Cookie Policy for Rizzer

1. What Are Cookies and Tracking Technologies

1.1 Cookies

Cookies are small text files stored on your device that help websites and apps remember information about your visit. While traditional web cookies are used in browsers, mobile apps use similar technologies.

1.2 Mobile App Tracking Technologies

In mobile applications, we use technologies similar to cookies:

Local Storage:

• Data stored directly on your device
• Persists between app sessions
• Used for preferences and settings

Device Identifiers:

• IDFA (iOS): Identifier for Advertisers
• AAID (Android): Android Advertising ID
• Device ID: Unique device identifier
• Used for analytics and attribution

SDKs (Software Development Kits):

• Third-party code integrated into the app
• Collect data for specific purposes
• Examples: Analytics, crash reporting, authentication

2. Types of Tracking Technologies We Use

2.1 Strictly Necessary

Purpose: Essential for the App to function properly

What We Use: Authentication Tokens, Session Management, Security Tokens, Load Balancing

Duration: Session or persistent (up to 1 year)
Can You Disable: No - these are required for the App to work

2.2 Functional

Purpose: Remember your preferences and settings

What We Use: User Preferences (language, notifications, theme), App Settings, Form Data, Recently Viewed

Duration: Persistent (up to 2 years)
Can You Disable: Yes - but may affect functionality

2.3 Analytics and Performance

Purpose: Understand how you use the App and improve performance

What We Use: Usage Analytics, Performance Monitoring, Crash Reporting, A/B Testing

Data Collected:

• Pages/screens viewed
• Features used
• Time spent in app
• Device information
• App version
• Error logs

Duration: Persistent (up to 2 years)
Can You Disable: Yes - through app settings

2.4 Advertising and Marketing

Purpose: Deliver relevant ads and measure campaign effectiveness

What We Use: Ad Tracking, Attribution, Retargeting, Conversion Tracking

Duration: Persistent (up to 1 year)
Can You Disable: Yes - through device settings (Limit Ad Tracking)

Note: We do not sell your personal information to advertisers.

3. Specific Technologies We Use

3.1 Authentication and Security

Supabase Auth:

• Purpose: User authentication and session management
• Data Collected: User ID, session tokens, login timestamps
• Duration: Session (until logout) or 30 days
• Privacy: Encrypted and secure

JWT Tokens:

• Purpose: Secure API authentication
• Data Collected: User ID, permissions, expiration
• Duration: 1 hour (refresh tokens: 30 days)
• Privacy: Signed and encrypted

3.3 Third-Party SDKs

Expo Framework:

• Purpose: App development platform
• Data Collected: Device info, app version, crash logs
• Privacy Policy: expo.dev/privacy

Supabase:

• Purpose: Backend database and authentication
• Data Collected: User data, app data (as described in Privacy Policy)
• Privacy Policy: supabase.com/privacy

OpenRouter/Grok AI:

• Purpose: AI conversation generation
• Data Collected: Messages sent to AI (not permanently stored)
• Privacy Policy: openrouter.ai/privacy

5. Your Choices and Control

5.1 Device-Level Controls

iOS:

• Limit Ad Tracking: Settings → Privacy → Tracking → Allow Apps to Request to Track (OFF)
• Reset Advertising ID: Settings → Privacy → Apple Advertising → Reset Advertising Identifier
• Location Services: Settings → Privacy → Location Services → Rizzer

Android:

• Opt Out of Ads: Settings → Google → Ads → Opt out of Ads Personalization
• Reset Advertising ID: Settings → Google → Ads → Reset advertising ID
• Location Services: Settings → Location → App permissions → Rizzer

5.2 In-App Controls

• Analytics: Settings → Privacy → Analytics → Disable Usage Analytics
• Notifications: Settings → Notifications → Customize notification preferences
• Location: Settings → Privacy → Location → Choose your preferred level

7. Data Retention

7.1 Retention Periods

• Strictly Necessary: Session cookies until logout; Auth tokens 30 days; Security tokens 1 year
• Functional: Preference cookies 2 years or until changed
• Analytics: Usage data 2 years; Crash reports 90 days
• Advertising: Ad tracking data 1 year; Attribution data 90 days

7.2 Deletion

When you delete your account:

• All cookies and local storage are cleared
• Device identifiers are disassociated
• Analytics data is anonymized
• Backups are removed within 90 days

9. Children's Privacy

9.1 Age Restriction

Rizzer is not intended for users under 18. We do not knowingly collect data from children, set cookies on children's devices, track children's usage, or target children with ads.

9.2 Parental Notice

If you believe a child has used Rizzer, contact us immediately at privacy@rizzer.io. We will delete all data and cookies, and the account will be permanently closed.

12. California Privacy Rights

12.1 CCPA Compliance

California residents have rights regarding tracking:

• Do Not Sell: We do not sell your personal information (including tracking data)
• Right to Know: What tracking technologies we use and how data is used
• Right to Delete: Request deletion of tracking data and clear cookies

13. Contact Us

13.1 Questions About Cookies

Email: privacy@rizzer.io
Subject: Cookie Policy Inquiry
Response Time: Within 7 business days

13.2 Data Rights Requests

Email: privacy@rizzer.io
Subject: Data Rights Request
Include: Your name, email, and specific request
Response Time: Within 30 days

13.3 Technical Support

Email: support@rizzer.io
In-App: Settings → Help → Contact Support

14. Glossary

Common Terms:

• Cookie: Small text file stored on your device
• Session Cookie: Temporary cookie deleted when you close the app
• Persistent Cookie: Cookie that remains until expiration or deletion
• Device Identifier: Unique ID for your device
• SDK: Software Development Kit - third-party code in the app
• IDFA: Identifier for Advertisers (iOS)
• AAID: Android Advertising ID
• Local Storage: Data stored on your device