Privacy Policy

Last updated: March 28, 2026

This Privacy Policy describes how Cipherly ("we", "us", or "our") handles information when you use our mobile application Cipherly ("the App").

1. Information We Collect

Cipherly is designed to minimize data collection. By default, all game data is stored locally on your device. If you choose to sign in with Google, some data is also stored in the cloud.

Local data (stored on your device only):

• Game progress (puzzles solved, mistakes, reveals used)
• Experience points (XP) and level
• Daily streak and best streak
• App theme preference (dark/light/system)

Cloud data (only if you sign in with Google):

• Google account email address and display name
• A unique user identifier (Google UID)
• Game progress (same as above, synced to cloud for backup and cross-device restore)

Cloud data is stored in Google Firebase Firestore, hosted on Google's infrastructure. Signing in with Google is entirely optional — the App works fully without it.

2. How We Use Your Data

• Local data — Used solely to save your game progress on your device. Never transmitted to us.
• Google account data — Used to identify your account and sync your progress across devices. We do not share this data with third parties.
• Analytics data — Used to understand how players interact with the App (e.g., which puzzles are completed, how often hints are used) in order to improve the experience. This data is anonymous and aggregated.

3. Advertising (Google AdMob)

The App uses Google AdMob to display advertisements. AdMob may collect and process data to serve personalized or non-personalized ads, including:

• Device identifiers (Android Advertising ID)
• IP address and approximate location
• App usage and interaction data
• Device information (model, OS version)

This data is collected and processed by Google LLC in accordance with their privacy policy. You can review Google's privacy policy at https://policies.google.com/privacy.

You can opt out of personalized advertising by adjusting your device settings:

• Android: Settings → Google → Ads → Opt out of Ads Personalization

4. Google Sign-In

The App offers an optional Sign in with Google feature to back up and sync your game progress. When you sign in with Google:

• We receive your Google account email and a unique identifier from Google
• Your game progress is stored in Firebase Firestore under your account
• You can sign out at any time from the Settings screen — your progress remains saved in the cloud and can be restored on any device by signing in again
• You can request deletion of your cloud data by contacting us at florinavram@gmail.com

Google Sign-In is governed by Google's Terms of Service and Privacy Policy: https://policies.google.com/privacy.

5. Firebase (Google)

The App uses the following Firebase services by Google LLC:

• Firebase Authentication — Manages user identity (anonymous sessions and Google Sign-In)
• Firebase Firestore — Stores cloud game progress for signed-in users
• Firebase Analytics — Collects anonymous usage data to help us improve the App
• Firebase Crashlytics — Collects crash reports to help us fix bugs
• Firebase Remote Config — Allows us to update App configuration without requiring an App update

All Firebase services are operated by Google LLC. Data may be processed on servers located outside the EEA. For more information, see https://firebase.google.com/support/privacy.

6. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), including Romania, our legal bases for processing data are:

• Legitimate interest (Article 6(1)(f) GDPR) — For providing a free application supported by advertising and for crash reporting
• Contract performance (Article 6(1)(b) GDPR) — For storing and syncing game progress when you choose to sign in with Google
• Consent — Where required by applicable law for personalized advertising

7. Data Retention

• Local data — Retained on your device until you uninstall the App or clear App data
• Cloud data — Retained until you request deletion by contacting us
• Anonymous Firebase sessions — Automatically deleted by Firebase after 30 days of inactivity

8. Children's Privacy

The App is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, please contact us and we will take steps to delete such information.

9. Your Rights (GDPR)

If you are located in the EEA, you have the following rights regarding your personal data:

• Right of access — You can request information about data processed about you
• Right to erasure — You can request deletion of your cloud data by contacting us; local data can be deleted by uninstalling the App
• Right to portability — You can request a copy of your data
• Right to object — You can opt out of personalized advertising as described above

10. Third-Party Services

The App integrates the following third-party services:

• Google AdMob — Advertising platform. Privacy policy: https://policies.google.com/privacy
• Google Firebase — Authentication, database, analytics, crash reporting. Privacy policy: https://firebase.google.com/support/privacy
• Google Sign-In — Optional authentication. Privacy policy: https://policies.google.com/privacy

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

florinavram@gmail.com