← Tenebra Technologies

Privacy Policy

Detox Heroes RPG

Effective date: July 8, 2026 · Last updated: July 8, 2026

Summary

Detox Heroes RPG has no user account, no login, and no backend server that we operate. All of your screen-time, gameplay, and progression data is created, processed, and stored only on your device, in the App's private storage. We never receive it.

The one situation in which any data leaves your device is when you choose to make an optional in-app purchase (buy rubies, unlock the endgame tier, or start the support subscription). Those purchases are processed by Google Play and validated through RevenueCat, and a limited amount of purchase-related data is shared with them for that purpose only. This is explained in full in section 5. If you never make a purchase, no personal data leaves your device through the App.

We do not use advertising, we do not use analytics or crash-reporting SDKs, and we do not sell or share your data with anyone for marketing.

1. Who we are (data controller)

Detox Heroes RPG ("the App") is an Android gamified screen-time reduction application developed and published by:

TenebraTechnologies s.r.o. ("we", "us", "our")
Majerníkova 3039/28, 841 05 Bratislava, Slovenská republika
IČO: 57363544
Zapísaná v Obchodnom registri Mestského súdu Bratislava III, oddiel Sro, vložka č. 194527/B
Contact: support@tenebratechnologies.com

For the on-device data described in section 3, we are not a data controller, because that data never reaches us. For the limited purchase data described in section 5, we act as a controller together with our payment processors to the extent we can access pseudonymous purchase records in the RevenueCat dashboard.

2. Scope

This policy covers the Detox Heroes RPG Android application distributed through the Google Play Store. It does not cover the Google Play Store itself, your Google account, your device operating system, or any third-party service, each of which is governed by its own privacy policy.

3. Data processed entirely on your device

When you use the App, the following information is created, derived, or read into the App locally on your device only, and is stored in a private SQLite database inside the App's sandbox:

  • Your hero's name (which you choose — please do not enter your real name if you prefer not to), class, gender, level, XP, attribute stats, progress points and sigils
  • Per-app foreground-usage records for the current day, derived from Android's UsageStatsManager — package name, the app's display label, minutes used, and a flag indicating whether it is one of the social-media packages the App recognizes
  • Daily screen-time summaries — total screen minutes, social minutes, off-screen minutes, night phone-free streak, the computed habit multiplier and the XP earned that day
  • Step counts for the current day, if you opt in to step tracking (read from the device's on-board step-counter sensor)
  • Dungeon state, inventory items, the daily shop contents, quests, achievements ("feats"), focus sessions, daily hero mood, your chosen "nemesis" app, and battle history (including a local JSON log of each fight)
  • In-app balances — coins, crafting materials and rubies (the in-app currencies) — and premium-entitlement flags (whether the endgame tier is unlocked and whether a support subscription is active)
  • Preferences — notification toggles and times, reminder interval, streak state, onboarding progress, last session date, and the step-tracking opt-in flag

This data is held in the App's private storage area, which other apps on a non-rooted device cannot read. We do not receive, transmit, sync, or otherwise transfer this data to any server, third party, or analytics service. Because allowBackup is disabled for the App, this data is not included in Android's automatic cloud backup.

4. About PACKAGE_USAGE_STATS (special permission)

To do its core job — converting time spent off your phone into hero XP — the App needs to know how much you used your phone and which apps you spent that time in. This is provided by Android's special PACKAGE_USAGE_STATS permission via the UsageStatsManager API.

  • It cannot be granted by a runtime prompt — you enable "Usage access" for Detox Heroes RPG manually in Android Settings. Onboarding links you there directly.
  • The data returned is foreground time and timestamps per app — package name, foreground minutes, last-time-used. It does not include the contents of any app, your messages, your photos, the websites you visited, keystrokes, or any in-app activity.
  • The App uses this data exclusively, on device, to compute your off-screen time, social-vs-non-social split, habit multiplier, night streak and XP.
  • The App never transmits, exports, shares, or sells UsageStatsManager data. It is not sent to us, to RevenueCat, to Google, or to anyone.
  • You can revoke the permission at any time in Android Settings → Apps → Special app access → Usage access. The App will still launch but cannot award XP until it is restored.

5. In-app purchases — the only data that leaves your device

The App is free to download and fully playable without spending money. It also offers optional in-app purchases:

  • Rubies (consumable in-app currency) — packs of 50, 100 and 200 rubies
  • Endgame Unlock (one-time, non-consumable) — unlocks the legendary spawn tier and endgame progression
  • Adventurer's Pass (auto-renewing monthly subscription) — a support subscription with no gameplay advantage

When — and only when — you initiate a purchase, purchase processing is carried out by Google LLC (Google Play billing) and validated through RevenueCat, Inc., which is the in-app-purchase infrastructure the App uses. In this flow, the following data is handled off your device:

  • Handled by Google Play: your Google account, payment method and billing details, and the purchase token. We never see your payment card details. Google's handling is governed by the Google Privacy Policy.
  • Handled by RevenueCat: the Google Play purchase token/receipt, the product identifier, a randomly generated anonymous app-user identifier (created by the RevenueCat SDK; it is not your name, email or Google ID), your device's IP address, and technical metadata such as platform, app version, device model, country and locale, plus purchase timestamps. RevenueCat uses this to validate the purchase, determine your entitlements, and enable purchase restoration. Its handling is governed by the RevenueCat Privacy Policy.

The App does not ask you to create an account, and does not send RevenueCat or Google your hero, your usage statistics, or any of the on-device data in section 3. Purchase entitlements are tied to the anonymous identifier and your Google account (so the Endgame Unlock can be restored on a device signed into the same Google account), not to any personal profile we hold. In the RevenueCat dashboard we may see pseudonymous, aggregated purchase records (product, revenue, country) associated with the anonymous identifier — never your name, email, or the contents of your device.

6. Notifications, the home-screen widget, and background refresh

  • Local notifications. If you enable reminders, the App schedules local notifications on your device (via Android's notification system). These are generated on-device; there is no remote push service, and no notification content is sent to a server.
  • Home-screen widget. If you add the optional widget, it displays your hero and progress on your home screen using the same on-device data. It does not transmit anything.
  • Background refresh. The App may run a brief background task to refresh the widget and roll over the day's state. This runs locally and does not send your data anywhere.

7. What we do NOT collect or do

To be explicit, Detox Heroes RPG does not:

  • Collect your name, email address, phone number, postal address or any identifier we hold about you (the hero name you type stays on your device)
  • Read the contents of any other app — messages, posts, browsing history, photos, contacts, calendar are all inaccessible to the App
  • Transmit your screen-time or gameplay data off the device for any purpose
  • Use third-party analytics SDKs (Google Analytics, Firebase Analytics, Amplitude, Mixpanel, Segment, etc.)
  • Use third-party crash-reporting SDKs (Crashlytics, Sentry, Bugsnag, etc.)
  • Use advertising SDKs or networks, or show ads anywhere in the App
  • Read or track the Advertising ID (GAID), IMEI, MAC address or build serial for tracking
  • Access your microphone, camera, precise or coarse location, call log, SMS, or installed-apps list beyond the foreground-usage information surfaced by UsageStatsManager
  • Sell or share your personal information, or use it for cross-app tracking or targeted advertising

The INTERNET permission is present and is used solely for the optional in-app-purchase flow described in section 5; it is not used to transmit your usage or gameplay data.

8. Permissions the App requests

  • PACKAGE_USAGE_STATS (special) — core XP mechanic; see section 4. Granted manually in Android Settings.
  • ACTIVITY_RECOGNITION (Android 10+, runtime) — only if you opt in to step tracking, to read your step count from the on-board sensor and award a walking bonus. Processed on device. You may decline or revoke it.
  • POST_NOTIFICATIONS (Android 13+, runtime) — to show the optional local reminders you configure. No remote push.
  • INTERNET — network access used solely for the optional in-app-purchase flow (Google Play billing and RevenueCat validation).
  • VIBRATE and MODIFY_AUDIO_SETTINGS — for in-app haptics and sound effects.
  • FOREGROUND_SERVICE / FOREGROUND_SERVICE_MEDIA_PLAYBACK — used by the audio component that plays the App's sound effects. No audio is recorded.
  • Legacy storage permissions (READ_EXTERNAL_STORAGE / WRITE_EXTERNAL_STORAGE) are declared only for Android 12 and below (maxSdkVersion="32") and have no effect on newer devices; the App writes only to its own private storage.

The App does not use microphone input, location, contacts or the camera.

9. Legal bases for processing (GDPR)

For the on-device data in section 3, we perform no processing as a controller. For the purchase data in section 5, the legal bases are:

  • Performance of a contract (Art. 6(1)(b) GDPR) — to deliver and validate a purchase you requested and to grant the corresponding entitlement.
  • Legitimate interests (Art. 6(1)(f) GDPR) — to prevent fraudulent or duplicate purchases and to keep purchase entitlements working (e.g. restore). You may object to processing based on legitimate interests.
  • Legal obligation (Art. 6(1)(c) GDPR) — where tax or accounting law requires retention of transaction records (handled primarily by Google as merchant of record).

10. International data transfers

Google LLC and RevenueCat, Inc. are established in the United States and may process purchase data there or in other countries. Where such transfers occur, they are governed by the transfer mechanisms in those providers' own policies, including the EU Standard Contractual Clauses and, where applicable, the EU–U.S. Data Privacy Framework. We ourselves do not export the on-device data described in section 3.

11. Data retention

  • On-device data — retained on your device until you delete it in the App, clear the App's data, or uninstall the App. We hold no copy.
  • Purchase data — retained by Google and RevenueCat for as long as needed to provide entitlements, support restoration, prevent fraud, and comply with legal/accounting obligations, per their policies. Pseudonymous records we can view in the RevenueCat dashboard persist for the life of the RevenueCat project unless deleted.

12. Children's privacy

Detox Heroes RPG is a general-audience utility intended for users who are old enough to manage their own screen-time habits and, where purchases are made, to enter into a binding contract (generally 16+ in the EEA, or with verifiable parental consent). The App is not directed to children, does not knowingly collect personal data from children, and contains paid in-app purchases — parents and guardians should use Google Play parental controls and purchase authentication. If you believe a child has made a purchase without authorization, contact Google Play support and us.

13. Your rights

Under the GDPR, CCPA/CPRA, LGPD and equivalent laws you may have rights to access, correct, delete, port, restrict or object to the processing of your personal data, and to withdraw consent.

  • On-device data — you exercise these rights directly: your stats and history are visible in the App; you can reset or change data in Settings; uninstalling the App, or clearing its data in Android Settings, erases the local database entirely. Revoking Usage access stops new usage data from being read.
  • Purchase data — to access or delete purchase data held by our processors, you can use Google Play's data controls and contact RevenueCat, and you may contact us at support@tenebratechnologies.com and we will assist and route the request. Because purchase records are keyed to an anonymous identifier and your Google account rather than to a profile we maintain, we may need information from you to locate the relevant records.

You also have the right to lodge a complaint with a supervisory authority — in Slovakia, the Úrad na ochranu osobných údajov Slovenskej republiky (dataprotection.gov.sk).

14. Security

The local database is stored inside Android's per-app private storage sandbox, not readable by other apps on a non-rooted device, and device-level File-Based Encryption applies to App data at rest. Purchase transport to Google and RevenueCat uses encrypted connections. No method of storage or transmission is 100% secure; we cannot guarantee absolute security, and to the extent permitted by law we are not liable for unauthorized access resulting from factors outside our reasonable control (for example, a rooted or compromised device).

15. Third-party services

  • Google LLC — app distribution and in-app billing. Privacy Policy.
  • RevenueCat, Inc. — in-app-purchase validation and entitlement management. Privacy Policy.

We are not responsible for the privacy practices of these third parties; their processing is governed by their own policies.

16. Changes to this policy

If a future version of the App changes data-handling behavior (for example, introduces optional cloud sync), this policy will be updated and the "Last updated" date above will change. For material changes we will make reasonable efforts to notify you in-app or on this page. Continued use after a material change constitutes acceptance of the updated policy, to the extent permitted by law.

17. Contact

Questions about this policy or how the App handles your data:
support@tenebratechnologies.com
TenebraTechnologies s.r.o., Majerníkova 3039/28, 841 05 Bratislava, Slovenská republika

We aim to respond to privacy inquiries within 30 days.

→ Detox Heroes RPG Terms & Conditions