This Privacy Policy explains how Bliss Labs OÜ (EST 16138210) ("Bliss Labs", "we", "us", or "our") processes information when you use our mobile application Pattern Rush and our website (together, the "Services"). For GDPR purposes, Bliss Labs OÜ is the data controller.
Registered address: Ahtri 12, Tallinn, 10151, Estonia Contact: info@blisslabs.dev
We designed the app to work offline, without accounts, ads, or cross-app tracking. We collect only what’s necessary to keep the app reliable, understand usage at an aggregate level, and provide purchases.
1) What we collect and why
We follow the principle of data minimization and aim to avoid collecting data that can identify you personally.
a) Anonymous usage analytics
- What: high-level app interaction events (e.g., screens viewed, feature usage).
- Why: to understand what works and improve functionality (legitimate interests).
- How: we configure analytics so that events are not linked to a real-world identity and are processed in the EU.
b) Crash & performance diagnostics
- What: crash reports (stack traces, device/app state at crash), performance timings.
- Why: to keep the Services secure, stable and reliable (legitimate interests / app functionality).
- How: we enable Sentry’s data-scrubbing features to limit accidental ingestion of sensitive data. We store data in the EU where available.
c) Purchases & subscriptions
- What: purchase receipts, product IDs, subscription status (e.g., active/expired, renewal date).
- Why: to validate purchases and grant entitlements (performance of a contract).
- How: we use anonymous identifiers; cancellations and refunds are handled by the App Store or Google Play.
We do not create user accounts; collect precise location, contacts, photos, or advertising identifiers; show personalized ads; or sell personal data.
2) Legal bases (GDPR)
- Performance of a contract: managing purchases/subscriptions and providing paid features.
- Legitimate interests: ensuring security and reliability; understanding aggregate usage to improve the app. We balance these interests against your rights and expectations.
3) Sharing and processors
We share data only with service providers necessary to operate the Services. As of the effective date, these are:
- PostHog (product analytics, EU region)
- Sentry (crash & performance diagnostics, EU region where available)
- RevenueCat (purchase validation and entitlements)
Each acts as our processor under a data processing agreement and processes data only on our instructions.
4) International transfers
We aim to store and process data in the EU wherever possible. Some processing may occur outside the EEA (for example, through app stores or specific vendor infrastructure). Where data leaves the EEA, we rely on appropriate safeguards (such as Standard Contractual Clauses) and vendor security commitments.
5) Retention
- Analytics and diagnostics: retained for up to 12 months.
- Purchase and financial records: retained for up to 10 years to comply with tax, accounting, and legal obligations.
We will retain data longer only if required by law or to establish, exercise, or defend legal claims.
6) Your rights
If you are in the EEA/UK (and, with variations, in many other regions), you have rights to access, rectification, erasure, restriction, objection, and data portability. You also have the right to lodge a complaint with a supervisory authority, such as the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon), or your local authority.
To exercise your rights, contact us at info@blisslabs.dev. For purchase-related data, we may need to coordinate with the relevant app store.
7) Managing subscriptions, cancellations & refunds
- iOS (App Store): manage or cancel subscriptions from your Apple ID subscription settings. Deleting the app does not cancel a subscription; refunds are handled by Apple.
- Android (Google Play): manage or cancel subscriptions via Google Play; refunds follow Google Play’s policies.
8) Security
We use appropriate technical and organizational measures to protect data and require the same from our processors via contracts and vendor due diligence.
9) Children
Our Services are not directed to children under 13 (or the age defined by your local law). We do not knowingly collect personal data from children.
10) Changes to this policy
We may update this Policy. We will post the new version with an updated effective date. Material changes will be highlighted.
Contact: Bliss Labs OÜ, Ahtri 12, Tallinn, 10151, Estonia — info@blisslabs.dev