Privacy Policy

Rook Chess  ·  Effective date: June 16, 2026  ·  Last updated: June 16, 2026

This Privacy Policy describes how Vadim Kuznetsov ("we", "us", or "our") collects, uses, and shares your personal information when you use the Rook Chess Android application (the "App") and the associated website at rookchess.app. It also explains your rights under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other applicable laws.

The App offers an optional account so you can back up your progress and continue on the website or another device. You can use the App without an account as a guest. This policy reflects the data we process in both cases.

1. Who We Are

The data controller responsible for your personal data is:

Name: Vadim Kuznetsov (individual developer)
Email: [email protected]

For all privacy-related inquiries, including exercising your rights under GDPR or CCPA, please contact us at the email above.

2. What Data We Collect

2.1 Analytics and Crash Data

We use the following third-party services to understand how the App is used and to diagnose technical issues:

These services may collect pseudonymous device identifiers, IP address, app version, OS version, language, and usage events. This data is pseudonymous — it cannot directly identify you by name, but it is associated with a device identifier. For more information, see Google's Privacy Policy.

2.2 Account and Profile Sync Data

If you choose to create an account, and to keep your progress backed up and in sync across the App and the website, we collect and store the following on our own servers (rookchess.app):

Even when you use the App as a guest (without an account), the App syncs your progress to our servers under the random device identifier above so that it is not lost. Your live chess analysis (the engine's evaluation of positions you study) continues to run entirely on your device and is not transmitted to us — only the aggregate progress and settings described above are synced.

2.3 Purchase and Subscription Data

In-app premium subscriptions are processed entirely through Google Play. If you subscribe on our website instead, payments are processed by Stripe. In both cases we do not receive or store your payment card details — we receive only a confirmation of purchase/subscription status (active/inactive) used to unlock premium features and to keep your premium status in sync across the App and website.

2.4 Data We Do NOT Collect

3. How We Use Your Data

PurposeData UsedLegal Basis (GDPR)
Creating and authenticating your accountEmail, display name, hashed password or Google account identifierPerformance of contract (Art. 6(1)(b))
Backing up and syncing your progress across devices and the websiteDevice identifier, learning progress and settingsPerformance of contract / legitimate interests (Art. 6(1)(b)/(f))
App analytics and performance monitoringPseudonymized usage data, device dataConsent (Art. 6(1)(a))
Crash diagnosis and bug fixesCrash reports, device infoLegitimate interests (Art. 6(1)(f))
Subscription managementPurchase/subscription status from Google Play or StripePerformance of contract (Art. 6(1)(b))
Legal complianceAs requiredLegal obligation (Art. 6(1)(c))

4. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. Your account and progress data is stored on our own server infrastructure (operated for us under the rookchess.app domain). We share data only with the following parties and only to the extent necessary:

If we ever sell or transfer our business, your data may be part of that transfer. You will be notified in advance.

5. International Data Transfers

Third-party services (such as Google LLC and Stripe, Inc.) and our hosting infrastructure may process your data outside the European Economic Area (EEA), including in the United States. These transfers are covered by appropriate safeguards, including:

You can request details of the relevant safeguards by contacting us at [email protected].

6. Data Retention

7. Your Rights Under GDPR (EEA / UK Users)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the GDPR:

To exercise any of these rights, email us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority. In Austria, this is the Datenschutzbehörde (DSB).

Deleting your account: You can delete your account and all associated synced data at any time, directly in the App (Profile → Delete account), on the website at rookchess.app, or by emailing us at [email protected]. Deletion permanently removes your account and profile data from our servers, except for any records we are legally required to keep.

8. Your Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

Categories of Personal Information Collected (CCPA Disclosure)

CategoryExamplesCollected?
IdentifiersEmail address, account ID, device identifierYes
Internet / network activityApp usage events, crash reportsYes
Commercial informationSubscription statusYes
Biometric dataFingerprints, facial recognitionNo
Geolocation dataGPS or precise locationNo
Camera / photosImages or recordingsNo

To submit a CCPA request, email [email protected] with the subject line "CCPA Request". We will respond within 45 days. We may ask you to verify your identity before processing the request.

9. Security

We implement appropriate technical and organizational measures to protect your personal data, including encrypted data transmission (HTTPS/TLS) for all communication between the App, our servers, and third-party services, and storage of account passwords in hashed form only. Your live chess analysis is performed entirely on-device — board positions you analyse are not transmitted; only your account details and aggregate progress/settings are synced to our servers.

No method of transmission over the internet is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify you and relevant authorities as required by law within 72 hours of becoming aware of the breach.

10. Children's Privacy

The App does not knowingly collect personal information from children under 13 years of age (or under 16 in certain EU member states). If we become aware that a child under the applicable age has provided us with personal information without parental consent, we will delete that information promptly. If you believe your child has provided us with personal information, please contact us at [email protected].

11. Consent and Analytics Opt-Out

When you first launch the App, you will be presented with a consent dialog for analytics data collection in compliance with GDPR requirements. This consent is voluntary — the App's core features work without it. You may withdraw your analytics consent at any time through the App's settings. You may also limit analytics data collection by adjusting your Android device's advertising settings under Settings → Google → Ads → Delete advertising ID.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via in-app notification. The updated policy will be effective from the date listed at the top of this page. Continued use of the App after the effective date constitutes acceptance of the revised policy.

13. Contact Us

For any questions, concerns, or to exercise your privacy rights:

Vadim Kuznetsov
Email: [email protected]

We aim to respond to all legitimate requests within 30 days.