Privacy Policy

Last updated: 18 May 2026

Riffgame is built by PitchCall, Inc. ("we", "us"). This policy describes what we collect, why, and what you can do about it. We aim for the shortest, most readable policy that still covers what lawyers and reviewers care about.

What we collect

Account

You sign in anonymously by default. We assign a random user identifier (UUID) the moment you first open the app. You may later link Apple or Google credentials to back up your account across devices; doing so passes your Apple/Google email to Firebase Authentication.

Your prompts and generated games

Every prompt you submit, the AI's responses, and the generated game source + assets are stored in Firestore and Google Cloud Storage under your user ID. We retain this data so you can reload your library on any device.

Purchases

Subscriptions and riff packs are processed by Apple via In-App Purchases. We use RevenueCat to validate receipts. Apple/RevenueCat see your Apple ID; we only receive a hashed user identifier and transaction metadata (product purchased, amount, country).

Push notifications

If you allow notifications, we use OneSignal to deliver them. We pass your anonymous user ID and your device's push token to OneSignal. You can revoke this any time in iOS Settings or via Riffgame Settings → Notifications.

Device and diagnostic data

We collect crash reports and basic device metadata (OS version, device model, app version) through Firebase. This helps us fix bugs. We do not associate this with any personally identifying information.

What we do NOT collect

• Your contacts, photos, location, microphone, or camera.
• Your browsing history outside the app.
• Advertising identifiers (IDFA).

How your data is used

We use the data above only to run the service: store your games, bill you for purchases, deliver notifications you opted into, and fix bugs. We do not sell your data, and we do not share it with advertisers.

How long we keep it

Your account and content stay until you delete them. You can delete individual games inside the app. To delete your account and all associated data, email [email protected] from the linked Apple/Google email; we process within 30 days.

Sharing with third parties

The vendors we use to operate Riffgame:

• Google Cloud / Firebase — authentication, database, file storage, crash reporting.
• Anthropic — the AI model that generates your games. Your prompts are sent to Anthropic for inference.
• RevenueCat — purchase receipt validation.
• OneSignal — push notification delivery.
• Apple App Store / Google Play — payment processing.
• Cloudflare — DNS and CDN for this website.

Each vendor has its own privacy policy. We pass through only the minimum data each one needs to perform its function.

Your rights

Under GDPR, CCPA, and similar regulations, you may request access to, correction of, or deletion of your personal data. Email [email protected].

Children

Riffgame is rated 12+. We do not knowingly collect personal data from children under 13. If you believe we have, please contact us and we will remove it.

Public games

Games you publish are accessible by anyone who has the URL. They are not discoverable by search and never list your username, but anyone you share a link with — or anyone the link is forwarded to — can play. Treat shared links accordingly.

Changes to this policy

If we change anything material, we will update the "Last updated" date and notify users via the app at least 14 days before the change takes effect.

Contact

PitchCall, Inc.
[email protected]