Privacy Policy

We value your privacy and are committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights and options under applicable privacy laws, including GDPR and CCPA/CPRA.

We may update this Policy from time to time. We will notify you of any changes by posting the new Policy on this page and updating the "Last Updated" date. Continued use of our Services constitutes acceptance of the revised Policy.

Last Updated: February 2026

1. Data Controller

The data controller responsible for your information is:
GrittyCube Co., Ltd.
Email: privacy@grittycube.com
Address: 20 F.-1, No. 787, Zhongming S. Rd. Taichung, Taiwan

2. The Data We Collect

We may collect and process the following categories of information depending on your interactions with our Services.

You are not legally required to provide us with your data, but if you choose not to, we may not be able to provide the full range of Services, process your transactions, or respond to your inquiries.

Login and Account Information: Third-party login data (Google/Facebook user ID and profile picture), game account, player name, game progress, gameplay history, player ID (automatically generated), and login tokens.
User-Generated Content: Information you voluntarily input, upload, or create within our Services. This may include diary entries, financial transactions, notes, task lists, or photos, depending on the specific functionality of the App.
Device and Limited Location Information: Device type (Android/iOS), operating system and version, language, Advertising ID (e.g., IDFA, GAID), IP address and derived limited location (country or region level).
Crash Reports and Usage Statistics: Anonymous diagnostic and telemetry data (crash logs, performance metrics, feature usage, session duration) collected via Firebase to help us identify and fix issues.
In-app Purchase Information: Transaction timestamps, product IDs, and purchase confirmations (we do not collect or store your payment card details).
Communication Information: Email address and message content when you contact our support team or submit feedback.
Chat Records: In-game chat messages and player communications, temporarily stored for moderation and community safety (typically retained no longer than 12 months unless required for legal purposes).

3. Why We Collect Your Data

We process your data based on the following legal grounds:

Contractual Necessity: To provide the Services you requested (e.g., account sync, in-app purchases).
Consent: For personalized advertising and advanced analytics (which you can withdraw at any time).
Legitimate Interest: To prevent fraud, ensure network security, perform basic app optimization, and moderate community safety.
Legal Obligation: To comply with tax laws or lawful requests from authorities.

4. Who Can See Your Data

CCPA/CPRA Disclosure: In the preceding 12 months, we have collected the categories of personal information listed in Section 2 and disclosed them to the following trusted third-party service providers for business purposes:

Firebase – used for crash reporting, analytics, and performance monitoring. Firebase Privacy & Security
Google Cloud Platform (GCP) – used for backend hosting, database, and storage. GCP Privacy Notice
Cloudflare – used for CDN, caching, and DDoS protection. Cloudflare Privacy Policy
Advertising Partners – Google AdMob, Unity Ads, ironSource, AppLovin (these partners may use Advertising Identifiers or limited technical data to deliver personalized or non-personalized ads in accordance with your choices).

We do not sell your personal information in the traditional sense. This list of partners may be updated from time to time; you can view the most current list of sub-processors by contacting us at our privacy email.

5. International Data Transfers

Area of Use: Your data is primarily processed and stored in the United States, the European Union, and Taiwan, depending on where our service providers’ servers are located.

When we transfer data internationally, we ensure appropriate safeguards (such as Standard Contractual Clauses or Adequacy Decisions) are in place to protect your personal information in accordance with GDPR and other applicable laws.

6. Your Rights and Options

Depending on where you live (e.g., EU/EEA or California), you may have the following rights:

Access & Portability: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate personal data.
Deletion (“Right to be Forgotten”): You have the right to request the deletion of your personal data via Settings → Privacy Policy → Delete Account. Please note: Certain data (e.g., transaction records) may be retained as required by law even after account deletion.
Withdraw Consent: Withdraw consent for optional processing (e.g., personalized ads) at any time via the in-app Privacy Preferences.
Restrict or Object: Limit or object to certain data processing activities, including processing based on legitimate interests or automated decision-making.
Opt-Out of Sharing (CA Residents): We do not "sell" information, but we may "share" data for cross-context behavioral advertising. You may opt-out of this via the in-app "Privacy Preferences".

To exercise any of these rights, please contact us at privacy@grittycube.com. We will respond within 30 days or as required by law.

7. Cookies and Similar Technologies

We and our third-party partners use cookies, SDKs, and similar technologies to provide functionality, analyze usage, and deliver ads. These technologies may include advertising identifiers, local storage, or analytics SDKs.

You can manage your advertising and data-sharing preferences at any time within the app: Settings → Terms & Privacy → Privacy Preferences. From there you can enable or disable:

Personalized Ads — whether you allow personalized advertising.
Share Crash Reports & Usage Statistics — whether to send anonymous diagnostics to help improve the app.

You may also manage device-level controls:

Android: Settings → Google → Ads → Opt out of Ads Personalization
iOS: Settings → Privacy → Tracking (manage App Tracking Transparency)

8. Data Security and Retention

(a) Data Security: We implement industry-standard technical measures (such as HTTPS encryption and access controls) to protect your data. However, no method of transmission is 100% secure. You acknowledge that you provide your personal information at your own risk. To the extent permitted by law, we are not liable for any unauthorized access or data loss caused by factors beyond our reasonable control.

(b) Retention Periods: We adhere to the principle of storage limitation:

Gameplay & Technical Logs: Typically retained for 7-30 days and then anonymized or deleted.
Account Data: Retained as long as your account is active. Upon a valid deletion request, we will erase identifiable data within 30 days.
Financial & Legal Records: Transaction data and records related to legal disputes are retained for 5 years or more to comply with global tax, audit, and accounting regulations.

9. Children’s Privacy

Our Services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under 13 (or 16 in certain EU jurisdictions). If we become aware that we have inadvertently collected such data, we will take steps to delete it immediately. We do not perform targeted marketing to users known to be under age.

10. Governing Law

(a) Governing Law: This Policy and any disputes related to your privacy shall be governed by the laws of the Republic of China (Taiwan), without regard to conflict of law principles.

(b) Jurisdiction: Any legal action or proceeding arising under this Policy shall be brought exclusively in the Taiwan Taichung District Court as the court of first instance.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

mail privacy@grittycube.com

business 20 F.-1, No. 787, Zhongming S. Rd. Taichung, Taiwan