Privacy Policy
Effective date: May 12, 2026
Overview
TileBuddy is a Hong Kong Mahjong companion app and a set of online tools for club organizers (TileBuddy Club). We respect your privacy and collect only the minimum data we need to provide these services. This policy explains what we collect, why, and how it's used — including any data we access from Google, Apple, or Stripe when you choose to sign in or pay through those services.
Google User Data (Sign in with Google)
If you choose to sign in to TileBuddy with Google, we access the following data from your Google account via OAuth:
- Email address — your primary Google account email
- Display name — the name on your Google profile
- Profile picture URL — the public avatar associated with your Google account (we display it nowhere in TileBuddy today, but it may be available in your account metadata)
- Google account ID — used internally to recognize you on return visits
We use this data only to:
- Create and authenticate your TileBuddy account
- Show your name at club events you attend and on event recap leaderboards
- Display your email on the organizer's roster of the club you attend, so the organizer can recognize returning members
- Link multiple event check-ins to a single profile so your stats are aggregated correctly
We do not use Google user data for advertising, profiling, or training AI / ML models. We do not sell or share it with third-party marketing services. We do not request any Google scopes beyond basic profile (email + openid) — we cannot access your Gmail, Drive, contacts, calendar, or any other Google service. You can revoke TileBuddy's access at any time at myaccount.google.com/permissions.
Your Google user data is stored on our backend, hosted by Supabase (a third-party authentication and database provider) under their privacy policy. It is retained for the lifetime of your TileBuddy account. If you delete your account (by emailing the address below), this data is deleted within 30 days.
Apple User Data (Sign in with Apple)
If you choose Sign in with Apple, we receive your Apple-relayed email (which may be a private relay address you control) and the name you choose to share at first sign-in. We use this data identically to Google user data above (account creation, displaying your name at events, organizer roster). We do not request any additional Apple scopes.
Account Data You Provide Directly
If you sign up with email + password (instead of Google or Apple), we collect your email address and a hashed password (stored by our authentication provider, Supabase — we never see your plain password). You may also set a display name on your profile, which is shown at events you attend.
Event Participation Data
When you attend a club event as a player, the following is recorded:
- The name you check in under (you may use any name)
- Your check-in time
- Any hands you win or are dealt into
- Your seat assignments and scores during the event
This data is visible to the club organizer running the event, and (in anonymized aggregate form like scores and leaderboards) to other attendees of the event. Anyone with a recap URL can view event leaderboards.
Payment Data (TileBuddy Club subscriptions)
If you subscribe to TileBuddy Club as a club organizer, payment is handled by Stripe. We do not see or store your card number, CVC, or expiration date — that data is collected directly by Stripe under their privacy policy. We store only your Stripe customer ID and subscription status so we can grant or revoke access. Players never enter payment information.
Camera Usage
TileBuddy requests camera access solely for the Hand Scanner feature, which photographs mahjong tiles for AI-powered recognition. Camera access is only activated when you explicitly open the scanner. Photos are not stored permanently on your device or on any server.
Tile Image Data (Google Gemini API)
When you use the Hand Scanner, the captured image is sent to the Google Gemini API (via a secure server-side proxy) for tile identification. Google processes these images according to their privacy policy and their Gemini API terms. Images are not stored on our servers after recognition completes. This use of the Gemini API is for tile recognition only — it does not involve your Google account data.
Local Data Storage (solo app)
When you use the TileBuddy app in solo mode (without joining a club event), game settings, player names, and scoring history are stored locally on your device using your browser's or app's built-in storage. This data never leaves your device.
Anonymous Analytics
TileBuddy uses PostHog to collect anonymous usage data, such as which features are used and error reports for stability improvements. We have configured PostHog to:
- Not collect or store IP addresses
- Not collect personally identifiable information
- Not record user sessions or screen activity
- Not use advertising identifiers (IDFA)
- Not track users across other apps or websites
Analytics data is used solely to understand feature usage and improve app stability. No advertising networks or tracking technologies are used.
Data We Do Not Collect
- We do not collect location data
- We do not access your contacts, calendar, photos library, Drive, Gmail, or any other Google service beyond basic profile
- We do not use your data to train AI or ML models
- We do not sell your data to anyone
- We do not share your data with advertising networks
Data Retention and Deletion
Account data (including Google / Apple user data) is retained for the lifetime of your account. To delete your account and all associated data, email us at the address below. We will delete your data within 30 days, except where retention is required by law (e.g. tax records for payment data).
Children's Privacy
TileBuddy does not knowingly collect information from children under 13.
Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated effective date.
Contact
For questions about this privacy policy, account deletion requests, or any other data concerns, contact: hello@tilebuddy.app