Privacy Policy

1. Who We Are (Data Controller)

The data controller responsible for your personal data is:
Aralel
Contact: privacy@aralel.com

If you are located in the European Economic Area (EEA), you have the right to lodge a complaint with your local supervisory authority if you believe your data is processed unlawfully.

2. Data We Collect

We collect the minimum data necessary to operate the app:

• Game progress data (best score, session history, selected coin) — stored locally on your device. Never transmitted to our servers.
• Purchase and subscription status — processed by Apple (App Store) and RevenueCat. We do not see your payment details.
• Advertising identifier (IDFA) — collected only if you grant permission via Apple's App Tracking Transparency prompt. Used to serve personalised ads through Google AdMob.
• Game Center data — Apple manages your Game Center identity, leaderboard scores, and achievements. We only submit scores and achievement progress to Apple's servers.
• Crash and diagnostics data — collected anonymously by Apple via their standard diagnostics service (if you have opted in on your device).

3. Legal Basis for Processing (GDPR)

• Contractual necessity (Art. 6(1)(b)) — to operate the game, process purchases, and restore entitlements.
• Legitimate interests (Art. 6(1)(f)) — to maintain leaderboards and crash analytics that improve the app.
• Consent (Art. 6(1)(a)) — for personalised advertising. You are asked for explicit consent via the ATT prompt before any advertising identifier is accessed. You may withdraw consent at any time in Settings → Privacy & Security → Tracking, or via the Privacy Settings option inside the app.

4. Third-Party Services

The app integrates the following third-party services, each governed by their own privacy policy:

• Google AdMob — advertising. Google Privacy Policy
• RevenueCat — subscription and purchase management. RevenueCat Privacy Policy
• Apple Game Center — leaderboards and achievements. Apple Privacy Policy

We use standard contractual clauses and rely on adequacy decisions where data may be transferred outside the EEA (e.g. to the United States).

5. Data Retention

• On-device game data — retained until you delete the app or clear app data.
• Purchase records — retained by Apple and RevenueCat per their policies (typically up to 10 years for tax/accounting purposes).
• Ad interaction data — retained by Google per their policy (typically 9–18 months).

6. Your Rights (GDPR)

If you are in the EEA, you have the following rights:

• Right of access — request a copy of data we hold about you.
• Right to rectification — request correction of inaccurate data.
• Right to erasure ("right to be forgotten") — request deletion of your data.
• Right to restriction — request we limit how we process your data.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to object — object to processing based on legitimate interests.
• Right to withdraw consent — withdraw advertising consent at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at privacy@aralel.com. We will respond within 30 days.

7. Children's Privacy

Hedortal is not directed at children under 13 (or under 16 in the EEA where applicable). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

8. Security

All game data is stored locally on your device. We do not operate our own backend servers. Third-party services (Apple, Google, RevenueCat) maintain their own security practices and are contractually required to protect your data.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via an in-app notice or an update to this page. The "last updated" date at the top reflects the most recent revision. Continued use of the app after changes constitutes acceptance.

10. Contact

Questions or requests regarding this policy:
privacy@aralel.com