Privacy Policy

Last updated: 23 March 2026  ·  Effective date: 23 March 2026

This Privacy Policy explains how Fernando Frizzo ("we", "us", or "our"), the developer of Football Sudoku, collects, uses, and protects your personal data when you use our mobile application. We are based in London, United Kingdom, and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Developer: Fernando Frizzo
Location: London, United Kingdom
Contact: fernandofrizzo@gmail.com

We act as the data controller for personal data collected through Football Sudoku.

2. Data We Collect

• Account data — email address and encrypted password, collected when you create an account.
• User identifier — a unique ID assigned to your account on our backend (Supabase).
• Device identifier — an anonymous device ID used for analytics and crash reporting.
• In-app events — gameplay events (e.g. puzzle started, puzzle completed, division changed) used to improve the game. No personally identifiable information is attached to these events beyond your user ID.
• Purchase data — subscription status and purchase history managed by RevenueCat. We do not store your payment card details.
• Advertising identifiers — on iOS, your IDFA (Identifier for Advertisers) may be accessed by the advertising SDK (Google AdMob) only after you grant permission via the App Tracking Transparency prompt. On Android, the advertising ID is used in line with Google Play policies.

3. How We Use Your Data

• To create and manage your account and game progress.
• To process your premium subscription via RevenueCat.
• To display advertisements to free-tier users via Google AdMob.
• To analyse gameplay patterns and improve the game experience.
• To respond to support requests or legal obligations.

4. Legal Basis for Processing (UK GDPR)

• Contract (Article 6(1)(b)) — processing your account data to provide the service you signed up for.
• Legitimate interests (Article 6(1)(f)) — analytics and crash reporting to maintain and improve the app.
• Consent (Article 6(1)(a)) — advertising identifier access on iOS (you can withdraw consent at any time via device settings).
• Legal obligation (Article 6(1)(c)) — where required by law.

5. Third-Party Services

We share data with the following processors, each operating under their own privacy policies:

• Supabase (authentication & database) — supabase.com/privacy
• RevenueCat (subscription management) — revenuecat.com/privacy
• Google AdMob (advertising, free tier only) — policies.google.com/privacy

We do not sell your personal data to any third party.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data (email address, user ID, and game progress stored on our servers) is permanently deleted within 30 days. Anonymised analytics data that cannot be linked back to you may be retained indefinitely.

7. Your Rights Under UK GDPR

You have the right to:

• Access the personal data we hold about you.
• Rectification of inaccurate data.
• Erasure ("right to be forgotten") — you can delete your account directly in the app under Settings → Delete Account, or contact us.
• Data portability — request a copy of your data in a machine-readable format.
• Object to processing based on legitimate interests.
• Withdraw consent for advertising tracking at any time via your device's privacy settings.

To exercise any of these rights, contact us at fernandofrizzo@gmail.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Children's Privacy

Football Sudoku is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. International Data Transfers

Some of our third-party processors (Supabase, RevenueCat, Google) may process data outside the UK. Where this occurs, appropriate safeguards are in place (such as Standard Contractual Clauses or adequacy decisions) to ensure your data is protected to UK GDPR standards.

10. Security

We use industry-standard security measures including encrypted connections (TLS/HTTPS) for all data in transit. Account passwords are hashed and never stored in plain text.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via the app or by email. Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact

For any privacy-related questions or requests:
Email: fernandofrizzo@gmail.com