Privacy Policy

App: NAMI – Card Game for Couples

Document version: 1.0 (last updated: 6 May 2026)

Controller: Mateusz Kania, Poland — contact: mateusz@mcat.one

1. Who is the data controller

For the minimal data scope (see Section 3), the controller is:

Mateusz Kania

Contact: mateusz@mcat.one

Poland

NAMI is distributed via the App Store as an individual developer product (Apple Developer Program — Sole Proprietor). We are not a registered company.

2. What "offline-first" means

NAMI is a card game for couples. Game mechanics, card library, settings, session history — everything is processed locally on your device using iOS frameworks (AsyncStorage + iOS file system). The app has no backend — there is no NAMI server that anything is sent to.

In particular, we do NOT collect or process:

• Card content you read / skipped / marked "never again"
• Your responses (the game has no input field — you respond to each other out loud)
• Names, nicknames, or labels you typed in "Names or labels"
• Session statistics (how many cards, how often you skipped, what climate)
• Device location
• Advertising identifiers (IDFA, GAID)
• Contacts, calendar, health, fitness, files, microphone, camera — none are accessible to the app
• Diagnostics / crash reports / usage analytics (NAMI does not use Sentry, Firebase Analytics, Mixpanel, Amplitude, Crashlytics or any telemetry SDK)

3. The one exception — Apple In-App Purchases + RevenueCat

NAMI uses Apple's in-app purchase system to sell card decks (Iskra, Płomień, Po Zmroku, Bliżej Siebie, Bundle). To manage entitlements across devices (so you don't repurchase after switching phones), we use RevenueCat.

What Apple collects:

• Fact of purchase (which IAP) and status (confirmed / refunded / pending)
• Your Apple ID (on Apple's side; NAMI never sees this)
• Purchase history for the "Restore Purchases" feature

What RevenueCat collects:

• Anonymous device identifier ("App User ID" — generated by SDK, not linked to Apple ID, email, or your name)
• Mapping of that ID to your active entitlements
• Country code (for currency and refund policy) and purchase timestamp

What RevenueCat does NOT collect:

• Your email, phone, name, date of birth
• Card content from the app
• Your responses, decisions, statistics
• GPS location

RevenueCat Privacy Policy: https://www.revenuecat.com/privacy

Apple Privacy Policy: https://www.apple.com/legal/privacy/

4. Cookies, web tracking

NAMI is a mobile app, not a website. No cookies are used. No embedded browser/WebView connects to the internet.

Links in the "Privacy · Terms" section open in system Safari — at that point Safari/Apple policies apply, not NAMI's.

5. Push notifications (local only)

NAMI may optionally send local notifications about a planned date night ("Date Night Reminder"). These notifications are:

• Generated locally by iOS (UNCalendarNotificationTrigger) — no server is involved
• Configured by you — toggle on/off anytime in Settings
• Never sent by NAMI or third parties

We don't have a server that could send you push notifications.

6. Data security

All local data is stored in the iOS app sandbox, which is:

• Sandboxed by iOS (other apps cannot access it)
• Encrypted by iOS (Data Protection — when iPhone is locked, data is file-level encrypted)
• Local only — no iCloud backup unless you configure one yourself. NAMI v1.0 does not use iCloud sync.

In case of lost / stolen device: data is protected by iOS passcode / Face ID / Touch ID. NAMI does not have a separate lock mechanism (planned in a future version using expo-local-authentication).

7. Your rights (GDPR)

Even though NAMI does not collect your personal data in the classical sense, formally you have the right to:

• Right to information — you're reading it now.
• Right of access and portability — all your data is on your device. You don't need our intermediary.
• Right to erasure — Settings → "Delete all local data" or by uninstalling. Reset is instant and irreversible.
• Right to restriction — disable features in Settings (haptics, discreet mode, reduced motion, reminders).
• Right to object — no automated processing / profiling exists to object to.

For IAPs — if you want removal from RevenueCat, email us (mateusz@mcat.one) and we'll request RevenueCat to delete your anonymous App User ID. Note: this may prevent future "Restore Purchases" — the fact of purchase will remain with Apple.

8. User age

NAMI has an App Store rating of 16+ (in v1.0 without Heat/After Dark decks). Who can use the app is defined by Apple App Store and your regional regulations.

Some premium decks (Płomień, Po Zmroku) contain mature content (18+) — they require in-app age confirmation before unlocking. These decks are not available in v1.0; they will be added in v1.1.

9. International data transfers

Apple App Store and RevenueCat are US-based companies. They transfer data between the EU and USA based on:

• Apple — Standard Contractual Clauses + EU-US Data Privacy Framework
• RevenueCat — Standard Contractual Clauses

By making an in-app purchase, you agree to this transfer (implicitly — via accepting App Store Terms). NAMI does not transfer any other data.

10. Changes to this policy

The updated version is published at https://mcat.one/nami/privacy-policy with the change date. For material changes (e.g., adding a new third-party service), there will be info in the App Store Patch Notes.

11. Contact

For privacy matters:

mateusz@mcat.one

Mateusz Kania

I usually respond within 5 working days. For urgent data security matters — please add [NAMI · URGENT] to the subject line.

Apple Privacy Nutrition Label summary:

• Data Not Collected (all categories except Purchases)
• Purchase History — collected by RevenueCat for App Functionality (Restore Purchases). Not linked to identity. Not used for cross-app tracking.

Everything else — we don't collect.