the app.
Deletion — You tab → Delete Account permanently removes your account, gameplay results, streaks, and feedback rows. This is irreversible.
Donation refund — donations are non-refundable as a default, but if you’ve donated by mistake or in error, write to accounts@roundup.day within 30 days. We refund via Stripe.
EU/UK users (GDPR): rights of access, rectification, erasure, restriction, portability, and objection. Email accounts@roundup.day with a request and we will respond within 30 days.
California users (CCPA): rights of access, deletion, and opt-out. Use the same email; we treat all such requests the same way.

Cookies and local storage

The mobile app uses secure storage for session tokens (iOS Keychain / Android Keystore) and local storage for play history and the random install identifier. We do not use third-party cookies. This marketing site uses no analytics cookies.

Children’s privacy

Roundup is not directed to children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with information, write to accounts@roundup.day and we will delete it.

Security

We use HTTPS for everything, encrypted at-rest storage on Supabase, row-level security policies that scope database reads to your own data, and server-side validation of every gameplay submission. No system is perfectly secure; we work to minimize risk and disclose breaches if they happen.

Changes to this policy

We’ll update this page when we change practices. Material changes will be announced in the app and on social channels.

Contact

Questions, requests, complaints: accounts@roundup.day.