PetLeague
Privacy

Clear data rules for a pet community.

This policy explains what PetLeague collects, why we collect it, the services that help us run the app, and how you can export or delete your data at any time.

Last updated May 4, 2026 iOS, Android, and petleague.app Minimum age: 13

No sale of personal data

We do not sell personal data. We use service providers only to operate PetLeague.

Controls you can find

Visibility, notifications, data export, and account deletion live inside the app.

Tracking, restrained

The iOS privacy manifest marks tracking as false. Rewarded ads remain disabled unless both the native ad SDK and server-side verification are configured together.

1. Data we collect

Account data: email address, username, display name, account ID, authentication state, and Apple sign-in information you choose to share.

Age gate: PetLeague asks for birth month and year to check that you are at least 13. The app stores only a local age-verification flag, not your selected birth month/year in our backend.

Pet and community content: pet names, species, breed, age, profile details, photos, contest entries, reports, blocks, follows, challenges, votes, achievements, streaks, and leaderboard activity.

Device and diagnostics: device type, operating system, app version, push notification token if you enable notifications, crash data, performance data, breadcrumbs, and diagnostic logs needed to fix issues.

Subscription data: product IDs, entitlement state, purchase and renewal events, receipt identifiers, and transaction-chain identifiers from the platform store through RevenueCat. We do not receive payment card details.

First-party analytics: app events such as sign-up, screen views, votes, reports, purchases, exports, and account deletion are stored in our backend to understand reliability and product usage.

2. How we use data

  • Operate profiles, contests, voting, challenges, achievements, and leaderboards.
  • Apply privacy preferences and notification preferences.
  • Send push notifications you opt into.
  • Moderate content, investigate reports, block abuse, and enforce fair-play rules.
  • Manage PetLeague+ subscriptions and restore purchase status.
  • Debug crashes, improve performance, and measure whether core flows work.
  • Prepare data exports and process account deletion requests.

3. Processors and sharing

We do not sell personal data. We share data with service providers only as needed to run PetLeague:

  • Supabase for database, authentication, storage, row-level security, Edge Functions, and public website data reads.
  • Expo for app updates and push notification delivery.
  • Sentry for crash reporting, performance traces, breadcrumbs, and issue diagnostics. We strip common request secrets before sending events and use account ID, not email, as the diagnostic user identifier.
  • RevenueCat for subscription entitlement state, purchase validation, webhook delivery, and customer-center flows.
  • Apple App Store and Google Play for purchases, refunds, renewals, and subscription management.
  • Cloudflare for hosting and protecting petleague.app.

We may disclose information when required by law, to protect users, or to respond to valid legal process.

4. Ads and tracking

Rewarded ads are currently disabled in production. The app contains optional rewarded-ad code paths that, if enabled in a future release, would let Google AdMob-compatible SDKs process limited device and ad-interaction data to load ads and verify rewards. While disabled, no ad SDK is initialised and no ad-related data is collected.

Rewarded ad claims are accepted only when the app runtime flag is enabled and the backend receives a valid server-side verification callback. We will update this policy and the iOS privacy manifest before any release that enables ads.

On iOS, PetLeague would request App Tracking Transparency permission only when optional ad tracking features are enabled. If tracking is denied, unavailable, or not requested, the app requests non-personalized ads. The current iOS privacy manifest sets NSPrivacyTracking to false, consistent with rewarded ads being disabled.

5. Retention

Account and pet content is retained while your account is active. Operational records such as votes, contest history, reports, subscription events, and audit logs may be retained as needed for product functionality, abuse prevention, legal compliance, and dispute handling.

Some time-bound operational data, such as activity and analytics logs, is designed for limited retention windows where applicable. Data export files are generated for user access and should be downloaded promptly.

6. Your choices and rights

  • Update profile and pet details inside the app.
  • Manage notification preferences and visibility settings.
  • Request a data export from Profile > Privacy.
  • Delete your account from Profile > Privacy.
  • Manage or cancel PetLeague+ in your Apple App Store or Google Play subscription settings.

Depending on where you live, you may have additional access, correction, deletion, objection, portability, or appeal rights under laws such as GDPR, UK GDPR, CCPA/CPRA, or similar privacy laws.

7. Children

PetLeague is intended for users age 13 and older. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided personal data to PetLeague, contact us and we will take appropriate action.

8. Security

PetLeague uses HTTPS, authenticated access, Supabase row-level security, locked-down backend functions, secret management, and operational safeguards intended to protect user data. No system is perfect, so we keep security controls under review as the app grows.

9. Contact

Privacy questions: privacy@petleague.app

General support: support@petleague.app

This page describes the product and backend behavior currently implemented for PetLeague as of May 4, 2026.