Privacy Policy — RARI
Last updated: 2026-05-02 Effective date: 2026-05-02
This Privacy Policy describes how RARI (“we”, “our”, or “us”) collects, uses, and shares your information when you use our mobile application (the “App”). We are committed to protecting your privacy and being transparent about our practices.
1. Information We Collect
1.1 Information you provide
- Account information: email address, password (encrypted), display name, username
- Profile information: avatar image, country, city, profile preferences
- Communications: messages you send through in-app chat, support tickets, ban appeals
1.2 Information collected automatically
- Game data: games played, scores, win/loss history, replays, achievements
- Progress: XP, level, prestige, supporter tier, unlocked items
- Device data: device type, operating system version, language preference, device identifier (for push notifications)
- Usage data: app interaction patterns, crash reports, performance metrics
1.3 Information from third parties
- OAuth sign-in: if you sign in with Google or Apple, we receive your email and basic profile info
- Purchase confirmations: RevenueCat provides us with subscription/purchase status (we do NOT receive your payment card details — those stay with Apple or Google)
2. How We Use Your Information
We use your information to:
- Provide and maintain the game functionality
- Authenticate your account and prevent fraud
- Match you with other players online
- Track your progress, achievements, and purchases
- Send you push notifications (game invitations, daily challenge, tournament updates)
- Personalize your experience (translations, recommendations)
- Display advertising (when you’re not a paid supporter)
- Detect, investigate, and prevent fraudulent or unauthorized activity
- Comply with legal obligations
3. Third-Party Services
We work with trusted third parties to provide the App:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase (database, auth, storage) | Backend hosting | All account and game data |
| Firebase (Google) | Crashlytics, push notifications, OAuth | Crash reports, device tokens, OAuth profile |
| RevenueCat | In-app purchase management | User ID, purchase history |
| Google AdMob | Display advertising | Anonymous device identifier, ad interaction data |
| Apple / Google | App store distribution + sign-in OAuth | Sign-in data, payment data (we don’t see card info) |
Each service has its own privacy policy. We recommend reviewing them.
4. Data Sharing and Disclosure
We do not sell your personal information. We share data only:
- With the third parties listed above (to provide the service)
- When required by law (court orders, legal process)
- To protect the rights, property, or safety of RARI, our users, or the public
- In connection with a business transfer (merger, acquisition) — you’d be notified
5. Your Rights
Depending on your location, you have the following rights:
- Access: request a copy of your personal data
- Correction: ask us to correct inaccurate data
- Deletion: delete your account at any time via Settings → Delete Account
- Portability: receive your data in a portable format
- Objection: object to certain processing (e.g., advertising)
- Withdrawal: withdraw consent where processing is based on consent
To exercise these rights, contact us at zabokatech@gmail.com.
6. Children’s Privacy
RARI is intended for users 13 years and older. We do not knowingly collect data from children under 13. If you believe we have collected data from a child under 13, please contact us immediately and we will delete it.
For users in the European Union, the minimum age is 16 years (as required by GDPR).
7. Data Retention
We retain your data for as long as your account is active. If you delete your account:
- Personal data is deleted within 30 days
- Aggregated, anonymized data may be retained for analytics
- Some data may be retained longer if required by law (e.g., financial records for purchases)
8. Security
We use industry-standard security measures:
- Encrypted data transmission (HTTPS/TLS)
- Encrypted password storage (bcrypt via Supabase)
- Row-level security on database tables
- Regular security audits
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
9. International Data Transfers
Your data may be processed in countries other than your own (Supabase servers, Firebase data centers). We ensure appropriate safeguards are in place.
10. Cookies and Tracking
Our App does not use cookies in the traditional sense, but:
- Google AdMob may use device identifiers for ad personalization
- You can opt out of ad personalization in your device settings
11. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated via:
- In-app notification
- Email (to your account email)
The “Last updated” date at the top will reflect the most recent revision.
12. Contact
For questions or concerns:
- Email: zabokatech@gmail.com
- Developer: Roodolph01
- Country of operation: Canada
By using RARI, you acknowledge that you have read and understood this Privacy Policy.