Privacy Policy

Last updated: 27 May 2026

Cubedoku is a 3D Sudoku game operated by Cubedoku (individual operator, privacy@cubedoku.com). This policy explains what data we collect, why, where it is stored, and the rights you have over it. Plain English; no dark patterns.

1. What data we collect

We collect only what the game and its paid tier actually need:

  • Your email address — if you sign in with Google OAuth. Stored in Supabase Auth. Used only to identify your account across devices and to contact you about your account (e.g. a deletion confirmation, a price-change notice).
  • Your nickname and country — if you choose to claim a nickname for the leaderboard. Stored in our public nicknames table. Nickname + country are visible on the Hall of Fame; this is the whole point of opting in.
  • Your puzzle solve times — if you upload your Daily Challenge result. Stored in our daily_runs table alongside puzzle ID, mode, size, and difficulty.
  • Your Cubedoku Pro subscription record — if you subscribe. Stored in our subscriptions table: subscription state (active / paused / cancelled), the Paddle subscription ID, the price tier, and renewal date. Your card number, billing address, and payment method are never stored on Cubedoku servers — they live with Paddle (see §4).
  • Essential session cookies — set by Supabase to keep you signed in across tabs. We do not use behavioural analytics. We use Plausible (cookieless, self-hosted-friendly) for aggregate page-view counts; it does not identify you and does not store cookies.
  • Advertising cookies (free tier, with your consent only) — if you play the free tier in the EU/UK and accept the consent banner, Google AdSense may set cookies to serve personalised ads. If you decline, AdSense runs in non-personalised mode (no profiling). Cubedoku Pro subscribers see no ads at all — no AdSense script even loads.

We do not collect: your IP address as a stored record, your device identifiers, your browsing history outside Cubedoku, your contacts, your location beyond the country code you explicitly pick yourself, or any data from Google account scopes beyond openid, email, and profile name.

2. Why we use it

  • Game features — restore your last game, sync favourites and stats across devices, show you on the Hall of Fame, let you replay your Daily Challenge.
  • Account management — let you sign in, sign out, export your data, and delete your account (or just your leaderboard records, without deleting the account).
  • Subscription billing — process Pro payments via Paddle, gate Pro-only features (Expert mode, ad-free) to active subscribers, send renewal and price-change notices.
  • Free-tier ads— Google AdSense serves ads on the free tier so the game can stay free. Funding Choices (a Google CMP) handles your EU/UK consent choice. If you don't want ads at all, subscribe to Pro or play in a region where ads do not load.

We do not sell your data, do not share it with data brokers, and do not use it to train AI models. We do not run cross-site behavioural ads of our own — the only third-party ad system in play is Google AdSense, and only on the free tier, and only with your consent in regions where consent is required.

3. Where it is stored

All Cubedoku-owned persistent data lives in Supabase, in the EU region (Frankfurt). Data does not leave the EU under normal operations. Supabase is our processor under GDPR Art 28; their security and sub-processor list is at supabase.com/privacy.

Local game state (your settings, last game, nickname draft before you submit) is stored in your browser's localStorage and never leaves your device unless you explicitly sign in or upload.

Billing data (card, address, tax residency) lives with Paddle (Paddle.com Market Limited, Ireland — EU merchant of record). Ad-serving data lives with Google (Google Ireland Ltd for EU users, Google LLC for US-based services). See §4 for the full sub-processor list.

4. Sub-processors and third parties

The following third parties process some of your data on our behalf. Each one is contractually bound (by Cubedoku's data processing agreement with them, or by their public DPA) to handle your data only for the purposes listed here.

  • Supabase (database + auth, EU/Frankfurt) — stores your email, nickname, leaderboard rows, and subscription state. Policy: supabase.com/privacy.
  • Paddle (merchant of record + billing, Ireland) — handles all Pro subscription payments. Paddle is our merchant of record, meaning Paddle (not Cubedoku) is your contractual counterparty for the payment, and Paddle remits VAT/sales tax in your country on our behalf. Paddle receives your card details, billing address, and tax residency; Cubedoku does not. Policy: paddle.com/legal/privacy.
  • Google AdSense(free-tier advertising, served from Google's EU and US infrastructure) — serves ads on the free tier only. With consent, ads may be personalised; without consent (or in regions without a consent banner where Google defaults are conservative), ads run in non-personalised mode. Pro subscribers see no AdSense traffic. Policy: policies.google.com/privacy.
  • Google Funding Choices (consent management platform for EU/UK users) — shows you the consent banner for advertising cookies and records your choice. Required by EU ePrivacy + GDPR; provided by Google as part of the AdSense stack. Policy: same Google privacy URL as above.
  • Plausible (cookieless analytics, EU-based) — aggregate page-view counts only, no per-user profile, no cookies. We use this in place of Google Analytics specifically because it does not identify visitors. Policy: plausible.io/privacy.
  • Vercel (hosting + CDN, EU/US edge) — serves the Cubedoku website. Vercel sees standard web-server logs (IP, user agent, request path) for a short retention window for abuse prevention. Vercel does not retain content data persistently. Policy: vercel.com/legal/privacy-policy.

If we add or change a sub-processor in a way that affects what data leaves the EU, or which categories of data leave Cubedoku at all, we will update this list before the change takes effect and email signed-in users.

5. Your rights (GDPR Articles 15–22)

If you are in the EU/EEA, the UK, or any other jurisdiction that grants similar rights, you have the following. All of these are available in-app, free, with no waiting period:

  • Right of access (Art 15)— sign in, open Settings → Account → Download my data. You will receive a JSON file containing your email, nickname, country, subscription state, and all your stored puzzle runs.
  • Right to rectification (Art 16)— sign in and edit your nickname in Settings. Email comes from your Google account; update it there.
  • Right to erasure / “right to be forgotten” (Art 17)— sign in, open Settings → Account → Delete account. Your auth record, nickname row, subscription record, and all puzzle runs are permanently removed. There is no soft delete and no retention period. Coming soon: if you want to clear only your leaderboard records without deleting your account, a separate Delete my records action will do exactly that and keep your nickname, account, and any active Pro subscription untouched.
  • Right to data portability (Art 20)— same JSON export as Art 15; the format is machine-readable and you can take it anywhere.
  • Right to object / restrict processing (Art 21, 18) — email privacy@cubedoku.com. We respond within 30 days. For the advertising sub-processor specifically (Google AdSense), the in-app consent banner (and your browser's Do-Not-Track / Global Privacy Control signal) is the fastest way to object.
  • Right to lodge a complaint— you may complain to your local data-protection authority. If you don't know which one, your country's entry on edpb.europa.eu has the contact.

6. Cookies and similar storage

Cubedoku uses three categories of client-side storage. We try to keep each one narrow:

  • Essential cookies — set by Supabase to keep your session active across tabs and reloads. Required for sign-in; cannot be disabled while signed in. No EU consent required (ePrivacy Art 5(3) essential-cookie exemption).
  • Advertising cookies (free tier only, EU/UK with consent) — set by Google AdSense / Funding Choices when you accept the consent banner. If you decline, no AdSense cookies are stored and ads run in non-personalised mode. If you subscribe to Pro, the AdSense script never loads and no advertising cookies are ever set.
  • Local storage (your device only) — your settings, current puzzle state, nickname draft. Stays on your device; cleared when you clear browser data.

We do not use first-party advertising cookies, fingerprinting, tracking pixels, or behavioural analytics cookies. We do not share data with data-broker networks.

7. Children

Cubedoku is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child under 13 has signed up, email privacy@cubedoku.com and we will delete the account immediately.

8. Security

Connections are HTTPS-only with strict Content Security Policy and HSTS. Database access is gated by row-level security policies that let you read only your own data and the public leaderboard. We use Supabase's OAuth flow; we never see your Google password. Paddle handles its own PCI-DSS compliance for card data; we do not receive or store card numbers.

9. Changes to this policy

If we change this policy in a way that affects you (e.g. new data collected, new sub-processor, new region), we will email signed-in users at least 14 days before the change takes effect. Anonymous players will see a banner on the home page. The “Last updated” date at the top of this page always reflects the latest version.

10. Contact

Privacy questions, complaints, requests for help with your rights: privacy@cubedoku.com. We are a small operation; please allow up to 30 days for a substantive response.