Papelito

Privacy Policy

Last Updated: January 21, 2026

1. Introduction

Hard Coded LLC ("we," "our," or "us") operates Papelito, a multiplayer word-guessing party game available as a web application and mobile application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using Papelito, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

We collect several types of information to provide and improve our Service:

2.1 Account Information

When you create an account, we collect:

  • Name
  • Email address
  • Password (stored in encrypted/hashed format)
  • Preferred language settings

2.2 Game Data

When you use Papelito, we collect and store:

  • Games you create or join
  • Player information (nicknames, team assignments)
  • Game scores and statistics
  • Guesses and turns taken during gameplay
  • Words/entities ("papelitos") submitted for games
  • Player nickname history

2.3 Device and Technical Information

We automatically collect certain technical information, including:

  • IP address
  • Device identifiers
  • Browser type and version
  • User agent information
  • Session data and authentication tokens

2.4 Social Login Data

If you choose to sign in using Google or Apple authentication, we may receive:

  • Your name and email address from the authentication provider
  • Authentication provider account identifier

We do not store your authentication provider password or access tokens.

2.5 Contact Form Data

If you contact us through our contact form, we collect:

  • Your name
  • Email address
  • Subject and message content

2.6 Analytics Data

We collect analytics data to improve our Service, including:

  • Word usage statistics
  • Turn analytics
  • Game statistics and performance metrics

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our Service
  • To enable multiplayer gameplay and real-time communication
  • To process your account registration and authentication
  • To manage your account and preferences
  • To respond to your inquiries and support requests
  • To analyze usage patterns and improve Service quality
  • To detect, prevent, and address technical issues
  • To comply with legal obligations and enforce our terms

4. Third-Party Services and Data Sharing

We use third-party services that may collect, process, or store your information:

4.1 Pusher

We use Pusher for real-time communication features, including presence channels and game event broadcasting. Pusher may process your connection information and game participation data. Please review Pusher's Privacy Policy.

4.2 Sentry

We use Sentry for error tracking and crash reporting. Sentry may collect device information, user context (including user ID and email), navigation data, and error logs to help us diagnose and fix issues. Please review Sentry's Privacy Policy.

4.3 Google Mobile Ads

Our mobile applications may display advertisements through Google Mobile Ads. Google may collect information about your device and usage to provide personalized ads. Please review Google's Privacy Policy.

4.4 Google Sign-In

If you choose to sign in with Google, Google processes your authentication. Please review Google's Privacy Policy.

4.5 Apple Sign-In

If you choose to sign in with Apple, Apple processes your authentication. Please review Apple's Privacy Policy.

4.6 Expo

Our mobile applications are built using Expo, which may process device information for app updates and platform services. Please review Expo's Privacy Policy.

We do not sell your personal information to third parties. We only share information as necessary to provide our Service, comply with legal obligations, or with your consent.

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your information:

  • Passwords are stored using industry-standard hashing algorithms
  • Data transmission is encrypted using secure protocols (HTTPS/TLS)
  • Access to personal data is restricted to authorized personnel only
  • We regularly review and update our security practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention and Deletion

We retain your personal information indefinitely until you request deletion. When you request account deletion:

  • We will permanently delete your account and associated personal information
  • We will remove your data from our active systems
  • We will delete your information without trace, to the extent technically feasible
  • Some information may remain in backup systems for a limited time but will be permanently deleted during routine backup purges

To request deletion of your account and data, please contact us at hardcoded.place@gmail.com.

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and personal data
  • Opt-Out: Opt out of certain data collection where applicable

You can exercise these rights by contacting us at hardcoded.place@gmail.com.

Guest Play: You may use Papelito as a guest without creating an account. Guest users have limited functionality and their game data may not be retained.

8. Children's Privacy

Papelito is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

9. Mobile App Permissions

Our mobile applications may request the following permissions:

9.1 Camera Permission

We request camera access to enable QR code scanning, which allows you to quickly join games by scanning a QR code. We do not store, transmit, or share camera images or video.

9.2 Internet Permission

Internet access is required for the Service to function, as Papelito is a real-time multiplayer game that requires network connectivity.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your session and authentication state
  • Store your preferences
  • Analyze Service usage and performance

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.

11. International Users and GDPR Compliance

Papelito is available to users worldwide. If you are located outside the United States, please note that your information may be transferred to, stored, and processed in the United States, where our servers are located.

11.1 GDPR Rights (European Union Users)

If you are located in the European Union, you have the following additional rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Obtain confirmation of whether we process your personal data and access to that data
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Receive your personal data in a structured, commonly used format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent where processing is based on consent

11.2 Legal Basis for Processing

We process your personal data based on:

  • Performance of a contract (providing the Service)
  • Legitimate interests (improving our Service, security, analytics)
  • Your consent (where applicable)
  • Legal obligations (compliance with applicable laws)

11.3 Data Transfers

When we transfer personal data from the European Union to the United States, we rely on appropriate safeguards, including standard contractual clauses and other mechanisms recognized by applicable data protection laws.

To exercise your GDPR rights, please contact us at hardcoded.place@gmail.com. You also have the right to lodge a complaint with your local data protection authority.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights regarding your personal information, please contact us:

Hard Coded LLC

Fort Lauderdale, FL, USA

Email: hardcoded.place@gmail.com

Note: Complete physical address available upon request via email.

For privacy-related requests, including data access, correction, or deletion requests, please email us at hardcoded.place@gmail.com.