HIDE/SEEK Privacy Policy
Effective date: June 1, 2026
Last updated: June 27, 2026
HIDE/SEEK (“the app”) is developed by Todd Blocksom. This privacy policy explains what data the app collects, how it is used, and how it is protected. This app is designed for use by families, including teens aged 13 and older.
Our commitments
- We do not sell, rent, or share your location data with any third party.
- We do not serve ads or use behavioral tracking.
- We do not use third-party analytics, advertising, or data-broker SDKs.
- We collect the minimum data required for gameplay and delete it when the session ends.
- Joining a game does not require creating an account or providing personal information.
Data we collect
Location data
What: GPS coordinates from your device during an active game session.
Why: Location is the core gameplay mechanic. Seekers see each other’s positions on a shared map. The app checks whether players are inside the game boundary and calculates proximity for the tag mechanic.
How long: Location pings are stored only for the duration of the active session. When a session ends, location data associated with that session is automatically deleted.
Who sees it: During a session, your location is visible to other players in your session according to the game rules (seekers see other seekers; no one sees the hider’s live position except through the spectator view). Location data is never shared outside your session.
Anonymous device identifier
What: When you open the app, a random anonymous identifier is generated using Supabase anonymous authentication. This is not linked to your Apple ID, email, phone number, or any other personal identifier.
Why: The identifier associates your device with your player slot in a session so the server can route game data to the right device.
How long: The identifier persists on your device for convenience (so you can rejoin a session if the app restarts). It is not used to track you across sessions or build a profile.
Player display name
What: A nickname you choose when joining a session (up to 16 characters).
Why: So other players in your session can identify you on the scoreboard and map.
How long: Stored for the duration of the session. Not linked to any real-world identity.
Player color and avatar
What: A color and avatar icon you select when joining.
Why: Visual identification during gameplay.
How long: Stored for the duration of the session.
Device push token
What: An Apple Push Notification token for your device, if you grant notification permission.
Why: To deliver real-time game alerts (round start, curse cast, tag event) when the app is in the background.
How long: Stored for the duration of the session. Not used for marketing or promotional notifications.
Camera (photos)
What: Photos you take in-app to answer a seeker’s question (e.g., “Take a photo of something near you”).
Why: Certain in-game questions may ask the hider to share a photo as proof. Photos are shared within the active session only.
How long: Photos are transmitted to session participants and are not stored on our servers after the session ends.
Apple Health (HealthKit)
What: If you turn on the optional “Log workouts” setting, the app saves each round you play as a workout — its type, duration, and an estimated distance — to the Apple Health app on your device.
Why: So the time you spend chasing and hiding counts toward your activity, the same as any other workout.
What we do NOT do: The app never reads any information from Apple Health, and it never sends health or workout data to our servers or to any third party. The data stays in Apple Health on your device, under your control. The feature is off by default, requires your explicit permission, and can be turned off at any time in the iOS Settings app under Privacy & Security → Health.
Data we do NOT collect
- Real names, email addresses, or phone numbers
- Apple ID or App Store account information
- Contacts, calendars, or browsing history
- Health or fitness data (the optional workout feature only writes to Apple Health on your device — we never read it or send it anywhere; see “Apple Health” above)
- Financial or payment information
- Advertising identifiers (IDFA)
- Data from third-party analytics, advertising, or tracking SDKs
Children and teens
HIDE/SEEK is designed for families playing together, with a primary audience of teens aged 13 and older accompanied by parents.
- The app does not require account creation or collection of personal information from any user, including minors.
- The app does not use behavioral advertising or tracking of any kind.
- Location data collected during gameplay is session-scoped and automatically deleted when the session ends.
- We do not knowingly collect persistent personal information from children under 13. If you believe a child under 13 has provided personal information through the app, please contact us and we will delete it.
Third-party services
HIDE/SEEK uses Supabase as its backend infrastructure (database, authentication, real-time data sync). Supabase processes game data on our behalf and does not use it for its own purposes. Supabase’s privacy policy is available at https://supabase.com/privacy.
Apple MapKit and MapTiler are used to render the game and spectator maps. Map tile requests are handled by those providers under their respective privacy policies. We do not send player location data to them beyond what is required to display the map.
We do not integrate any third-party advertising, analytics, or social media SDKs.
User-generated content and moderation
Players can choose a display name and share photos within a session. To keep the app safe:
- Display names are filtered for objectionable language.
- You can block another player at any time, which hides their name and photos from you.
- You can report a player or a photo; reports alert the session host, who can remove the player from the session.
- Before playing, every user agrees to a code of conduct with zero tolerance for objectionable content or abusive behavior.
Data retention and deletion
- Session data (location pings, player records, game state) is automatically deleted when a session ends.
- Anonymous auth tokens on your device can be cleared by deleting the app, or by using “Delete my data” in the app’s About & Legal screen, which removes your player records, any photos, and your anonymous account from our servers.
- You may request deletion of any data associated with your device by contacting us at the address below.
Data security
Game data is transmitted over encrypted connections (TLS). Access to session data is restricted by row-level security policies that ensure players can only see data from sessions they are participating in. Server-side functions run with restricted permissions and validate authentication on every request.
Changes to this policy
If we make material changes to this privacy policy, we will update the “Last updated” date at the top and, where practical, notify users through the app.
Contact
If you have questions about this privacy policy or want to request data deletion:
Email: toddblocksom@gmail.com
Todd Blocksom
San Francisco, CA