Privacy Policy

Last updated: [DATE TO BE FILLED IN BEFORE LAUNCH]

Placeholder. This page is a structural draft. The final Privacy Policy must be reviewed (or generated) by a qualified attorney or a reputable legal-text service before launch. It must also match the answers given in Apple's App Privacy questionnaire in App Store Connect.

1. Who we are

Bauman Games LLC ("Bauman Games," "we," or "us") operates the Chimera mobile game and related services (the "Service"). We are the data controller for personal information collected through the Service.

Contact: privacy@baumangames.com.

2. What we collect

2.1 Information you provide

Display name (optional) for marketplace listings and leaderboards.
Content reports you submit through the in-app reporting flow.
Support communications when you email us.

2.2 Information collected automatically

Anonymous user identifier generated at first launch and used to associate your inventory, currencies, and progression with your device.
Gameplay events required to operate the Service (matches played, packs opened, splices attempted, marketplace transactions).
Device information such as device model, operating system version, and approximate app version, for diagnostic and analytics purposes.
Crash logs and performance metrics, which may include stack traces and memory state at the time of a crash.

2.3 In-app purchase information

Purchases are processed by the Apple App Store (and, in the future, Google Play). We receive a receipt that confirms a purchase occurred and what was purchased; we do not receive your payment card information.

2.4 What we do NOT collect

Real name, address, phone number, or government ID.
Payment card details.
Location data (we don't request location permissions).
Contacts, photos, microphone, or camera (no permissions requested).
Advertising identifiers (we do not run third-party advertising).

3. Why we use it

To run the Service — your inventory, progression, and in-game economy.
To operate matchmaking and leaderboards.
To detect, prevent, and respond to abuse, cheating, or violations of our Terms.
To moderate AI-generated content before it is shown to other players.
To diagnose crashes and improve the Service.
To respond to your support requests and content reports.

4. AI-generated content

Some features of the Service generate text and images using third-party AI providers. The inputs sent to those providers are the names, traits, environments, sizes, and flavor text of the cards being combined — not personal information about you. We retain a moderation log of these generations to comply with app-store content-moderation requirements; the log does not include any personal information beyond your anonymous user identifier.

5. Who we share data with

We share information only with the service providers that help us operate the Service:

Supabase — database, authentication, storage, and edge function hosting.
Anthropic — AI text generation and moderation.
fal.ai — AI image generation.
Apple — payment processing for in-app purchases (Apple is an independent data controller for purchase data; their privacy terms apply).

We do not sell personal information. We do not share data with advertisers.

6. How long we keep it

We retain account and gameplay data for as long as your account is active. If you request deletion (see Section 8), we will delete or anonymize your account data within 30 days, except where we are required to retain it (for example, tax records of in-app purchases for the period required by law).

7. Children's privacy

The Service is rated 12+ and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has used the Service, please contact us at privacy@baumangames.com and we will delete the associated data.

8. Your rights

8.1 All users

You may request access to, correction of, or deletion of your account data at any time by emailing privacy@baumangames.com.

8.2 California (CCPA / CPRA)

California residents have the right to know what personal information we have collected, to request deletion, to correct inaccurate information, and to opt out of any sale or sharing of personal information. We do not sell or share personal information as defined by the CCPA.

8.3 European Economic Area / UK (GDPR)

Residents of the EEA or UK have rights of access, rectification, erasure, restriction, portability, and objection under the GDPR. To exercise these rights, contact us at the address above. Our lawful basis for processing is the performance of the contract you enter into when you accept the Terms, plus our legitimate interest in operating and securing the Service.

9. Security

We protect your data with industry-standard measures, including encryption in transit, server-authoritative game state to prevent client tampering, and row-level security on our database. No system is perfectly secure, but we work hard.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, for material changes, provide notice within the Service. If you do not agree to the updated policy, please stop using the Service.

11. Contact

Privacy questions or requests: privacy@baumangames.com.