Privacy policy.

1. Data controller

The data controller for your personal data is Osuuskunta Vinde, a cooperative registered in Finland (“we”, “us”, “Choreodle”).

Controller

Osuuskunta Vinde

Country

Finland

Business ID

2463222-1

Postal address

Arkadiantie 6, 25700 Kemiö, Finland

Contact email

moha _at_ mohanjith _dot_ net

This policy applies to the Choreodle mobile apps (iOS, Android) and to choreodle.com and app.choreodle.com (together, the “Service”).

2. What we collect

2.1 You can play without an account

No email, no sign‑up required. Your streak and guess history are stored only on your device.

2.2 Account data (if you sign in)

• Email address — used for sign‑in and essential service messages.
• Display name — a leaderboard name you choose. This is public.
• Gameplay data — current streak, past scores, difficulty tier, puzzles solved (dance and date). Stored against your account so it syncs across devices.

2.3 Crash & diagnostics

We collect crash reports, error logs and basic device information (device model, OS version, app version, language, approximate region derived from IP) so we can reproduce and fix bugs.

2.4 Advertising

We show ads from third‑party ad networks to fund the Service. Depending on your consent, ad networks may process device identifiers (such as Apple’s IDFA or the Google Advertising ID) and approximate location for frequency capping, fraud prevention and, if you consent, personalisation. You can change this anytime — see Your rights.

2.5 Sharing

When you use the Share button, Choreodle hands a short text string (“Choreodle #312 · 4/6” plus a grid of emoji and a link) to your operating system’s share sheet. We do not track which app you send it to or who receives it.

2.6 What we do not collect

• We do not access your camera, microphone, contacts or photo library.
• We do not collect precise GPS location.
• We do not profile you based on your dance taste.
• We do not sell personal data.

3. How we use it

• To run the Service — let you play, save streaks, and keep you signed in.
• To show a global leaderboard using the display name you chose.
• To fix crashes and improve performance.
• To show ads (including, with consent, personalised ads).
• To send essential service emails (security, account changes). We only send marketing email if you subscribed to the newsletter; you can unsubscribe from any such email.
• To comply with law and enforce our Terms of service.

4. Legal bases (GDPR art. 6)

Contract (art. 6(1)(b))

Providing the Service, managing your account, syncing your streak.

Legitimate interest (art. 6(1)(f))

Crash reports, fraud prevention, non‑personalised ads, basic security logs. You can object — see Your rights.

Consent (art. 6(1)(a))

Personalised advertising, analytics beyond what’s strictly necessary, the optional beta‑tester newsletter. You can withdraw consent at any time.

Legal obligation (art. 6(1)(c))

Book‑keeping and responding to valid legal requests.

5. Who we share data with

We share personal data only with processors we have a written contract with, and only for the purposes listed below:

• Cloud hosting — to store account data and serve the app.
• Crash reporting — to receive crash logs.
• Email delivery — to send sign‑in, security and (if you subscribed) newsletter emails.
• Advertising partners — to serve ads and measure their delivery.
• Payment & app store providers — Apple and Google handle any purchases under their own privacy policies.

We will list our current sub‑processors on request. We never sell personal data.

6. Retention

• Account data — kept while your account exists. If you delete it, we erase personal data within 30 days, except where law requires a longer hold.
• Gameplay / leaderboard — kept while your account exists; leaderboards reset per season.
• Crash logs — up to 90 days.
• Web server logs — up to 30 days.
• Newsletter list — until you unsubscribe. See the beta‑tester privacy notice for details.

7. Your rights

Under the GDPR and Finnish Data Protection Act you have the right to:

• Access — a copy of the personal data we hold about you.
• Rectify — correct inaccurate data.
• Erase — delete your account and associated data.
• Restrict — ask us to pause certain processing.
• Portability — receive your data in a common format.
• Object — to processing based on legitimate interest, including direct marketing.
• Withdraw consent — at any time, with effect for the future.

To exercise any of these, contact us. You can delete your account in‑app at any time: Account → Delete my account and all data.

If you believe we have processed your data unlawfully you can lodge a complaint with the Finnish Data Protection Ombudsman (tietosuoja.fi) or the authority of your place of residence.

8. International transfers

Our primary processing takes place in the EU/EEA. Where a processor is located outside the EEA, we rely on the European Commission’s Standard Contractual Clauses or another lawful transfer mechanism under GDPR Chapter V.

9. Children

Choreodle is rated suitable for teens and older. It is not directed at children under 13. If you believe a child has signed up, contact us and we will delete the account.

10. Security

We use HTTPS, encryption at rest for stored credentials, access controls and regular dependency updates. No online service is ever 100% secure — please keep your sign‑in email protected.

11. Changes to this policy

We’ll post the latest version on this page and update the “Last updated” date. For material changes we’ll notify you in‑app and, if you have an account, by email.

12. Contact

Osuuskunta Vinde · Contact us

---