Legal
Privacy Policy
We're a small studio from Estonia. We build apps that respect your data. Select an app below to read its specific privacy policy.
Select an app
Plainly
Who we are
Plainly is developed and operated by Puredata OÜ, a company registered in Estonia, European Union. As an EU-registered company we are subject to the General Data Protection Regulation (GDPR).
What data we collect and why
Plainly is designed to work locally on your device without requiring an account. If you choose to enable cloud sync (a paid feature), we collect the minimum data necessary to provide it:
- Email address — used solely to create and authenticate your account. We do not send marketing email.
- Financial data you enter — transactions, budgets, accounts, and goals that you manually create in the app. This data is encrypted in transit and stored in our database.
- Purchase and subscription data — processed by RevenueCat (our billing provider) to verify your subscription status. RevenueCat receives your anonymised App Store or Google Play purchase receipt. We do not store your payment card details.
Free users who do not create an account have all their data stored locally on their device only. We have no access to it.
What we do not collect
- We do not collect advertising identifiers
- We do not use analytics or behavioural tracking SDKs
- We do not sell your data to any third party
- We do not share your financial data with any external service
Data storage and security
Cloud data for synced accounts is stored in a PostgreSQL database hosted by Supabase in Frankfurt, Germany (EU). Data is encrypted in transit using TLS. We apply row-level security so that each user's data is accessible only to them.
Third-party processors
| Processor | Purpose | Location | Policy |
|---|---|---|---|
| Supabase | Database and authentication hosting | Frankfurt, EU | supabase.com/privacy |
| RevenueCat | Subscription and purchase management | USA | revenuecat.com/privacy |
| Google Play | App distribution and payment (Android) | USA | policies.google.com/privacy |
| Apple App Store | App distribution and payment (iOS) | USA | apple.com/legal/privacy |
Data retention
Your account data is retained for as long as your account is active. If you delete your account, all associated data is deleted from our servers within 30 days.
PokerPall
Who we are
PokerPall is developed and operated by Puredata OÜ, a company registered in Estonia, European Union. As an EU-registered company we are subject to the General Data Protection Regulation (GDPR).
What data we collect and why
PokerPall works without an account. No email address, no sign-in, no profile. The sections below cover every type of data that flows outside your device.
Game history and player data — everything you enter (player names, buy-in amounts, chip counts, game results) is stored locally on your device. This data is never sent to our servers.
Multiplayer session data — when you start or join a multiplayer game, the room code and the player name you enter for that session are sent to Supabase to sync the game across devices in real time. This data exists only for the duration of the game. When the game ends, the session is deleted from Supabase immediately. No game history is retained server-side.
Camera (when scanning a QR code) — the app requests camera access only when you choose to scan a QR code to join a multiplayer game. The camera is never accessed silently or in the background, and no images or video are captured or stored.
Anonymous usage analytics — we use PostHog to collect anonymous usage events such as which screens you visit and which features you use. These events contain no personal data and cannot be linked to you individually. This helps us understand how the app is being used so we can improve it.
Advertising (free tier only) — if you use the free tier, Google AdMob displays banner and interstitial ads. Google may collect your advertising identifier (IDFA on iOS, GAID on Android) and use it to personalise ads. This data is controlled by Google under their privacy policy. You can opt out of personalised ads in your device settings. The premium tier has no ads and no advertising data is collected.
In-app purchase — if you purchase the premium upgrade, the transaction is processed entirely by Google Play or Apple App Store. RevenueCat receives an anonymised purchase receipt to verify your purchase status. We do not see or store your payment details.
What we do not collect
- We do not collect your name, email address, or any contact information
- We do not store game history or player data on our servers
- We do not sell your data to any third party
- We do not track your location
Data storage and security
Multiplayer session data is stored in a Supabase database in Frankfurt, Germany (EU) and deleted immediately at game end. Anonymous analytics events are processed by PostHog and stored in the EU. All data in transit is encrypted using TLS.
Third-party processors
| Processor | Purpose | Location | Policy |
|---|---|---|---|
| Supabase | Multiplayer real-time session sync (ephemeral) | Frankfurt, EU | supabase.com/privacy |
| PostHog | Anonymous usage analytics | EU | posthog.com/privacy |
| Google AdMob | Advertising on free tier | USA | policies.google.com/privacy |
| RevenueCat | In-app purchase verification | USA | revenuecat.com/privacy |
| Google Play | App distribution and payment (Android) | USA | policies.google.com/privacy |
| Apple App Store | App distribution and payment (iOS) | USA | apple.com/legal/privacy |