This Privacy Policy explains what information we collect when you use Zenko (the “app”), how we use it, where it lives, and what rights you have over it.

Zenko is published by Saiteki Planning (“we”, “us”), based in Norway. We act as the data controller for personal data processed through Zenko under the EU General Data Protection Regulation (GDPR) and the Norwegian Personal Data Act.

We’ve tried to write this in plain language. If anything is unclear, email privacy@saitekiplanning.com and we’ll explain it.

What we collect

Zenko is designed to collect as little as possible. The data we do collect falls into a few categories:

Created automatically when you first open the app

• An anonymous user ID — a random UUID generated on your device the first time you launch Zenko, stored in your device’s local storage. This ID is what we use to keep track of your gameplay statistics and (if you make a purchase) your unlock entitlement. It is not linked to your real identity unless you choose to sign in.
• A display name — whatever you type in during onboarding. You can change it any time in Settings.

Created when you play

• Gameplay statistics — number of rounds played, scores, wins, time spent, etc. These are tied to your anonymous user ID and used to power the in-app stats screen.
• Multiplayer session data — while you’re in a room, our game server processes the state of your hand, the cards you play, and the room’s state, so it can keep every player in sync. This data lives in memory on the server and is discarded when the round ends.

Only if you opt in

• Apple or Google sign-in — if you choose to sign in (it’s optional), we receive an identity token from Apple or Google. We use it to verify your identity, link your account across devices, and let us re-issue your purchase entitlement on a new device. We do not request or store your real name, profile picture, or any social-graph data. We may receive your email from Apple/Google but only use it to identify your account; we do not send marketing emails to it.
• Push notification token — if you grant the notification permission, your device’s Apple Push Notification Service or Firebase Cloud Messaging token is sent to our server so we can deliver invites from your friends. You can revoke this any time in your device’s notification settings.
• Purchase information — when you unlock multiplayer, the App Store or Google Play processes the payment. We receive a transaction identifier from the store, which we forward to our payment processor (RevenueCat) to verify the purchase and update your entitlement. We do not receive your credit card or billing details.

What we don’t collect

Just as importantly, here’s what Zenko doesn’t do:

• We do not collect your real name (unless Apple/Google passes it to us at sign-in, in which case we discard it — we use the display name you set in-app).
• We do not collect your email address (except as described above for sign-in; we never use it for marketing).
• We do not collect or share your location, contacts, photos, microphone, or camera.
• We do not use any third-party advertising or analytics SDKs. There are no ad networks, no Facebook pixel, no Google Analytics, no behavioural trackers.
• We do not sell or rent your personal data to anyone, ever.

Where your data lives

• Our game server, operated by Saiteki Planning on infrastructure located in the EU/EEA. This is where multiplayer sessions, gameplay statistics, and account information are processed and stored.
• RevenueCat, Inc. (United States) — our payment-verification processor. RevenueCat receives your anonymous user ID and the App Store / Google Play transaction identifier to confirm purchases and re-deliver entitlements. We’ve signed RevenueCat’s data processing addendum, which provides the safeguards required for transfers outside the EEA (Standard Contractual Clauses). See revenuecat.com/privacy.
• Apple Push Notification Service (Apple, Inc., United States) and Firebase Cloud Messaging (Google LLC, United States) — used to deliver push notifications if you opted in.
• Apple App Store and Google Play — handle the actual payment for the multiplayer unlock. They are independent data controllers for the payment data they collect; their own privacy policies apply.

Why we process this data (legal basis under GDPR)

• To provide the game itself — anonymous ID, display name, gameplay state. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
• To verify and restore your purchase — transaction identifier, anonymous ID with RevenueCat. Legal basis: performance of a contract.
• To deliver invites you opt in to receive — push notification token. Legal basis: consent (Art. 6(1)(a) GDPR), which you can withdraw any time in your device settings.
• To link your account across devices — Apple/Google identity token. Legal basis: performance of a contract, only when you choose to sign in.

How long we keep it

• Your account and gameplay statistics are kept for as long as your account is active.
• If you ask us to delete your account, we permanently delete it within 30 days.
• Multiplayer session data is held in memory only for the duration of the round.
• Server logs (technical request logs used for debugging and abuse prevention) are kept for up to 30 days, then rotated out.

Your rights

If you’re in the EU/EEA, the UK, or Norway, GDPR gives you the right to:

• Access the personal data we hold about you.
• Correct data that’s inaccurate.
• Delete your account and personal data (the “right to be forgotten”).
• Export your data in a portable format.
• Object to processing, or restrict it.
• Lodge a complaint with your local data protection authority. In Norway, that is the Datatilsynet.

To exercise any of these rights, email privacy@saitekiplanning.com from the email tied to your sign-in (or include the user ID shown in Settings → About if you played as a guest). We’ll respond within 30 days.

Children

Zenko is rated for general audiences but is most enjoyable from around age 8. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has signed in to Zenko in a way that gave us their data, contact us at privacy@saitekiplanning.com and we will delete it.

We recommend parental guidance for younger players, particularly when joining public multiplayer rooms with strangers.

Cookies and similar technologies

The Zenko app does not use cookies. The website at saitekiplanning.com does not use analytics, advertising, or tracking cookies. We may use strictly necessary local storage to remember language and theme preferences.

Changes to this policy

If we make material changes to this policy, we will notify you in the app before the changes take effect. Non-material changes (typo fixes, restructuring) will be reflected by the “Last updated” date at the top of this page. Previous versions are available on request.

Contact

For privacy-related questions or to exercise any of the rights above:

• Email: privacy@saitekiplanning.com

For any other support question, hello@saitekiplanning.com is the right address.