Privacy Policy

1. Who we are

Cờ•Chess•Qi is a Xiangqi (Chinese Chess / Cờ Tướng) app for iPhone and iPad, published by an individual developer trading as Cờ•Chess•Qi. The app's bundle identifier is NhoxMini.OPUS-Swift-Chess. This policy describes how the app and its backend handle your information.

For any privacy question or request, contact privacy@cochessqi.com.

2. What we collect, and why

Every category below corresponds to an entry in the app's PrivacyInfo.xcprivacy manifest, which is what Apple uses to populate the App Store privacy label. All collection is for app functionality; none is for advertising, tracking, or third-party use.

Account identifiers

• Sign in with Apple — if you choose this option, Apple shares a stable user identifier and the email you authorized (which may be Apple's private relay address). You may share or hide your real name; we store whatever you supply.
• Sign in with Google — if you choose this option, Google shares your email and basic profile (name, profile photo URL).
• Username + password — you choose a username and password; we store an email address (used by the underlying authentication service for password reset). Your password is never seen by us in plaintext — it is processed by Firebase Authentication.
• Guest play — no credentials, but Firebase issues an anonymous user identifier so your local games can sync. You can later upgrade the guest account by linking one of the three methods above.

We use this information to create and maintain your account, sign you in across devices, and let other players see your display name and chosen avatar.

Gameplay data

• Game records: moves, time spent, results, ratings (Glicko-2), and the pairing of opponents.
• Tournament participation: which Swiss tournaments you joined, your standings, and your round-by-round results.
• Clubhouse membership and friend connections, including invitations and accepted requests.
• Puzzle progress: which puzzles you have attempted, your puzzle rating, and your Puzzle Climb / Daily Rush progression.
• Inbox messages addressed to you by the system (welcome, friend accepted, tournament results).

This data is the game. We store it so you can resume games, see your history, match against players near your rating, and receive notifications about your turn.

Device identifier (for push notifications)

So we can tell you when an opponent has moved or your tournament round has started, we store a Firebase Cloud Messaging (FCM) token for each of your devices, keyed by the device's vendor identifier (identifierForVendor). The vendor identifier is generated by iOS and is scoped to apps from the same publisher; it resets when you uninstall the app. We do not use Apple's advertising identifier (IDFA) and the app does not present the App Tracking Transparency prompt because we do not track.

Contact-email hashes (only if you opt in to "Find friends")

If you tap "Find friends from contacts", the app reads your address book on-device, computes a SHA-256 hash of each email address, and sends only the hashes to our backend to look for matches. Raw email addresses from your address book are never transmitted or stored. The same hash of your own account email is stored on your user record so friends who have your address can find you the same way. Apple's private-relay addresses (*@privaterelay.appleid.com) are excluded.

Anonymous crash diagnostics

If the app crashes, an anonymized crash report is sent to Firebase Crashlytics so we can fix the bug. The report contains the stack trace, OS version, device model, and locale. It does not contain your name, email, account identifier, or game contents. This is the only category in the privacy manifest marked "not linked to user identity".

Standard iOS storage

The app uses UserDefaults to remember settings such as your selected board theme, sound preferences, and your Pro subscription status flag (mirrored from StoreKit). Apple categorizes this under privacy reason code CA92.1 ("access information about the user's own app").

3. What we do not collect

• No advertising or third-party analytics. The app does not include Firebase Analytics, Google Analytics, Meta SDK, AppsFlyer, Adjust, or any comparable SDK. We do not run ads.
• No tracking across apps or websites. Our privacy manifest declares NSPrivacyTracking = false and lists no tracking domains.
• No IDFA. We do not request Apple's advertising identifier and do not display the App Tracking Transparency prompt.
• No location data. The app does not request location permission.
• No microphone, camera, photo library, calendar, reminders, or health data.
• No raw contacts. Contact email matching is hash-only (see §2).
• No payment instrument data. All purchases are processed by Apple's App Store; we receive only a verified entitlement (whether your Pro subscription is active).

4. Third-party services we use

The app relies on the following infrastructure providers. Each receives only the data described in §2, only for the purpose stated, and processes it under their own privacy terms.

Apple

• Sign in with Apple — identity assertion only.
• StoreKit 2 — processes Pro subscription purchases and renewals.
• Game Center — optional, only if you sign in; used for leaderboards and achievements. Your Game Center player identifier is stored on your user record so we can attribute scores.
• Apple Push Notification service (APNs) — delivers move and tournament push notifications.

Google / Firebase

• Firebase Authentication — verifies sign-in credentials and issues session tokens.
• Cloud Firestore — stores your profile, games, tournaments, clubhouses, friends, and inbox.
• Cloud Functions — server-side game-rules validation, matchmaking, tournament pairings, rating updates.
• Firebase Cloud Messaging (FCM) — relays push notifications to APNs.
• Firebase Crashlytics — anonymous crash reports.

Firebase processes data on Google-operated servers, which may be located outside your country. Google's handling of Firebase data is governed by the Firebase Data Processing Terms.

The chess engine

The chess engine runs entirely on your device. It does not send your moves, games, or any other information over the network. There is no cloud chess analysis.

5. In-app purchases

Cờ•Chess•Qi offers a monthly Pro subscription (product identifier NhoxMini.OPUS-Swift-Chess.pro.monthly) through Apple's App Store, with a free trial. Purchases, renewals, refunds, family sharing, and cancellation are handled by Apple. We see only the resulting entitlement state (Pro active or not) and the original transaction identifier needed to verify it. We do not receive your name, address, or payment instrument. Manage or cancel your subscription at any time in Settings → Apple ID → Subscriptions on your device.

6. How we share information

We do not sell your data, share it for advertising, or disclose it to brokers. The only ways your information moves outside the app and its backend are:

• To other players, the parts you would expect. Your display name, avatar, rating, club membership, tournament standings, and the moves of games you play are visible to opponents and (for tournaments and leaderboards) to other participants.
• To the infrastructure providers in §4, only as needed to operate the service.
• To comply with law. If we receive a valid legal request, we may disclose information to the extent required.

7. Data retention and account deletion

Account information and game records are retained for as long as your account is active.

To request deletion of your account and associated personal data, email privacy@cochessqi.com from the address linked to your account, or — if you signed in with Apple's private relay — include enough information for us to identify the account (username, approximate sign-up date, last device used). We will confirm and complete the deletion within 30 days. Anonymous, aggregated, or fully de-identified data (for example, anonymized crash reports already submitted to Crashlytics) may be retained beyond that window.

Note that completed game records may continue to appear in your former opponents' game histories, since they are part of those opponents' personal records too. Your identity in those records will be replaced with a generic "deleted player" label.

8. Your rights

Depending on where you live, you may have rights to access, correct, port, or delete your personal data, and to object to or restrict certain processing. Residents of the European Economic Area, the United Kingdom, and Switzerland have rights under the GDPR; residents of California have rights under the CCPA/CPRA; similar rights exist in many other jurisdictions. To exercise any of these rights, email privacy@cochessqi.com. We will respond within the timeframe required by applicable law.

9. Children

Cờ•Chess•Qi is rated 4+ in the App Store and is suitable for general audiences, but it is not directed at children under 13 (or the equivalent minimum age under your local law). We do not knowingly collect personal data from children below that age. If you believe a child has created an account, contact privacy@cochessqi.com and we will delete it. If you sign in with Apple's "Ask to Buy" or Family Sharing, the in-app purchase flow honors your family controls.

10. Security

All traffic between the app and our backend is encrypted in transit using TLS. Authentication tokens are stored on-device in iOS's keychain. We make reasonable efforts to protect your information, but no internet service is perfectly secure; we cannot guarantee absolute security.

11. International transfers

Our backend runs on Google Cloud / Firebase infrastructure. Your data may be stored or processed in countries other than your own, including the United States. By using the app, you understand that your data may be transferred to facilities outside your country, which may have data-protection rules different from those of your jurisdiction.

12. Changes to this policy

If we change this policy, we will update the "Effective" date at the top and, for material changes, surface a notice in the app. Continued use of the app after a change becomes effective constitutes acceptance of the updated policy.

13. Contact

Privacy questions, deletion requests, or rights requests: privacy@cochessqi.com.