Privacy Policy

Effective May 17, 2026

This Privacy Policy explains what data the Unscroll app collects, how we use it, who we share it with, and the rights you have. We aim to collect as little as possible.

1. Who we are

Nifu Games is the controller of personal data processed through Unscroll. Contact: support@nifugames.com.

2. What we collect

Data you provide

• Check-ins and reflections — mood ratings, short notes, reasons you select. Stored locally by default; synced to our servers only if you sign in.
• Account info — if you sign in, we receive an opaque user identifier and (if you choose to share it) the email Apple provides via Sign in with Apple.

Data the App reads from the device (with your permission)

• Screen Time / Family Controls — the App uses Apple's Family Controls / DeviceActivity APIs to detect when you open apps you have chosen to track. Underlying usage data stays on your device, protected by Apple. The App receives only opaque event signals (not the contents of those apps).
• Notifications — if you allow notifications, the App sends you reminder pushes; no notification content is transmitted to our servers beyond what is necessary to schedule the reminder.

Technical data

• Device identifiers — App Attest assertions and an installation identifier used to prevent abuse.
• App diagnostics — basic event logs (e.g., a check-in was recorded). We do not link these to advertising profiles.
• Subscription state — managed via RevenueCat and Apple. We see entitlement status, not your full purchase history.

3. What we do not collect

• The content of other apps you use.
• Your contacts, photos, microphone, camera, precise location, or health data.
• Cross-app or cross-website tracking identifiers for advertising.

4. Why we use your data

• Provide the App — show your check-ins, sync them across your devices, generate insights at your request.
• Subscriptions — verify your entitlement.
• Abuse prevention — App Attest, rate limiting, fraud detection.
• Service improvement — aggregate, non-identifying analytics about features used.
• Legal obligations — comply with applicable laws and lawful requests.

5. Legal bases (EEA / UK users)

• Contract — to provide the App you have requested.
• Legitimate interests — to keep the App secure and to improve it, balanced against your privacy.
• Consent — for optional features, notifications, and any tracking that requires it. You can withdraw consent at any time.
• Legal obligation — when required by law.

6. Third-party processors

We share the minimum data necessary with the following service providers:

• Apple Inc. — App Store, Sign in with Apple, Screen Time / Family Controls, App Attest, push notifications.
• Supabase, Inc. — database, authentication, storage, and serverless functions.
• RevenueCat, Inc. — subscription management.
• Cloudflare, Inc. — content delivery, hosting, security.
• Anthropic, PBC — generates AI summaries when you use AI features. Prompts contain only the data needed for that request and are sent without your identity beyond a server-side request key.

We do not sell your personal data. We do not "share" personal data for cross-context behavioural advertising as defined by the California Consumer Privacy Act.

7. International transfers

Our processors operate servers in the United States, the European Union, and other regions. Where data is transferred outside your country, we rely on appropriate safeguards (such as standard contractual clauses) provided by those processors.

8. Retention

We keep your data for as long as your account is active. You can delete your data at any time from within the App; deletion requests are honoured within 30 days, except where we are required to retain certain records (for example, transaction records for tax or accounting purposes).

9. Security

We use encryption in transit (TLS), encryption at rest where supported by our processors, row-level security on our database, App Attest assertions to reduce abuse, and least-privilege access controls. No system is perfectly secure; you acknowledge this when using the App.

10. Your rights

Depending on where you live, you may have the right to:

• access the personal data we hold about you;
• correct inaccurate data;
• delete your data;
• port your data to another service;
• object to or restrict certain processing;
• withdraw consent;
• lodge a complaint with your local data-protection authority (in Türkiye: KVKK; in the EU/EEA: your national supervisory authority; in the UK: the ICO).

To exercise these rights, email support@nifugames.com. We may need to verify your identity before responding.

11. Children

The App is not directed to children under 13 (or the higher minimum age in your jurisdiction). We do not knowingly collect personal data from children below that age. If you believe a child has provided us with personal data, please contact us so we can delete it.

12. Tracking transparency

We do not use your data to track you across other apps and websites in the sense defined by Apple's App Tracking Transparency framework. Our App's privacy "nutrition labels" on the App Store reflect the same scope described in this policy.

13. Changes

We may update this Privacy Policy from time to time. Material changes will be signalled in-app or on this page, and the effective date above will be updated.

14. Contact

Questions, requests, or complaints about privacy can be sent to support@nifugames.com.

---