Privacy Policy

Privacy Policy - Atomic Tab

Effective Date: 12 April 2026

Last Updated: 12 April 2026

1. Controller and Scope

This Privacy Policy explains how Atomic Tab (the “App”) processes personal data when users download, install, access, or use the App on Apple platforms.

For the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and similar data protection laws, the controller is the Atomic Tab developer (“Developer”, “we”, “us”).

Controller contact: support@copycut.it
Developer legal address: [Insert legal/business address before publication]

No Data Protection Officer has been appointed unless legally required or separately stated.

2. Data Categories We Process

2.1 Usage, Gameplay, and App Data

The App may process gameplay and feature data, including:

• Game sessions, scores, accuracy, streaks, completion metrics, and mistakes
• Difficulty level, game mode, practice set, and feature usage
• Statistics views, learning progress, custom set usage, and session timing
• Crash, diagnostic, performance, and analytics events where enabled

2.2 User-Generated Content

The App may allow users to create and store:

• Custom study sets, including set names and selected elements
• Custom mnemonics and other free-text input

Users must not enter personal data, sensitive data, unlawful content, or third-party personal data into custom text fields unless they have a lawful basis and any required consent.

2.3 Device, Identifier, and Technical Data

The App or integrated SDKs may process:

• Device type, operating system version, language, region, and app version
• App instance identifiers, Firebase installation identifiers, and similar technical identifiers
• IP address, coarse location inferred from IP address, and network information when services are contacted
• Advertising identifiers, including Apple IDFA, only where permitted by Apple settings and consent
• Ad request, impression, click, reward, attribution, and fraud-prevention signals

2.4 Purchase and Entitlement Data

The App may process purchase-related information, including:

• Pro unlock entitlement status
• StoreKit transaction status and validation information
• Restore purchase status linked to the Apple Account used for the purchase

The App does not directly collect or store payment card numbers, Apple Account passwords, or billing credentials. Payments, refunds, taxes, and billing are handled by Apple.

2.5 Apple Game Center Data

If enabled, the App may process Game Center data made available by Apple, including:

• Authentication state
• Leaderboard scores and achievement-related information
• Game Center identifiers, nickname, avatar, and related player information

2.6 Support Communications

If a user contacts us, we may process the email address, message contents, attachments, device/app details voluntarily provided, and any information needed to respond.

3. Purposes and GDPR Legal Bases

Where the GDPR applies, we rely on these legal bases:

• Performance of a contract: to provide the App, save progress, enable Pro entitlements, restore purchases, provide requested support, and operate core features.
• Consent: to use IDFA or other tracking technologies where Apple App Tracking Transparency (“ATT”) or applicable law requires consent; for personalized ads where required; and for optional analytics or marketing features where consent is required.
• Legitimate interests: to improve stability, measure aggregate usage, prevent fraud and abuse, protect rewards and purchases, troubleshoot issues, and maintain security, provided those interests are not overridden by user rights.
• Legal obligation: to comply with accounting, tax, consumer protection, platform, law-enforcement, and regulatory obligations.

4. Local Storage

The App may store data locally using Core Data, UserDefaults, Keychain, local files, or Apple app sandbox storage. Local data may include statistics, progress, custom sets, mnemonics, app preferences, purchase status, and App state.

Local data generally remains on the device until the user deletes the App, clears data through an available App feature, restores the device, or changes device settings.

5. Third-Party Services

5.1 Firebase and Google Analytics for Firebase

The App may use Firebase and Google Analytics for Firebase to understand App usage, performance, feature adoption, stability, and diagnostics. These services may process app instance identifiers, device information, event data, diagnostics, performance data, and IP-derived information.

5.2 Google Mobile Ads and AdMob

The App may display banner ads, interstitial ads, and rewarded ads.

Google Mobile Ads may process device identifiers, advertising identifiers where permitted, IP address, app information, ad requests, impressions, clicks, reward events, diagnostic information, attribution data, and fraud-prevention signals. Ads may be personalized or non-personalized depending on consent status, ATT status, user region, Google settings, and applicable law.

5.3 Apple StoreKit and Game Center

StoreKit handles purchases, restore purchases, transaction validation, payment processing, taxes, refunds, billing, and App Store purchase records. Game Center handles authentication, leaderboards, achievements, scores, player identifiers, nicknames, avatars, and related gameplay activity. Apple processes these activities under Apple’s own terms and privacy policies.

5.4 Third-Party Privacy Materials

Users should review the privacy materials applicable to these services:

• Apple Privacy Policy
• Apple Game Center & Privacy
• Firebase Privacy and Security
• How Google uses information from sites or apps that use Google services
• Google AdMob privacy disclosure requirements

6. Tracking, ATT, and Advertising Choices

The App may request permission under Apple’s App Tracking Transparency framework before using data to track users across apps and websites owned by other companies. If the user denies ATT permission, IDFA-based tracking will not be used by the App for that purpose, but non-personalized ads, contextual ads, frequency capping, fraud prevention, analytics, and basic ad delivery may still operate where permitted.

Users can manage tracking and advertising choices through:

• iOS or iPadOS Settings > Privacy & Security > Tracking
• iOS or iPadOS Settings > Privacy & Security > Apple Advertising
• Google ad personalization and privacy settings, where applicable
• Any in-app consent or privacy controls made available in the App

Withdrawing consent does not affect lawful processing performed before withdrawal.

7. App Store Privacy Labels

Apple requires developers to disclose their own and integrated third-party SDK data practices in App Store Connect, including whether collected data is linked to the user or used for tracking. The App’s App Store privacy label should be kept consistent with this Policy and the App’s actual implementation.

8. Data Sharing and Recipients

Personal data may be disclosed to:

• Apple, for StoreKit, App Store distribution, purchases, refunds, Game Center, and platform services
• Google, Firebase, and Google Mobile Ads, for analytics, diagnostics, ad delivery, measurement, attribution, and fraud prevention
• Service providers that support hosting, email, security, compliance, or customer support
• Authorities, courts, or regulators where legally required
• Successors or assignees in a merger, acquisition, reorganization, or transfer of the App or related assets

We do not sell personal data for money. Disclosure of advertising identifiers, app activity, or similar data to advertising networks for cross-context behavioral advertising may be considered “sharing” or “sale” under some US state privacy laws. Users can restrict this through ATT choices, device settings, and any available privacy controls.

9. International Transfers

Personal data may be processed in the user’s country, the European Economic Area, the United States, and other countries where Apple, Google, Firebase, advertising networks, or service providers operate. Where GDPR or similar laws apply, transfers outside the EEA, UK, or Switzerland will rely on an adequacy decision, Standard Contractual Clauses, Data Privacy Framework participation where applicable, contractual safeguards, or another lawful transfer mechanism.

10. Retention

• Local App data remains on the device until deleted by the user, cleared by an App feature, or removed with the App.
• Purchase and transaction records are retained by Apple according to Apple’s policies and legal obligations.
• Game Center data is retained by Apple according to Apple’s Game Center and Apple Account policies.
• Firebase, analytics, and ad data are retained according to the applicable Firebase, Google, or AdMob settings and policies.
• Support emails may be retained for up to 24 months after the last interaction, unless a longer period is required for legal, security, dispute, or compliance reasons.

We may retain aggregated or de-identified information that no longer identifies a user.

11. GDPR and EEA/UK/Swiss Rights

Where GDPR, UK GDPR, Swiss data protection law, or similar law applies, users may have the right to:

• Request access to personal data
• Request rectification of inaccurate or incomplete data
• Request erasure of personal data
• Request restriction of processing
• Object to processing based on legitimate interests
• Request portability of data provided by the user, where legally applicable and technically feasible
• Withdraw consent at any time where processing is based on consent
• Lodge a complaint with a competent data protection authority

Requests can be sent to support@copycut.it. We may request information needed to verify identity and locate relevant data. GDPR requests are generally answered without undue delay and within one month, unless an extension is permitted by law.

Some data is controlled directly by Apple, Google, or another third party. Requests about Apple Account, App Store, payment, Game Center, Google, Firebase, or AdMob data may need to be submitted directly to those providers.

12. US State Privacy Rights

Depending on the user’s location, US state privacy laws may provide rights to know, access, correct, delete, obtain a copy of personal information, opt out of targeted advertising or sale/sharing, and appeal a decision. The App does not knowingly sell personal information for money or knowingly sell/share personal information of users under 16.

13. Children’s Privacy

The App is not specifically directed to children under 13. We do not knowingly collect personal data from children under 13 without required parental consent. In the EEA, UK, and other regions, a higher age threshold may apply for consent to information society services.

14. Sensitive Data and Free-Text Fields

Users must not enter special-category or sensitive personal data, such as health data, biometric data, precise location, government identifiers, political opinions, religious beliefs, payment data, account credentials, or personal data about third parties, into mnemonics, custom set names, or other free-text fields. The App is not designed to process such information.

15. Automated Decision-Making

The App does not intentionally use personal data for automated decisions that produce legal or similarly significant effects. Game scoring, learning statistics, ad delivery, fraud detection, and entitlement checks may involve automated processing for App functionality, security, or monetization.

16. Security

Reasonable technical and organizational measures are used to protect data, including Apple platform security features, app sandboxing, Keychain where appropriate, and service-provider security controls. No method of transmission, storage, or processing is completely secure, and no absolute security guarantee is provided.

17. Deleting Data

Users may delete or reduce App data by:

• Using any in-app reset, delete, or clear-data feature, where available
• Deleting custom sets or mnemonics in the App, where supported
• Deleting the App from the device
• Changing ATT, Apple Advertising, Game Center, or Google privacy settings
• Contacting Apple, Google, or Firebase for data controlled by those providers

Deleting the App may not delete purchase records held by Apple, App Store records, Game Center data, Firebase/Google data already processed, backups, legal records, or support communications retained for lawful purposes.

18. Changes to This Policy

This Privacy Policy may be updated to reflect App changes, legal requirements, SDK changes, or platform requirements. The updated version will be identified by the “Last Updated” date. Continued use of the App after an updated Policy becomes effective constitutes acknowledgement of the updated Policy, to the extent permitted by law.

19. Contact

For privacy, GDPR, data deletion, consent, or App Store privacy questions, contact: support@copycut.it.