Privacy Policy
Your privacy matters to us.
This Privacy Policy describes how the Steal Risk application collects, uses, retains and protects user data.
The data controller is Rocco Carbone, personal email: carbone.r.developer@gmail.com, official email: info@stealrisk.com.
1. General information
Steal Risk is available on Android and iOS.
Use of the app is permitted only to users at least 16 years old.
By using the app, you accept the terms of this Privacy Policy.
2. Data processed
Steal Risk processes the following data:
- Authentication data via Firebase Authentication (e.g. Google, Apple, email/password).
- Firebase user identifier (UID).
- Profile data: display name, profile photo, email (if available from the provider).
- Game content generated by users: room names, challenge/question texts, votes and match states.
- Moderation data: content reports (e.g. report reason, reported user, reporting user, technical proof metadata).
Steal Risk does not require biometric data or precise geolocation data.
3. Purpose of processing
Data is processed to:
- allow access, authentication and operation of the app;
- manage matches, rooms, turns, votes and challenges;
- prevent abuse and manage community moderation/safety;
- improve the technical stability and security of the service.
Data is not sold to third parties.
4. Visibility of data among users
In remote mode, members of the same room can view the data needed for gameplay (e.g. display name, profile photo, challenges, votes provided by the flow, and proof images uploaded for the challenge).
This data is not public outside the game room.
5. Data retention
- Profile photos: kept as long as the account remains active or until deleted/modified by the user.
- Moderation reports: kept for security, audit and technical dispute-handling purposes, for the time strictly necessary.
6. Moderation, account suspension and removal
To protect the platform, Steal Risk may apply moderation measures to content and accounts.
In case of serious violations, the account may be suspended and scheduled for automatic deletion within approximately 24 hours.
7. Account and data deletion
Users can request deletion of their account from the dedicated in-app features.
When an account is deleted, the main user references are removed from Firebase Authentication and from the Firestore/Storage data associated with the account, except for any technical data needed for security, abuse prevention or legal compliance.
8. Data security
Data is managed on Firebase/Google Cloud infrastructure with authentication controls, access rules and server-authoritative logic for sensitive operations.
We adopt reasonable measures to reduce unauthorized access, misuse or loss of data.
9. Advertising
The app integrates AdMob (Google) for advertising.
Google may process data according to its own policies:
https://policies.google.com/technologies/ads
Steal Risk does not sell personal data to advertisers.
10. Minors
The app is not intended for users under 16.
If you believe a minor has provided data in violation of this policy, please contact us so we can handle the case.
11. Changes to this policy
This policy may be updated at any time.
The updated version will be published at:
https://stealrisk.com/privacy-policy
In case of substantial changes, users may also be notified in-app.
12. Contact
For privacy requests, clarifications or reports:
- Rocco Carbone
- carbone.r.developer@gmail.com
- info@stealrisk.com
Last updated: March 8, 2026