Privacy Policy

Version 1.0 · Effective 11 June 2026

The short version. We collect what we need to run your account, power leaderboards and duels, keep the community safe, and keep the app secure. We do not sell your data and we do not share it with advertisers. You can ask us to access or delete your data at any time.

1. Who We Are

Boolip is operated by Boolip Ltd, a company registered in Israel (company no. 517350443), David Saharov 3, Rishon LeZion, Israel (“Boolip”, “we”, “us”). Boolip is a social arcade: a curated feed of quick mobile games, friend-to-friend duels, and daily leaderboards. This Policy explains what we collect, why, and your rights.

2. What We Collect

Account data

Your email address, display name, avatar, and any profile information you provide. When you sign in with a third party (Apple or Google), we receive the basic profile fields that provider returns — typically your name, email, and avatar.

Activity & content data

The comments you post, the likes and saves you give, the people you follow, the messages you send to other users, and any gameplay clips you choose to record and share.

Gameplay data

Scores, play durations, completion status, duel results, and leaderboard/coliseum progress. We collect this to power leaderboards, challenges, duels, and your own statistics.

Safety & moderation data

We log reports you file and reports filed against your content or profile, along with the moderation decision and reasoning. This data is used for safety, audit, and to improve our filters.

Technical data

IP address, user agent, device type, approximate region (derived from IP), referrer, and basic interaction telemetry (screen views, load latency). We use this for security, abuse prevention, and product analytics.

Notifications

If you enable push notifications, we store a device push token so we can send you duel invites, leaderboard updates, and important account notices. You can turn notifications off at any time in your device settings.

3. How We Use Your Data

To provide and operate the Service (create your account, serve games, host your content);
To power social features — leaderboards, duels, follows, and messages;
To moderate content and enforce our Terms (reports, review, enforcement actions);
To prevent fraud, abuse, and unauthorized access (rate limits, anomaly detection);
To communicate with you about your account, safety reports, or material policy changes;
To improve the Service (which games people enjoy, where the app can be faster or clearer).

4. Third-Party Processors

We share specific data with the following processors strictly to operate the Service. Each is bound by its own data-processing agreement. We do not sell your personal data, we do not share it with advertisers, and we do not track you across other companies’ apps or websites for advertising.

Processor	Purpose	Data shared
Vercel	Hosting, CDN & asset storage	Application traffic, request logs, uploaded clips/assets
Neon	PostgreSQL database	All persistent account & gameplay data
Upstash (Redis)	Rate limiting & caching	User IDs, transient counters
Apple	Sign in with Apple	OAuth profile (name, email)
Google	Sign-in	OAuth profile (email, name, avatar)
Google Firebase (Cloud Messaging)	Push-notification delivery (Android)	Device push token, device identifiers
Sentry	Error monitoring	Stack traces, request metadata

5. Where Your Data Lives

Our primary database (Neon) is hosted in EU regions. Media and assets are stored on Vercel (multi-region with EU presence). Some processors may process limited data outside the EEA; where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

6. Retention

Account data: while your account is active, plus up to 30 days after a deletion request.
Content you publish (comments, clips): retained while published; removed on takedown and hard-deleted within 30 days.
Safety & moderation logs and reports: retained 24 months for safety and audit.
Server logs: retained up to 90 days for security and debugging.

7. Your Rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, to object to processing, or to lodge a complaint with a supervisory authority. EU residents may exercise rights under the GDPR; California residents may exercise rights under the CCPA. To exercise any right, email support@boolip.com. We respond within 30 days.

Deleting your account

You can delete your Boolip account and its associated personal data at any time from within the app (Profile → Settings → Delete Account), or by emailing support@boolip.com from your registered address. When you delete your account, we erase your personal data within 30 days, except limited records we are legally required to retain (such as safety logs or fraud-prevention data) as described in Retention above.

8. Cookies & Local Storage

We use a session cookie to keep you signed in and a small set of local-storage entries to remember preferences (theme, last-viewed feed position). We do not use third-party advertising cookies. We use first-party analytics to measure performance; these do not identify you across other sites.

9. Children’s Privacy

The Service is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact support@boolip.com and we will delete it.

10. Security

We use industry-standard safeguards: encryption in transit (HTTPS/TLS), encryption at rest for our database, strong password hashing, least-privilege internal access, automated security monitoring, and regular review of our infrastructure. No method of transmission or storage is 100% secure; we work to continuously improve.

11. Changes to This Policy

We may update this Policy. When we make material changes, we will revise the version string above and notify active users so you can review and re-accept where required.

12. Contact

Privacy questions, data-rights requests, or general support: support@boolip.com.