Batak — Privacy Policy
Batak is a Turkish trick-taking card game for 4 players. It supports solo mode (1 human vs 3 AI) and online multiplayer (LAN auto-discovery plus public rooms via our server at batak.albooren.com).
Last updated: April 18, 2026 · Effective: April 18, 2026Summary
batak.albooren.com for public online rooms. No Firebase, no third-party analytics, no account system. Player nicknames are user-entered and may be pseudonymous.Data We Process
| Data type | Purpose | Legal basis | Retention |
|---|---|---|---|
| Player nickname (user-entered) | Display in multiplayer rooms | GDPR 6(1)(b) contract performance | Server memory: lifetime of the room. Local device: until cleared |
| Room code, rejoin token | Reconnection after network drop | GDPR 6(1)(b) contract performance | Server memory: up to several hours (until room ends) |
| IP address (connection metadata) | WebSocket transport, rate limiting (5 room creates/minute/IP), abuse prevention | GDPR 6(1)(f) legitimate interests (security) | Server logs: 7 days, then automatically purged |
| Advertising identifier (IDFA / GAID) | AdMob ad delivery, frequency capping, fraud prevention | GDPR 6(1)(a) consent where personalised (ATT/UMP); (f) legitimate interests where non-personalised | Per Google AdMob retention policies |
| Device-local settings and scores | App functionality | Not personal data transmitted to us | On device only (SharedPreferences); user-deletable |
We do not request or collect real name, email, phone number, precise location, contacts, photos, microphone, or camera access. Player nicknames, though user-entered, should be treated as pseudonymous; we recommend against using your legal name.
Third-Party Services
Google AdMob
Ads support free access. AdMob processes advertising identifiers, IP address, device model, and coarse location (city/country level) per its advertising policy. AdMob uses mediation with additional ad networks; the full list of Google-certified partners is available at support.google.com/admob/answer/9012903. On iOS we request App Tracking Transparency consent; declining limits ads to contextual (non-personalised).
Self-Hosted Game Server (batak.albooren.com)
Public room creation and online multiplayer connect to a Dart WebSocket server we operate. The server keeps room codes, player nicknames, game state (hands, scores, cards played), and rejoin tokens in memory only; no persistent database is used. When a room ends, the data is discarded. Operational safeguards:
- Room code format validation (4–6 uppercase letters)
- 5 room creations per minute per IP
- Global cap of 200 concurrent WebSocket connections
- 500 concurrent room cap
- Connection logs (IP + event timestamp) purged after 7 days
- TLS (HTTPS/WSS) in transit
LAN Multiplayer (Bonjour / mDNS)
To discover devices on the same Wi-Fi network, the app uses Apple Bonjour on iOS (requires Local Network permission) and Android NSD. All traffic stays on your local network; no data is transmitted to us or to third parties during LAN play.
International Transfers
Nickname, game state, and IP address are transmitted to our server located in Turkey. AdMob transmissions may reach Google data centres globally, including the United States, under the EU–US Data Privacy Framework and Standard Contractual Clauses (GDPR Art. 46). Full details in the common policy — International Data Transfers section.
Your Rights & Deletion
Online game data is deleted when the room ends. Device-local settings and score history can be removed via "Settings → Clear Data" in-app, or by uninstalling. For all rights (access, rectification, erasure, restriction, portability, objection, complaint to a supervisory authority), see the common policy.
Direct requests: privacy@albooren.com