Privacy Policy — Randomizer

This Privacy Policy (hereinafter referred to as the "Policy") governs the procedures for the collection, processing, storage, and protection of information obtained from users (hereinafter referred to as "User" or "you") of the Randomizer mobile application (hereinafter referred to as the "Application"), developed and maintained by Pikiti Development (hereinafter referred to as the "Developer", "we", or "us").

By installing, accessing, or using the Application, you acknowledge that you have read, understood, and agree to be bound by the terms and conditions set forth in this Policy. If you do not agree with any provision of this Policy, you must immediately discontinue use of the Application and remove it from your device.

This Policy is drafted in compliance with the requirements of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the California Consumer Privacy Act ("CCPA"), and other applicable data protection legislation.

The Developer hereby declares that the Application does not collect, process, store, or transmit any personally identifiable information ("Personal Data") as defined under Article 4(1) of the GDPR. Specifically, the Application does not collect or process:

• Names, surnames, or any other identity data
• Email addresses or other contact information
• Geolocation or GPS data
• Device identifiers, advertising IDs, or hardware fingerprints
• Behavioral analytics, usage statistics, or interaction logs transmitted externally

The Application does not require account creation, user registration, or authentication of any kind. The Application may be used in its full capacity without providing any Personal Data.

The Application stores certain non-personal technical and user-generated data exclusively on the User's device. Such data is not transmitted to, accessed by, or otherwise made available to the Developer or any third parties. The categories of locally stored data are as follows:

3.1. Application Preferences

Configuration parameters selected by the User within the Application interface:

• Visual theme preference (light / dark / system default)
• Sound effect toggle (enabled / disabled)
• Haptic feedback toggle (enabled / disabled)

3.2. User-Generated Content

Content created by the User during the course of using the Application:

• Result history — a chronological record of randomization outcomes, limited to the most recent 1,000 (one thousand) entries, comprising the generation mode, result value, and timestamp
• Custom lists — user-defined lists consisting of a title and an ordered collection of items
• Wheel configurations — user-defined spinning wheel setups consisting of a title and sector definitions

3.3. Technical Service Data

Ancillary data required for the proper functioning of the Application:

• Cached status of the in-app purchase (PRO version activation state)
• Action counter utilized for determining the appropriate timing of review solicitation
• Timestamp of the most recent review request presentation

The Application establishes network connections exclusively for the purposes enumerated below. No User-generated content, including but not limited to result history, custom lists, and wheel configurations, is transmitted via any network connection.

Service Provider	Data Transmitted	Legal Basis / Purpose
Google Play Billing (Google LLC)	Purchase tokens, product catalog queries	Performance of contract — processing of in-app purchase transactions (PRO version)
Google Play In-App Review API (Google LLC)	Review request signal	Legitimate interest — soliciting User feedback through the platform-native review mechanism

All network communications are conducted exclusively with Google LLC services through encrypted channels (TLS/SSL). The Developer does not operate, maintain, or have access to any remote servers or backend infrastructure in connection with the Application.

For the avoidance of doubt, the Developer expressly confirms that the Application does not incorporate, integrate, or make use of any of the following technologies, services, or practices:

• Analytics platforms (including but not limited to Firebase Analytics, Google Analytics, Mixpanel, Amplitude)
• Crash reporting services (including but not limited to Crashlytics, Sentry, Bugsnag)
• Advertising SDKs or ad networks (including but not limited to Google AdMob, Meta Audience Network, Unity Ads)
• User tracking, behavioral profiling, or cross-app identification mechanisms
• Collection, processing, or storage of Personal Data on remote servers
• Disclosure, sale, or transfer of any data to third parties for commercial or non-commercial purposes

The Application declares and requests the following Android system permissions, each of which is strictly limited to its stated purpose:

• android.permission.INTERNET — required exclusively for communication with Google Play Billing services (in-app purchase processing) and the Google Play In-App Review API. This permission is not utilized for any other network communication, data collection, or transmission purposes.
• android.permission.VIBRATE — utilized solely for providing haptic feedback during randomization operations to enhance user experience.

The Application does not request or require permissions for accessing the camera, microphone, contacts, calendar, phone state, SMS, external storage, or location services.

All data described in Section 3 of this Policy is stored exclusively on the User's device utilizing standard Android platform storage mechanisms, specifically the Room persistence library (SQLite database) and Jetpack DataStore (key-value preferences).

The Developer does not operate, own, lease, or otherwise control any remote servers, cloud infrastructure, or backend services in connection with the Application. Consequently, the Developer has no technical ability to access, retrieve, modify, or delete any data stored on the User's device.

The security of locally stored data is ensured by the operating system's native security mechanisms, including but not limited to application sandboxing, file-system encryption, and device authentication controls.

7.1. Backup and Restore

The Application is configured to participate in the Android Auto Backup framework as follows:

• Included in backup: Application database (Room) — containing result history, custom lists, and wheel configurations
• Excluded from backup: Application preferences (DataStore) — configuration settings are not backed up and will revert to defaults upon fresh installation

Android Auto Backup is a service operated by Google LLC and is governed by Google's Privacy Policy. The Developer has no access to backup data stored in the User's Google account.

The Application integrates exclusively with the following third-party services, both operated by Google LLC:

• Google Play Billing Library — facilitates in-app purchase transactions for the PRO version of the Application. The processing of purchase data is governed by Google's Privacy Policy and the Google Play Terms of Service. The Developer acts as the merchant of record and receives confirmation of purchase status; no financial instrument data (credit card numbers, billing addresses) is accessed or stored by the Application.
• Google Play In-App Review API — presents the platform-native review dialog to the User. The Application does not transmit any Personal Data or User-generated content to this API; it merely initiates the review flow.

Beyond the services enumerated above, the Application does not integrate with any other third-party SDKs, libraries, APIs, or services of any kind.

The Developer does not sell, rent, lease, share, disclose, or otherwise transfer any User data to third parties under any circumstances. Given that the Developer does not collect Personal Data and does not maintain any server infrastructure, no data exists that could be subject to such transfer.

The sole data transmissions that occur are between the User's device and Google Play services, as specified in Section 4 of this Policy. These transmissions are governed by Google LLC's applicable terms and privacy policies.

The Application is not directed at children under the age of 13 (or the minimum age stipulated by applicable legislation in the User's jurisdiction, including but not limited to 16 years under the GDPR for certain EU Member States). The Application does not knowingly collect Personal Data from any User, regardless of age.

Given the absence of any Personal Data collection mechanisms within the Application, no additional safeguards under the Children's Online Privacy Protection Act ("COPPA") or analogous legislation are technically necessitated. Notwithstanding, the Developer remains committed to compliance with all applicable child protection regulations.

Pursuant to the GDPR (Articles 15–22), the CCPA, and other applicable data protection legislation, data subjects are entitled to exercise certain rights regarding their Personal Data, including the right of access, rectification, erasure, restriction of processing, data portability, and objection.

Given that the Application does not collect, process, or store any Personal Data, and all User-generated data resides exclusively on the User's device, the User exercises full and autonomous control over their data at all times. Specifically:

• Right to erasure (Article 17 GDPR) — the User may delete all Application data at any time by clearing the Application's data through the device's system settings or by uninstalling the Application
• Right of access (Article 15 GDPR) — all data is stored on the User's device and is directly accessible through the Application's user interface
• Right to data portability (Article 20 GDPR) — data included in Android Auto Backup may be transferred to another device through the standard Android backup and restore mechanism

For any inquiries, complaints, or requests pertaining to the exercise of your data protection rights, please direct correspondence to: pikiti.dev@gmail.com.

The Developer reserves the right to modify, amend, or update this Policy at any time at its sole discretion. In the event of material changes to this Policy, the Developer shall update the "Last Updated" date indicated at the beginning of this document.

Continued use of the Application following the publication of any amendments to this Policy shall constitute the User's acceptance of and agreement to be bound by such amendments. Users are encouraged to review this Policy periodically to remain informed of any changes.

For any questions, concerns, requests, or complaints regarding this Privacy Policy or the Developer's data protection practices, please contact the Developer using the following details:

Developer: Pikiti Development

Email: pikiti.dev@gmail.com

The Developer undertakes to respond to all legitimate inquiries within a reasonable timeframe, not to exceed thirty (30) calendar days from the date of receipt.