Privacy Policy for Diorama Tales
Last updated: May 8, 2026 Effective date: May 8, 2026
This Privacy Policy describes how Sourdough Games (“we”, “us”, “our”) collects, uses, and protects your information when you use our mobile game Diorama Tales (the “App”, package ID com.sourdough.dioramatales).
If you have any questions, contact us at: sourdoughgame@gmail.com
1. Information We Collect
1.1 Information You Provide
The App stores basic profile data locally on your device, such as your chosen player name and selected avatar. This data is kept in local storage (PlayerPrefs) on your device and is not transmitted to our servers.
1.2 Automatically Collected Information
When you use the App, the following information may be automatically collected by our service providers:
- Device information: device type, model, operating system version, language, region, screen resolution.
- Advertising identifier: Google Advertising ID (Android) or IDFA (iOS), used for advertising and install attribution. You can reset or limit this identifier in your device settings at any time.
- App usage data: levels played, time spent in the App, in-app actions, session duration.
- Crash and performance data: stack traces, error logs, device state at the time of a crash.
- Approximate location: country and region inferred from your IP address (we do not collect precise GPS location).
- Network information: connection type, IP address (used for fraud prevention and country-level analytics).
1.3 What We Do NOT Collect
- Your real name, email address, phone number, or postal address (unless you contact us directly).
- Your precise GPS location.
- Photos, contacts, calendar, or any other content stored on your device.
- Payment information — at the time of writing, the App contains no in-app purchases.
2. How We Use Information
We use the information we collect to:
- Operate, maintain, and improve the App.
- Save and restore your in-game progress and settings.
- Display advertisements (personalized or non-personalized — see Section 5).
- Measure ad performance and install attribution.
- Diagnose technical issues and fix bugs.
- Comply with legal obligations.
3. Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your personal data on the following legal bases:
- Consent (Art. 6(1)(a)) — for personalized advertising and analytics, where required by law.
- Legitimate interest (Art. 6(1)(f)) — for fraud prevention, crash reporting, and basic operation of the App.
- Performance of contract (Art. 6(1)(b)) — for providing the App’s core functionality.
You may withdraw your consent at any time via the App’s Privacy Settings menu, or by contacting us at sourdoughgame@gmail.com.
4. Third-Party Services
The App integrates the following third-party services. Each operates under its own privacy policy and may collect data as described below.
4.1 Firebase (Google LLC)
We use the following Firebase products from Google:
- Firebase Analytics — to understand how users interact with the App.
- Firebase Crashlytics — to diagnose and fix crashes.
- Firebase Remote Config — to remotely configure features.
Firebase may collect device identifiers, advertising ID, app event data, crash reports, and approximate location.
- Privacy Policy: https://firebase.google.com/support/privacy
- Data location: Google servers globally, including the United States.
4.2 AppLovin MAX (AppLovin Corporation)
We use AppLovin MAX to display advertisements. AppLovin may collect your advertising ID, device information, ad interaction data, IP address, and approximate location.
- Privacy Policy: https://www.applovin.com/privacy/
- Data location: AppLovin servers globally.
AppLovin MAX may also mediate ads from other ad networks (such as Google AdMob, Meta Audience Network, Unity Ads, Mintegral, and Vungle). Each mediated network operates under its own privacy policy. A current list is available at https://www.applovin.com/buyers/.
4.3 Tenjin (Tenjin, Inc.)
We use Tenjin for install attribution and ad revenue analytics. Tenjin may collect your advertising ID, app install events, in-app event data, and approximate location.
- Privacy Policy: https://www.tenjin.com/privacy-policy/
- Data location: Tenjin servers in the United States.
4.4 Google User Messaging Platform (UMP)
We use Google’s UMP SDK to manage user consent for advertising in compliance with GDPR. UMP itself does not collect personal data — it stores your consent choice as a TCF v2.2 string on your device.
- Privacy Policy: https://policies.google.com/privacy
5. Personalized vs. Non-Personalized Advertising
If you reside in the European Economic Area (EEA), the United Kingdom, or another region requiring consent under GDPR, we will request your consent for personalized advertising before serving any ads. If you decline:
- You will continue to see ads — they are required to keep the App free.
- The ads will be non-personalized, meaning they are based only on context (e.g., the App you are using), not your behavior or interests.
You can change your consent choice at any time via the App’s Privacy Settings menu.
For users in California, see Section 9 (CCPA Notice).
6. International Data Transfers
Some of our service providers (notably Google, AppLovin, and Tenjin) are based in the United States. By using the App, you understand that your data may be transferred to and stored in countries outside the European Economic Area, including the United States.
These transfers are made under safeguards required by GDPR Article 46, including Standard Contractual Clauses (SCCs) and applicable adequacy decisions.
7. Data Retention
- Locally stored data (game progress, profile, settings): retained on your device until you uninstall the App or clear app data.
- Analytics data: retained by Firebase per their default settings (currently 14 months for user-level data).
- Advertising data: retained by ad networks per their respective policies (typically 12–25 months).
- Crash reports: retained by Firebase Crashlytics for approximately 90 days.
- Attribution data: retained by Tenjin per their policies, typically up to 7 years for aggregated data.
8. Your Rights Under GDPR
If you are located in the EEA, the United Kingdom, or Switzerland, you have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you.
- Right to rectification — correct inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”) — request deletion of your personal data.
- Right to restriction of processing — limit how we use your data.
- Right to data portability — receive your data in a structured, machine-readable format.
- Right to object — object to processing based on legitimate interest or for direct marketing.
- Right to withdraw consent — at any time, without affecting the lawfulness of prior processing.
- Right to lodge a complaint — with the Polish Personal Data Protection Office (UODO): https://uodo.gov.pl/en, or another supervisory authority in your country of residence.
To exercise any of these rights, contact us at sourdoughgame@gmail.com. We will respond within 30 days as required by GDPR.
Please note that some of your rights may be exercised directly with our service providers — for example, you can opt out of ad personalization in your device’s system settings by limiting the use of your advertising identifier.
9. California Privacy Rights (CCPA)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights, including:
- The right to know what personal information we collect, use, and share about you.
- The right to delete your personal information.
- The right to opt out of the “sale” or “sharing” of your personal information for cross-context behavioral advertising.
- The right not to be discriminated against for exercising these rights.
To exercise these rights, contact us at sourdoughgame@gmail.com, or use the Privacy Settings menu inside the App to opt out of personalized advertising.
We do not knowingly sell personal information about consumers under 16 years of age.
10. Children’s Privacy
The App is rated for a general audience and is not directed to children under 13. We do not knowingly collect personal data from children under 13.
In some EU member states, the GDPR raises the age of consent to 16. If you are below the applicable age in your country of residence, please ensure you have the consent of a parent or legal guardian before using the App.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at sourdoughgame@gmail.com, and we will delete the information.
11. Apple App Tracking Transparency (iOS)
On iOS 14.5 and later, Apple requires us to ask for your permission before tracking your activity across other companies’ apps and websites. When you launch the App on iOS, you will see a system prompt asking for this permission. If you decline, advertising will be non-personalized, and certain attribution functions may be limited.
You can change this choice at any time in iOS Settings → Privacy & Security → Tracking.
12. Security
We implement reasonable technical and organizational measures to protect your data, including encryption in transit (TLS) and access controls on our service providers’ platforms. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, our service providers, or applicable law. The “Last updated” date at the top of this page will reflect the most recent revision. Significant changes will be communicated via the App or our public channels.
Your continued use of the App after the effective date of any change constitutes your acceptance of the updated policy.
14. Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact:
Sourdough Games Email: sourdoughgame@gmail.com Country: Poland
By using Diorama Tales, you acknowledge that you have read and understood this Privacy Policy.