#DailySudoku privacy at a glance

This policy describes how the app stores game state locally on the device, when data may be transmitted to Google services, and how the planned ad and billing flows are handled.

Effective date: 2026-04-19
Last updated: 2026-04-19
Canonical URL: https://dailysudoku.app/privacy/
App package: so.object.sudoku
Publisher contact: TBD during Phase 7 hosting

Drafted to align with Play Console Data Safety and AdMob publisher requirements; legal review is still recommended before production release.

Google Play User Data / Data safety AdMob policies and restrictions

overview

1. Overview

`#DailySudoku` (the "app") is an offline Sudoku game for smartphones.

The app does not require account sign-up, and user progress, settings, and statistics are stored by default only on the user device. Only the data described in §2 may be transmitted to third-party servers through Google AdMob / UMP SDK integrations.

data-collection

2. Data Collection and Processing

The app keeps local gameplay data inside the device sandbox and does not access that data outside the device. Third-party collection applies only to the Google services described below.

2.1 Local-only data
Category	Examples	Retention	Storage
Gameplay state	Current puzzle, timer, mistake/hint counters, notes	Until a new game starts	DataStore Preferences
Settings	Theme, accent color, language, last difficulty	Until the app is deleted	DataStore Preferences
Completion history	Difficulty, solve time, score, completion date	Until the app is deleted	Room (SQLite)
Daily status	Today-completed epochDay, score, solve time	Until local-timezone midnight boundary	DataStore Preferences

Local data stays inside the app sandbox on the device. We do not access that data remotely.

2.2 Third-party (Google LLC - AdMob · UMP)

Google AdMob serves banner advertising and may collect Android Advertising ID, device information, approximate geography, network/IP address, and ad interaction events.

Google User Messaging Platform (UMP) is used to determine whether a consent form is required for the user region and to record the resulting consent choice.

AdMob transmission uses HTTPS to Google servers.
UMP transmission uses HTTPS to Google consent servers.
In EEA regions, consent is explicitly requested. Outside EEA, `canRequestAds()` defaults to true without a prompt.

2.3 Third-party (Google Play Billing - In-app purchase, Phase 8+)

The Google Play Billing Library is planned for the ad removal purchase flow in Phase 8 and later.

The billing flow may process purchase history, transaction identifiers, and Google account email for receipt and refund routing, but those details are handled by Google and are not stored by the app.

Purpose: purchase, restore, and refund the `ad_free_forever` item.
Transmission: HTTPS between device, Google Play, and Google Wallet.
App-local storage is limited to the `is_ad_free: Boolean` flag that records purchase ownership.
Users can review purchases and request refunds in the Google Play app, and a refund returns the app to `isAdFree=false` on the next launch.

purpose

3. Purpose of Collection

Core app functionality: saving game progress, keeping settings, and aggregating statistics, with local-only storage.
Supporting app costs: banner ads through AdMob transmission.
Regional compliance: GDPR / CCPA consent handling through UMP transmission.
Optional paid app experience: ad removal purchase through Google Play Billing transmission.

retention

4. Retention

Local data stays until the user deletes the app or clears storage. Cloud backup is not used.

Google Ads Data Retention

sharing

5. Third-Party Sharing

Data described in §2.2 may be transmitted to Google LLC in Mountain View, CA, USA for ad serving, consent management, and in-app billing.

No other third party receives or is sold user data by the app.

Google Mobile Ads SDK handles advertising.
User Messaging Platform SDK handles consent.
Google Play Billing Library handles the ad-removal purchase flow in Phase 8+.

Google Privacy Policy

rights

6. User Rights

Ad ID reset or deletion is available in Android Settings → Google → Ads.
Ad personalization can be turned off in the same Android settings area.
Consent can be withdrawn in EEA / UK / Swiss regions by using the privacy policy link inside the app and contacting the publisher through the hosted policy page, or by deleting the app so the stored consent state is cleared.
Deleting the app removes all local data immediately.
Because the app does not maintain accounts, server-side access or correction requests are not meaningful. Local data can be reviewed or deleted directly on the device.

children

7. Children's Privacy (COPPA / Under Age of Consent)

The app is not designed for children under 13.

UMP SDK calls default to `setTagForUnderAgeOfConsent(false)`. If a child uses the app, the guardian should disable ad personalization in device settings.

security

8. Security

Data in transit is encrypted with HTTPS/TLS, including AdMob and UMP traffic using Google certificates.
Local storage stays inside the app sandbox with UID isolation, so other apps cannot access it on a non-rooted device.

changes

9. Changes to this Policy

If this policy changes, the effective date will be updated and the latest version will remain available through the privacy policy link in app settings.

Major changes, such as adding a new SDK or expanding the data categories, will also be announced in the app.

contact

10. Contact

Project repository: https://github.com/object/sudoku
Privacy-related inquiries: contact email to be specified during Phase 7 hosting.

This policy follows the Google Play Store Data Safety declaration and AdMob publisher requirements as of 2026-04. Localization and legal refinement for EEA, UK, CH, US, and KR jurisdictions is still pending.