Blue Duel

Privacy Policy

Last updated: May 1, 2026 · Applies to the Blue Duel mobile application (iOS and Android) and this website.

Short version: Blue Duel runs no backend of its own and has no user accounts — we never see individual user data. To keep the app free, to understand how it’s used, and to find bugs we’d otherwise miss, we embed three Google SDKs: AdMob (collects ad‑related data when ads are shown), Firebase Analytics (collects aggregated usage data), and Firebase Crashlytics (collects crash and error reports). All three flows are laid out side by side below, including the controls you have over each.

1. Who we are

Blue Duel is developed and published by Diffuse Thinking LLC (“we”, “our”, “us”). For any privacy questions you can reach us at privacy+blueduel@diffusethinking.com.

2. What gets collected, and by whom

Because Blue Duel is a free, ad‑supported app, the honest answer has more than one half. Rather than separate “what we do” from “what the SDK we bundled does,” we lay them out side by side. Both flows happen because of decisions we made when building Blue Duel, and you deserve to see the full picture in one place.

By us — the developer of Blue Duel: aggregated reports only

Blue Duel has no user accounts and operates no backend of our own — there is no Blue Duel server that the app talks to. What we do see is the aggregated reporting that the Google SDKs described below provide back to us through their dashboards: things like “X people played Chess this week,” or “Y crashes happened in the last 30 days, mostly on iOS 17.4.” We never see your gameplay moves, your chat or emote messages with other players, your contacts, your precise location, or any data that identifies you individually. Your display name stays on your device and on the device of the player you’re actively duelling (see §3) — it is never sent to us or to Google.

By Google AdMob — when ads are loaded or shown

To keep Blue Duel free, the app embeds Google AdMob, Google’s mobile ad service. AdMob is the same SDK on both iOS and Android, and it is an independent third party with its own privacy practices — but it is a third party we chose to integrate, so even though we never see the data AdMob collects, that data flow exists because of an integration decision we made. We want to be straightforwardly transparent about both sides of that.

When ads are loaded or shown inside Blue Duel, AdMob and Google may collect information directly from your device, including:

  • advertising identifiers — Apple’s IDFA on iOS (when you allow tracking) or Google’s Android Advertising ID (AAID) on Android (when you have not opted out) — or non‑personalized identifiers when you decline either;
  • IP address, approximate location derived from it, device model, operating system version, and similar technical data;
  • data about which ads were shown, clicked, or rewarded.

Google uses this information to deliver, measure, and (when permitted) personalize ads. We only ever receive aggregated reporting about ad performance — never the underlying personal data — but each store attributes the same data types to Blue Duel itself: Apple’s App Store privacy nutrition label and Google Play’s Data Safety form both hold host apps accountable for the SDKs they bundle. We agree with that framing, which is why this section exists.

Google’s handling of this data is governed by their own policies:

By Google Firebase Analytics — for aggregated product analytics

To understand how Blue Duel is actually used — which games people start and finish, where the Bluetooth pairing funnel drops off, whether ads and Premium are working as intended — the app embeds Google Firebase Analytics. Firebase Analytics is the same SDK on both iOS and Android, and it is, like AdMob, an independent Google service we chose to integrate. We never see anything tied to a specific person; we see counts, rates, and distributions in the Firebase console.

When the app sends events to Firebase Analytics, Google may collect and process:

  • an app instance identifier — a randomly generated ID tied to this install of the app, not to you personally; it is reset when you reinstall Blue Duel;
  • IP address, approximate location derived from it, device model, operating system version, app version, language, and similar technical context;
  • app usage signals automatically captured by the SDK: app opens and sessions, screen views, session duration;
  • a small set of custom events Blue Duel sends so we can answer specific product questions: which game type was started or finished and the outcome, Bluetooth pair attempts and their results, taps that lead into the Premium store, and rewarded‑ad funnel events;
  • in‑app purchase events when a Premium pass is bought (transaction ID, price, currency, product name) — never your payment card or Apple/Google account details;
  • a small number of non‑personal flags about the user’s app state (for example, a flag indicating whether you currently hold a Premium pass) so we can tell whether free and Premium users behave differently in aggregate.

Firebase Analytics retains this data for 14 months by default, after which Google deletes it. Google’s handling of Firebase Analytics data is governed by Google’s own policies:

By Google Firebase Crashlytics — when the app crashes or hits an unexpected error

To detect and fix bugs we’d otherwise miss, the app embeds Google Firebase Crashlytics, Google’s crash‑reporting service. Crashlytics is the same SDK on both iOS and Android. It activates only when the app actually crashes or when our code explicitly records an unexpected non‑fatal error (for example, a failed StoreKit/Play Billing transaction); during normal use it does nothing.

When a crash or non‑fatal error is captured, Crashlytics may collect and upload:

  • a stack trace describing where in the app the issue happened;
  • device state at the time of the incident: OS version, device model, available memory and disk, app version and build number;
  • a per‑install identifier so 100 crashes from the same person are counted as 100 occurrences of one bug, not 100 different bugs;
  • non‑personal flags about your app state (for example, indicating which subsystem was active when the crash occurred) that help us reproduce the issue.

Crash and error reports are buffered locally on your device first, and only uploaded to Google after the consent prompts described below have been answered. Firebase Crashlytics retains this data for 90 days, after which Google deletes it. Crashlytics handling is governed by the same Google policies linked above (Firebase Privacy and Security, Google Privacy Policy).

EU, UK, and Switzerland consent

If you are located in the European Economic Area, the United Kingdom, or Switzerland, the app additionally presents a consent form on first launch — powered by Google’s User Messaging Platform (UMP) — where you can grant or refuse the use of personal data for ad personalization and measurement. Your choice is stored by the UMP SDK on your device and applied when AdMob requests ads. You can re‑open this form at any time from Settings → Privacy options inside the Blue Duel app to review or change your consent.

How this interacts with Firebase Analytics and Crashlytics: both Firebase products start with collection turned off at app launch and are turned on only after the UMP consent flow above (and, on iOS, the App Tracking Transparency prompt below) have been answered. Your choice in those prompts does not, by itself, turn Firebase Analytics or Crashlytics off — it gates when collection begins, not whether it begins. If you would prefer no Firebase data collection at all, the only way to fully opt out today is to uninstall the app; we may add a separate in‑app toggle for this in a future update.

Your choices about ad tracking

On iOS, Blue Duel asks for App Tracking Transparency permission on first launch. If you decline, Google AdMob will only serve non‑personalized ads and will not use your IDFA for cross‑app tracking. You can change this anytime in Settings → Privacy & Security → Tracking.

On Android, there is no equivalent first‑launch tracking prompt. The system‑wide control lives at Settings → Privacy → Ads (sometimes Settings → Google → Ads on older Android versions); from there you can delete or reset your AAID and opt out of personalized ads. Google’s Ad Center offers additional account‑level controls.

On either platform you can still play every game and earn rewards regardless of your choice. These controls govern ad personalization specifically; they do not by themselves stop Firebase Analytics or Crashlytics from collecting data — see the previous subsection for the opt‑out posture for those two products.

Things that stay on your device

A few things are stored locally on your device for the app to function. None of them leave your device through Blue Duel itself:

  • Display name. The nickname you choose is stored locally and only broadcast over Bluetooth so nearby players can see who is inviting them. It never leaves your device except to the phone you are actively playing with.
  • Settings and progress. Preferences (sound, auto‑accept, tickets, purchases, etc.) are stored on your device using the operating system’s standard storage.
  • Connection log. The app keeps a small, size‑capped diagnostic log of Bluetooth connection events on your device to help troubleshoot pairing issues. It does not contain your gameplay, chat messages, account info, or location. The log never leaves your device unless you choose to attach it to a feedback email yourself (see below) and is removed when you delete the app.

3. Bluetooth

Blue Duel uses your device’s Bluetooth radio for the only thing it’s designed for: discovering and connecting to the other phone you want to play with. Game moves, chat messages, and the display names of the two players are exchanged directly between the two devices over Bluetooth. None of that information is transmitted to us or to any third party.

The Bluetooth permission your device asks for differs slightly by platform:

  • On iOS, Blue Duel asks for Bluetooth permission the first time you tap Find Opponent. iOS handles all radio access through Core Bluetooth.
  • On Android 12 and newer, Blue Duel requests the modern BLUETOOTH_SCAN, BLUETOOTH_CONNECT, and BLUETOOTH_ADVERTISE permissions. We declare the neverForLocation flag on scan, which tells Android that we do not derive your physical location from Bluetooth scan results — and we don’t. We do not request the location permission on Android 12+.
  • On Android 11 and older (rare given our minimum supported version), the operating system itself required ACCESS_FINE_LOCATION for any Bluetooth Low Energy scan. That requirement was Google’s, not ours; Blue Duel never used location data, only the BLE scan results.
  • On Android, while a duel is active, Blue Duel runs a short‑lived foreground service so the system doesn’t terminate the connection if you briefly switch apps. You may see a low‑priority “Connected to <peer name>” notification while you’re in a game; it stops the moment the duel ends. The notification is local to your device and does not transmit anything.

4. In‑app purchases

If you choose to make a purchase (for example, a Premium pass to remove ads), the transaction is handled entirely by your platform’s app store — Apple’s App Store on iOS via StoreKit, or Google Play on Android via Play Billing. Each store shares with us only what we need to validate and restore your purchase; we never see your payment details. To manage or cancel a recurring subscription, use the standard subscription controls on your device (App Store account on iOS, Google Play account on Android).

5. Sending us feedback

If you tap Send Feedback in the app’s settings, Blue Duel opens a draft message in your device’s mail app addressed to our support address. To help us triage the message, the draft is pre‑filled with a small footer containing your operating system version (iOS or Android), device model, and the Blue Duel version and build number. You can review, edit, or delete this footer before sending, and you may attach the connection log described above if you want us to investigate a Bluetooth issue. The email is sent through your own mail provider; Blue Duel does not transmit it on your behalf, and we only receive what you choose to send.

6. Children

Blue Duel is intentionally easy to learn and family‑friendly, and we’re delighted when younger players enjoy it. That said, the app is offered as a general‑audience product and is not specifically directed to children under 13. We ourselves do not collect personal information from anyone, including children; ad‑related data collected by Google AdMob (described in §2) is governed by Google’s own policies. Parents and guardians are encouraged to use the device’s parental controls — Screen Time and Ask‑to‑Buy on iOS, or Family Link on Android — to manage in‑app purchases and ads.

7. Data retention

Because we ourselves operate no backend, there is nothing on our side to retain. Local data on your device (settings, display name, purchase records, and the diagnostic connection log) is removed when you delete the app. Data processed by the third‑party Google SDKs we embed is retained according to Google’s own schedules:

  • Google AdMob — per Google’s policies linked in §2.
  • Firebase Analytics14 months by default, after which Google deletes user‑level event and property data. Aggregated, anonymized reports may persist longer in the Firebase console but are no longer tied to any individual install.
  • Firebase Crashlytics90 days for crash and non‑fatal error reports, after which Google deletes them.

8. Data deletion

You can remove your data from the Blue Duel ecosystem at any time. Because of how the app is built, the steps depend on which kind of data you mean — and in most cases the controls live with you and your device, not with us.

  • Data we hold about you on a server: none. Blue Duel runs no accounts and operates no backend that receives data from the app, so there is nothing on our side for us to delete. This is true on both iOS and Android. The aggregated reports we view in the Firebase and AdMob consoles are stored by Google — see the Firebase and AdMob bullets below for how to delete data from those services directly.
  • Local data on your device — your display name, settings, purchase records, and the diagnostic connection log described in §2 — is removed when you uninstall Blue Duel. You can also clear it without uninstalling via Settings → Apps → Blue Duel → Storage → Clear data on Android, or by deleting and reinstalling the app on iOS.
  • Ad‑related data collected by Google AdMob is held by Google, not by us. To reset or delete it, use the platform controls described in §2 (App Tracking Transparency on iOS; Settings → Privacy → Ads on Android to delete or reset your AAID), and Google’s Ad Center for account‑level controls.
  • Usage and crash data collected by Firebase Analytics and Firebase Crashlytics is held by Google, not by us. The simplest way to delete it is to uninstall and reinstall Blue Duel: this resets the app instance identifier Firebase uses to tie events together, orphaning any prior events; orphaned events are then deleted on the schedules listed in §7 (14 months for Analytics, 90 days for Crashlytics). If you would like us to file a formal deletion request with Firebase on your behalf, email us at the address below with the subject line “Firebase data deletion request”.
  • Anything else, or if you’d like a written confirmation: email privacy+blueduel@diffusethinking.com with the subject line “Data deletion request”. We will respond within 30 days. Because we don’t hold personal data on our own servers, the response will usually confirm there is nothing on our side to delete and walk you through the device‑side and Google‑side steps above.

Uninstalling the app, or making a deletion request, does not cancel any active subscriptions. To manage or cancel a subscription, use the standard subscription controls in your device’s App Store account (iOS) or Google Play account (Android).

9. Your other rights

Depending on where you live, you may have additional rights to access or correct personal information held about you. Because we ourselves don’t hold any on our own servers (see §8), there is nothing for us to disclose or correct on our end. For data Google may hold via the SDKs we embed:

  • AdMob — use Google’s Ad Center together with the platform‑specific tracking settings described in §2.
  • Firebase Analytics and Crashlytics — follow the deletion routes in §8, or use the broader account‑level controls in your Google Account activity controls.

10. Changes to this policy

If we ever change how the app handles data — for example, by adding optional features that involve a server — we will update this page and revise the “Last updated” date above. Material changes will be highlighted before they take effect.

11. Contact

Questions, concerns, or requests? Email privacy+blueduel@diffusethinking.com and we will get back to you.