Privacy Policy

Effective date: June 15, 2026

Overview

TileBuddy is a Hong Kong Mahjong companion app and a set of online tools for club organizers (TileBuddy Club). We respect your privacy and collect only the minimum data we need to provide these services. This policy explains what we collect, why, and how it's used — including any data we access from Google, Apple, or Stripe when you choose to sign in or pay through those services.

Google User Data (Sign in with Google)

If you choose to sign in to TileBuddy with Google, we access the following data from your Google account via OAuth:

We use this data only to:

We do not use Google user data for advertising, profiling, or training AI / ML models. We do not sell or share it with third-party marketing services. We do not request any Google scopes beyond basic profile (email + openid) — we cannot access your Gmail, Drive, contacts, calendar, or any other Google service. You can revoke TileBuddy's access at any time at myaccount.google.com/permissions.

Your Google user data is stored on our backend, hosted by Supabase (a third-party authentication and database provider) under their privacy policy. It is retained for the lifetime of your TileBuddy account. If you delete your account (by emailing the address below), this data is deleted within 30 days.

Apple User Data (Sign in with Apple)

If you choose Sign in with Apple, we receive your Apple-relayed email (which may be a private relay address you control) and the name you choose to share at first sign-in. We use this data identically to Google user data above (account creation, displaying your name at events, organizer roster). We do not request any additional Apple scopes.

Account Data You Provide Directly

If you sign up with email + password (instead of Google or Apple), we collect your email address and a hashed password (stored by our authentication provider, Supabase — we never see your plain password). You may also set a display name on your profile, which is shown at events you attend.

Event Participation Data

When you attend a club event as a player, the following is recorded:

This data is visible to the club organizer running the event, and (in anonymized aggregate form like scores and leaderboards) to other attendees of the event. Anyone with a recap URL can view event leaderboards.

Payment Data (TileBuddy Club subscriptions)

If you subscribe to TileBuddy Club as a club organizer, payment is handled by Stripe. We do not see or store your card number, CVC, or expiration date — that data is collected directly by Stripe under their privacy policy. We store only your Stripe customer ID and subscription status so we can grant or revoke access. Players never enter payment information.

Camera Usage

TileBuddy requests camera access solely for the Hand Scanner feature, which photographs mahjong tiles for AI-powered recognition. Camera access is only activated when you explicitly open the scanner. Captured photos are used to identify your tiles; depending on your settings, a scanned image may also be saved to help improve the scanner (see Improving Tile Recognition below).

Tile Image Data (Google Gemini API)

When you use the Hand Scanner, the captured image is sent to the Google Gemini API (via a secure server-side proxy) for tile identification. Google processes these images according to their privacy policy and their Gemini API terms. This use of the Gemini API is for tile recognition only — it does not involve your Google account data.

Improving Tile Recognition

To make the Hand Scanner more accurate over time, TileBuddy may save the scanned tile image together with the app's own reading of it (the tiles it identified) to our secure storage, hosted by Supabase. These images:

This is on by default. You can turn it off at any time under Settings → Help improve tile scanning. When it is off, your scans are used only to identify tiles and the image is not retained after recognition.

Local Data Storage (solo app)

When you use the TileBuddy app in solo mode (without joining a club event), game settings, player names, and scoring history are stored locally on your device using your browser's or app's built-in storage. This data never leaves your device.

Anonymous Analytics

TileBuddy uses PostHog to collect anonymous usage data, such as which features are used and error reports for stability improvements. We have configured PostHog to:

Analytics data is used solely to understand feature usage and improve app stability. No advertising networks or tracking technologies are used.

Data We Do Not Collect

Data Retention and Deletion

Account data (including Google / Apple user data) is retained for the lifetime of your account. To delete your account and all associated data, email us at the address below. We will delete your data within 30 days, except where retention is required by law (e.g. tax records for payment data).

Children's Privacy

TileBuddy does not knowingly collect information from children under 13.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated effective date.

Contact

For questions about this privacy policy, account deletion requests, or any other data concerns, contact: hello@tilebuddy.app