Privacy Policy

Last updated: March 4, 2026

This Privacy Policy explains how FindTheBrick collects, uses, stores, and shares personal data when you use the FindTheBrick mobile application and related services.

1. Data Controller

If you have privacy-specific requests (access, deletion, correction, objection), contact us at the same address and include "Privacy Request" in the subject.

2. Scope

This policy applies to:

  • The FindTheBrick iOS app
  • Authentication, analytics, crash reporting, and advertising services used by the app
  • Marketing email preferences managed in-app

3. Data We Collect

Depending on how you use the app and your consent choices, we may collect:

3.1 Account and Contact Data

  • Name (display name from login provider)
  • Email address
  • User identifier (Firebase UID)
  • Sign-in provider metadata (Apple / Google)

3.2 Usage and Product Interaction Data

  • Screen views and in-app interaction events
  • Search and detection workflow events
  • App settings and preference selections
  • Session and usage metrics

3.3 Diagnostics and Performance Data

  • Crash reports and non-fatal error reports
  • Performance traces (loading times, inference metrics, app performance)
  • Technical context used for debugging (app version, device model, iOS version, runtime state)

3.4 Advertising and Device-Related Data

  • Advertising data generated by ad requests
  • Device identifiers used for advertising or fraud prevention (for example IDFA where permitted, SDK-generated identifiers)
  • Approximate location inferred by third-party advertising systems (for example via IP geolocation)
  • Device vendor identifier (IDFV) stored locally for app/device context

3.5 User-Provided Media and Permissions

  • Camera access (for brick detection features)
  • Photo library access (for selecting or saving images, when user enables it)

4. Purposes of Processing

We process data for the following purposes:

  • App functionality (authentication, user profile, core features)
  • Security and fraud prevention
  • Analytics and product improvement
  • Crash diagnostics and reliability monitoring
  • Advertising and monetization
  • Developer communications and marketing (only where consented)
  • Legal compliance and enforcement

5. Legal Bases (GDPR)

For users in the EEA/UK/Switzerland, legal bases include:

  • Contract performance: to provide core app functionality and account access
  • Consent: marketing emails, analytics/crash toggles, and ad personalization/tracking where required
  • Legitimate interests: service reliability, debugging, security, and abuse prevention
  • Legal obligations: compliance with applicable law and lawful requests

You can withdraw consent at any time from in-app settings where available.

6. Third-Party Services and Recipients

We use third-party processors/service providers including:

  • Google Firebase (Authentication, Firestore, Analytics, Crashlytics, Performance)
  • Google AdMob / Google Mobile Ads (advertising and measurement)
  • Google User Messaging Platform (consent messaging)
  • Apple Sign in with Apple
  • Google Sign-In

These providers may process data under their own terms and privacy notices as data processors or independent controllers depending on context.

7. Tracking, ATT, and Ad Consent

  • The app may request tracking permission through Apple's ATT.
  • For regions requiring consent (for example under GDPR/ePrivacy), consent messaging is handled through Google's User Messaging Platform.
  • If consent is not granted, analytics/crash/ads features may be limited or disabled according to selected settings and applicable law.

8. Marketing Communications

  • Marketing emails are optional (opt-in).
  • You can change marketing preferences from in-app settings.
  • You can unsubscribe from marketing emails at any time using the unsubscribe link in messages.

9. Data Retention

We retain data only for as long as necessary for the purposes described above, including:

  • Account data: while your account remains active and for limited periods afterward as needed for legal/security obligations
  • Analytics/diagnostics: according to configured retention windows in third-party platforms
  • Marketing preference records: to maintain consent history and legal compliance

When data is no longer needed, it is deleted or anonymized where feasible.

10. International Data Transfers

Your data may be processed in countries outside your country of residence. When required by law, we rely on appropriate safeguards (such as contractual safeguards provided by service providers).

11. Your Privacy Rights

Depending on your region, you may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent
  • Lodge a complaint with a supervisory authority

California (CCPA/CPRA) and similar US state laws

Residents may have rights to know, delete, correct, and opt out of certain sharing/targeted advertising. You can submit requests using the contact details below.

Brazil (LGPD) and other jurisdictions

Equivalent rights may apply, including confirmation of processing, access, correction, anonymization, deletion, and portability, subject to local legal requirements.

12. Children's Privacy

FindTheBrick is not directed to children under 13 (or higher local digital age thresholds where applicable). We do not knowingly collect personal data from children without appropriate legal basis or consent.

13. Security

We use reasonable technical and organizational safeguards designed to protect data against unauthorized access, alteration, disclosure, or destruction. No method of transmission or storage is 100% secure.

14. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated through the app and/or website where appropriate. The "Last updated" date will reflect the latest version.

15. Contact Us

For any privacy request or question: