This policy explains what data the SudoKoum application ("the app", "we") processes, why, and what your rights are. Our guiding principle is data minimization: SudoKoum is a Sudoku game that works without a traditional account, without advertising and without any marketing tracker.
1.Data controller
- Controller Alexis Leroy, sole trader (entreprise individuelle), trading as "Kaizen Suru"
- Registration Créteil Trade and Companies Register (RCS) — No. 104 617 550
- Registered office 10 avenue des Peupliers, 94350 Villiers-sur-Marne, France
- Contact [email protected]
For any question about your data or to exercise your rights, write to us at the address above.
2.What we do NOT collect
To remove any ambiguity, SudoKoum does not collect:
- your real name, postal address or phone number;
- your geolocation;
- your contacts, photos (other than a chosen avatar, see §3) or other files;
- any data for advertising purposes: there is no advertising in the app;
- any data via third-party analytics trackers: we use no audience-measurement tool (no Google Analytics, no advertising SDK);
- your payment details: payments are handled exclusively by Apple and Google (see §7).
3.Data we process
| Data | Detail | Where it is stored |
|---|---|---|
| Account identifier | A technical, anonymous identifier generated automatically (Firebase Authentication). It is not linked to any real-world identity. | Firebase servers + device |
| Nickname | The nickname you freely choose (may be fictitious). Visible to other players in challenge leaderboards. | Firebase servers + device |
| Sharing ID | A random code (e.g. "ABCD-1234") used to add you as a friend. Reveals no personal information. | Firebase servers + device |
| Game progress | XP, level, wins, streaks, achievements, best scores. | Device, and cloud backup (Firebase) so you can recover it |
| Detailed statistics | History of your games (time, mistakes, score). | Device only (not sent) |
| Avatar | A photo optionally chosen as an avatar. | Device only (not sent) |
| Challenges and friends | Nicknames and sharing IDs of added friends, results of shared challenges. | Firebase servers |
| Notification token | A technical token used to send challenge notifications. | Firebase servers |
| Premium status | The fact that the "lifetime" purchase was made (without any payment detail). | Device + platform (Apple/Google) |
4.Purposes and legal bases (GDPR)
We process this data to:
- provide the game and its features (progress, leaderboards, challenges between friends) — legal basis: performance of the service you request;
- back up and restore your progress across devices — legal basis: performance of the service / your consent when you link an account (see §6);
- send you notifications related to challenges — legal basis: your consent (system notification permission, revocable at any time);
- ensure security and the integrity of the game (limit fraud) — legal basis: our legitimate interest.
5.Hosting and processors
Your online data is hosted by Google Firebase (Authentication, Cloud Firestore, Cloud Messaging), a Google service. We also rely on:
- Apple (App Store, payments, and — if you use it — "Sign in with Apple");
- Google (Google Play, payments, and — if you use it — Google sign-in);
- Expo (technical delivery of push notifications).
These providers may process data outside the European Union (in particular in the United States). Such transfers are governed by the mechanisms provided for by the GDPR (standard contractual clauses, applicable adequacy frameworks).
6.Account sign-in (optional)
By default, you play with an anonymous account, without providing any personal information. You may choose to link your progress to an Apple or Google account in order to recover it if you change device. In that case, we receive a stable account identifier provided by Apple/Google. With "Sign in with Apple", you can hide your email address (Apple private relay). This identifier is used solely to associate your progress with you; it is not used for any marketing purpose.
7.In-app purchases
The purchase of the premium version (one-time "lifetime" payment) is handled directly by Apple or Google. We neither see nor store your payment information; we only receive confirmation that the purchase was made, in order to unlock premium features. Restoring the purchase ("Restore purchase") relies on your Apple/Google account.
8.Push notifications
If you allow them, we send you notifications related to challenges (invitation, a friend's result). You can disable them at any time in your phone settings; the notification token then stops being used.
9.Retention period
- Online data is kept for as long as your account exists.
- You can delete your account directly in the app (Settings → Account → Delete my account): your associated online data (profile, cloud progress, friends) is then erased.
- Data stored only on the device (detailed statistics, avatar) is erased when you uninstall the app.
10.Your rights
Under the GDPR, you have the rights of access, rectification, erasure, restriction, objection and portability of your data. Erasure can be carried out autonomously via account deletion (§9). For the other rights, contact us (§1).
You also have the right to lodge a complaint with the competent supervisory authority (in France, the CNIL — www.cnil.fr).
11.Children
SudoKoum is a general-audience puzzle game. We do not knowingly collect data from children below the age required by local regulations. The applicable age rating is shown on the app's listing in each store.
12.Changes
We may update this policy. In the event of a significant change, we will indicate it in the app or on this page. The date at the top of the document reflects the latest version.