1. Who We Are
Developer: Javier García (independent developer, Spain)
App name: Piedra o Gofre
Contact: piedraogofre@gmail.com
Website: https://piedra-o-gofre.web.app
This Privacy Policy applies to the Piedra o Gofre mobile application (Android and iOS) and web version, collectively referred to as "the App".
2. What Data We Collect and Why
2.1 Data You Provide (Optional)
| Data | When collected | Why |
|---|---|---|
| Google account name & email | Only if you choose to sign in with Google | To identify your account across devices and save your progress |
Signing in with Google is entirely optional. You can play the game without creating an account using anonymous authentication (see 2.2).
2.2 Data Collected Automatically
| Category | Data | Purpose |
|---|---|---|
| Anonymous user ID | A randomly generated Firebase UID (no name, no email) | Required to write telemetry to our database securely |
| Gameplay events | Game started/completed, rounds played, hints used, daily challenge status, category played | Analytics – understand how the game is played and improve difficulty balance |
| Word difficulty statistics | Aggregated counts per target word (total rounds, total plays, hints used). No user identity is attached to individual word records. | Improve the game's word difficulty algorithm |
| Invalid word attempts | Words attempted by players that are not in our dictionary. Stored anonymously without any personal identifiers or user IDs. Impossible to link back to individual players. Used to identify commonly attempted words, improve difficulty balance, and expand vocabulary. | Expand vocabulary, improve word difficulty, create product insights from aggregate trends |
| Category statistics | Aggregated play counts, abandonment and hint usage per category | Balance difficulty within each word category |
| App performance data | Screen load times, network request durations (via Firebase Performance) | Detect and fix performance regressions |
| Crash reports | Stack traces, device model, OS version, app version, and custom diagnostic keys (platform, build mode, premium status). No personal text content. | Identify and fix crashes (via Firebase Crashlytics) |
| Ad interaction events | Ad shown / ad clicked / ad rewarded (no ad content or targeting data is collected by us) | Track rewarded-ad conversion for in-app logic |
| Session metadata | App open/close timestamps, platform (Android / iOS / Web), app version, premium status (yes/no) | Segmentation for analytics dashboards |
2.3 Data Stored Locally Only
The following data is stored only on your device (using Hive / SharedPreferences) and is never sent to our servers:
- Game progress, score history, and achievement status
- Daily challenge completion records
- App settings and language preferences
- Your telemetry/analytics consent choice
2.4 Gameplay Data Collection – Anonymous and Aggregated
We collect anonymous gameplay interactions to improve game quality, expand vocabulary, and address gameplay issues. All gameplay telemetry is strictly anonymous and cannot be linked to your identity.
Specific gameplay data we collect includes:
- Word guesses: Letters guessed during each round (not stored with any player identifier).
- Invalid word attempts: Words attempted that are not in our dictionary, stored anonymously without any personal identifiers or user IDs. Impossible to link back to individual players.
- Hint usage: When hints are used during gameplay.
- Round progression: Game progression events (round won/lost, category played, time taken).
- Gameplay metrics: Aggregated statistics on category difficulty, word difficulty, hint requests per category.
Purpose of collection:
- Gameplay improvement: Identify commonly attempted invalid words and improve game difficulty balance.
- Vocabulary expansion: Discover valid words missing from our dictionary and add them to the game.
- Issue resolution: Identify and fix gameplay bugs or balance issues.
- Trend analysis: Understand overall gameplay patterns and usage trends in aggregate form only.
- Product insights: Aggregated anonymous statistics may be shared as general product insights or community trends.
Anonymization guarantee: All gameplay data sent to our servers is strictly aggregated and anonymous. We only collect counts, statistics, and hashed word identifiers — never raw text, user identifiers, or information that could identify individual players. We store no relationship between gameplay interactions and player identity. Even if you sign in with Google, your gameplay telemetry is recorded under an anonymous Firebase UID completely separate from your account.
How aggregated gameplay data may be used:
- Internal analytics dashboards to monitor game quality and player engagement.
- Published statistics or blog posts about aggregate player behaviour (e.g., "Top 10 most-attempted words this month").
- Product communication highlighting interesting gameplay trends or community milestones.
- Strategic improvements based on aggregate data patterns.
2.5 Data Minimization and Anonymization
We only collect data strictly necessary to improve the gameplay experience. All remote telemetry is anonymous and cannot identify players. Invalid word attempts are stored with no personal identifiers and cannot be linked back to individual users.
Retention: Anonymous gameplay data (invalid word counts, category statistics) is retained indefinitely as aggregated counters. No individual session or personal data records are retained after transmission. We take reasonable measures to prevent storage of personal information within gameplay telemetry.
2.6 Gameplay Inputs and Privacy
Gameplay text inputs are processed only as game data and are not treated as personal communications. Word guesses, invalid word attempts, and other gameplay interactions are analyzed solely for:
- Game mechanics and balance
- Vocabulary and dictionary improvement
- Aggregated gameplay statistics
These inputs are never read by humans as messages or treated as personal communications. They are processed automatically and stored in aggregated form only.
2.7 What We Do Not Collect
We do not collect or access:
- Text or communications outside of gameplay guesses
- Personal messages or emails
- Contacts, photos, or media from your device
- Location data
- Browsing history or personal communications
- Any data linked to your identity alongside gameplay statistics
Even when signing in with Google, we do not link your gameplay data to your account identity. Your gameplay telemetry is recorded under an anonymous Firebase UID that is not connected to your Google account.
3. Legal Basis for Processing (EU/UK users)
| Processing activity | Legal basis |
|---|---|
| Analytics and telemetry (gameplay events, word stats) | Consent – presented before first use; you can withdraw at any time in Settings |
| Anonymous gameplay data and invalid word attempts | Legitimate interest – improving game experience, vocabulary, and understanding gameplay trends through strictly anonymous, aggregated data that cannot identify players |
| Crash reporting and performance monitoring | Legitimate interest – necessary to maintain a functional, secure app |
| Anonymous authentication (Firebase Auth) | Legitimate interest – required for secure Firestore writes; no personal data is involved |
| Google Sign-In and account-based sync | Consent – explicit opt-in action by the user |
| Advertising (Google AdMob) | Consent – per applicable platform consent requirements |
4. Third-Party Services
We use the following Google / Firebase services, each governed by Google's Privacy Policy:
| Service | Data shared |
|---|---|
| Firebase Authentication | Anonymous UID; Google account email & name (only if you choose Google Sign-In) |
| Cloud Firestore | Aggregated, anonymised telemetry payloads described in section 2.2 |
| Firebase Analytics | Gameplay events and session metadata (only if consent given) |
| Firebase Crashlytics | Crash stack traces, device & OS info, app diagnostic keys |
| Firebase Performance Monitoring | Anonymous performance traces (screen load times, network latency) |
| Google AdMob | Ad impression & click events; AdMob may collect device identifiers for ad personalisation per its own policies |
We do not use any other third-party analytics, advertising, or tracking SDKs.
5. Data Retention
- Aggregated telemetry (Firestore): retained indefinitely as counter increments; no individual user session records are kept after the flush event.
- Firebase Analytics events: retained for 14 months per Google's default policy.
- Crash reports (Crashlytics): retained for 90 days per Firebase's default policy.
- Google account data: deleted from our systems when you delete your account (contact us at the email in section 1).
- Local device data: deleted when you uninstall the App or clear app data.
6. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate personal data.
- Erase your personal data ("right to be forgotten").
- Object to or restrict certain processing.
- Data portability – receive your data in a structured, machine-readable format.
- Withdraw consent at any time without affecting prior processing.
To exercise any of these rights, contact us at piedraogofre@gmail.com. We will respond within 30 days.
You can withdraw your analytics consent at any time inside the App: Settings → Privacy & Data → Analytics.
7. Children's Privacy
Piedra o Gofre is a word game suitable for all ages. We do not knowingly collect personal data from children under 13 (or under 16 in the EU). If you believe a child has provided us with personal data, please contact us and we will promptly delete it.
8. Data Security
All communication between the App and Firebase services is encrypted using TLS. Firestore security rules require authenticated requests for all write operations. We do not store passwords or payment card data.
9. International Data Transfers
Firebase and Google services may store and process data on servers located in the United States and other countries. These transfers are covered by Google's Standard Contractual Clauses and its participation in applicable data transfer frameworks.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent revision. For material changes, we will notify users via an in-app notice or update the App Store listing.
11. Contact
If you have any questions, requests, or complaints about this Privacy Policy or our data practices, please contact us:
Email: piedraogofre@gmail.com
Website: https://piedra-o-gofre.web.app