Privacy Policy

Last Updated: April 28, 2026 · Effective Date: April 28, 2026 · App Version: 1.0.136

This Privacy Policy describes how the PokerDrill mobile application (the "App", "we", "us"), operated by Mingle Zeng, collects, uses, and discloses information about its users.

By installing or using the App, you agree to the practices described below. If you do not agree, please uninstall the App.

1. Information We Collect

1.1 Information We DO NOT Collect

PokerDrill is privacy-first. We do NOT collect:

❌ Personally Identifiable Information (PII): name, email address, phone number, postal address
❌ Account credentials (no signup, no login required)
❌ Location (GPS, Wi-Fi, Bluetooth, IP geolocation)
❌ Persistent device identifiers (IMEI, IDFA, Advertising ID)
❌ Contacts, Calendar, Photos, Microphone, Camera
❌ Behavioral analytics via third-party tracking SDKs
❌ Cookies (the App is native, not browser-based)

1.2 Information Stored Locally On Your Device

The following data is stored only on your device via React Native AsyncStorage / SQLite. We never see this data:

Your hand history, decisions, mistakes, GTO scores
Training settings, preferences, language choice
Achievement progress and Poker DNA stats
App theme and UI preferences

1.3 Information We Process via Network Services

For the AI Coach feature and In-App Purchases, the App must communicate with two services:

(a) PokerDrill Coach API (https://api.pokerdrill.app)

What is sent: An anonymous device-generated UUID + the specific poker hand state (cards, position, action) you ask the AI to review. No personal information is attached.
Why: To generate AI coaching commentary using a third-party LLM (OpenAI gpt-4o-mini). Responses are cached for 24 hours to reduce cost and latency.
How long: Cached responses are deleted after 24 hours. The anonymous UUID is used solely for rate limiting and is rotated periodically.
Encryption: All requests use HTTPS (TLS 1.2+).

(b) Google Play Billing (operated by Google LLC)

What is sent: Your Google Play account ID, product SKU (pro_monthly_499 / pro_yearly_2999 / pro_lifetime_4999), purchase token.
Why: To validate purchases, restore subscriptions, and enforce entitlements per Google Play policy.
Important: Google's own privacy policy applies to this transaction. We only receive the verified entitlement status — never your credit card or full Google account.

2. How We Use Information

The minimal data we process is used solely for:

Generating AI coaching feedback for the specific hand you submitted
Verifying your subscription / lifetime purchase
Rate limiting to prevent abuse of the AI Coach API
Aggregated, anonymous usage statistics (e.g. "X requests served today") for service health

3. How We Share Information

We do NOT sell, rent, or trade any data. Limited disclosures occur only to:

OpenAI: Hand state is sent to OpenAI's API to generate the coaching response (their API does not retain inputs for training per their commercial terms).
Google Play / Google Cloud: For purchase verification and infrastructure hosting.
Law enforcement: Only if compelled by valid legal process.

4. Data Retention

Data Type	Retention
On-device hand history	Until you uninstall or clear app data
AI Coach API cache	24 hours, then deleted
Anonymous rate-limit UUID	30 days, then rotated
Google Play purchase records	Per Google's policy (typically 7 years for tax)

5. Your Rights

Because we do not collect personal data, the following rights are largely already fulfilled by design:

Right to Access: All your gameplay data is on your device. You can view it in-app at any time.
Right to Delete: Uninstall the App, or use Settings → Clear All Data. Server-side anonymous data can be deleted via our deletion form.
Right to Portability: Pro users can export hand history as CSV/JSON from Settings.
Right to Object: You can disable AI Coach in Settings to stop all server communication.

EU residents have additional rights under GDPR. California residents under CCPA. Contact us at support@pokerdrill.app to exercise any right.

6. Children's Privacy

PokerDrill is rated 18+ and is NOT directed to children under 18. We do not knowingly collect any data from children. If you believe a minor has used the App, please contact us and we will delete any associated data.

7. Security

We use industry-standard security: HTTPS for all transit, AES encryption at rest on the server, and the principle of least privilege for all internal access. However, no system is 100% secure. You use the App at your own risk.

8. International Transfers

Our backend is hosted in Tokyo, Japan (Vultr). OpenAI processing occurs in the United States. By using the App, you consent to these transfers.

9. Changes to This Policy

We may update this Policy from time to time. The "Last Updated" date at the top will reflect any changes. Material changes will be announced in-app.

10. Contact

For privacy questions, please contact:

Email: support@pokerdrill.app
Operator: Mingle Zeng (Shenzhen, China)