Privacy Policy — Do or Drink!

Last updated: July 1, 2026

This Privacy Policy explains how the "Do or Drink!" mobile application (the "App") collects, uses, and shares information about you. The App is provided by Oleksandr Ploskovytskyy, an individual sole proprietor based in Poland ("we", "us", or "our"), trading as "Game Time".

If you do not agree with this Policy, please do not use the App.

1. Who We Are and How to Contact Us

The data controller for the purposes of this Policy is:

Oleksandr Ploskovytskyy
Poland
Email: [email protected]

(A postal address is available on request by contacting us at the email above.)

For any privacy-related questions, requests, or complaints, contact us at the email above.

2. Summary

  • We collect a minimal amount of personal data: your name and email (via Apple Sign-In), purchase information, and usage analytics.
  • We do not sell your personal data.
  • We do not show ads and do not use advertising trackers.
  • Most gameplay data (player names you type, selected decks, game progress) stays on your device.
  • You can delete your account and associated data at any time from within the App.

3. Information We Collect

3.1 Information you provide

  • Account information (via Apple Sign-In): When you sign in, Apple shares your email address and name (given name and family name) with us, based on the permissions you grant. You may choose to hide your email using Apple's "Hide My Email" feature, in which case we receive a private relay address instead.
  • Player names: Names you enter to set up a game are stored locally on your device only and are not transmitted to our servers.

3.2 Information collected automatically

  • Purchase data: When you buy a deck, our payments provider (RevenueCat) and Apple process the transaction. We receive information about which products you have purchased and your entitlement status. We do not receive or store your full payment card details — Apple handles all payment processing.
  • Usage and analytics data: We use PostHog to understand how the App is used and to improve it. This includes data about how you interact with the App (such as screens viewed, features and decks used, and purchases made), device and technical information (such as device type, operating system version, app version, and language/locale), and approximate identifiers used to distinguish sessions and devices. The specific interactions we measure may change over time as we add or refine features, but they remain within these categories and serve the purposes described in this Policy.
  • Authentication/session data: Session and authentication tokens are managed by our backend provider (Supabase) to keep you signed in.

3.3 Information we do NOT collect

We do not request or access your camera, microphone, precise location, contacts, photos, or calendar.

4. How We Use Your Information

We use your information to:

  • Create and manage your account and keep you signed in;
  • Provide core gameplay, including delivering and unlocking card decks;
  • Process and restore in-app purchases;
  • Send push notifications if you opt in (e.g. about new decks and offers);
  • Understand usage, diagnose problems, and improve the App (analytics);
  • Comply with legal obligations and enforce our Terms of Use.

Legal bases (for users in the EEA/UK)

We process your data under the following legal bases (GDPR Art. 6):

  • Performance of a contract — to provide the App and process purchases;
  • Consent — for push notifications and, where required, analytics;
  • Legitimate interests — to secure, maintain, and improve the App.

You may withdraw consent at any time (e.g. by disabling push notifications in Settings).

5. How We Share Your Information

We share data only with service providers who help us operate the App:

Provider Purpose Data shared
Apple Sign-In and App Store payment processing Account identity, purchase transactions
Supabase Backend, authentication, database Email, name, session tokens
RevenueCat In-app purchase management Purchase and entitlement data, device identifiers
PostHog Product analytics Usage events, device/technical info, identifiers
Expo / EAS App builds and over-the-air updates Technical/app delivery data

We do not sell your personal data and do not share it with advertisers.

We may also disclose information if required by law, to protect our rights, or in connection with a business transfer.

6. International Data Transfers

We are based in Poland (EU). Your account and authentication data is stored with Supabase in the European Union (Stockholm, EU North region), and is not transferred outside the EEA. Some of our other service providers — including Apple, RevenueCat, and PostHog — may process data outside the European Economic Area, including in the United States. Where data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent mechanisms.

7. Data Retention

  • Account data (email, name) is retained for as long as your account is active.
  • Purchase records are retained as required for tax, accounting, and dispute purposes.
  • On-device data (player names, game state) remains until you clear it, log out, or delete the App.
  • Analytics data is retained for 12 months and then deleted or anonymized.

When you delete your account, we delete or anonymize your associated personal data within 30 days, except where we must retain certain records to comply with legal obligations.

8. Your Rights and Choices

Delete your account

You can delete your account and associated personal data at any time directly in the App: Settings → Delete Account. This removes your account and the personal data we hold about you, subject to legal retention requirements.

Push notifications

Notifications are opt-in. You can turn them on or off in Settings, or in your device's iOS settings.

Your data protection rights (EEA/UK and others)

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate data;
  • Delete your data;
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent;
  • Lodge a complaint with a supervisory authority. In Poland, this is the President of the Personal Data Protection Office (UODO).

To exercise these rights, contact us at [email protected].

9. Children's Privacy

The App is intended for adults only and is not directed at children. We do not knowingly collect personal data from anyone under the legal drinking age in their jurisdiction or under the minimum age required by our Terms of Use. If you believe a minor has provided us data, contact us and we will delete it.

10. Security

We use reasonable technical and organizational measures (including reputable providers such as Apple and Supabase) to protect your data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Changes to This Policy

We may update this Policy from time to time. We will post the updated version with a new "Last updated" date and, where appropriate, notify you in the App.

12. Contact

Questions? Email [email protected].