Rift.TCG > Privacy Policy

This Privacy Policy explains how Lops TCG (SASU) collects, uses, and protects your personal data when you use the Rift.TCG application (the "Service"), in accordance with the General Data Protection Regulation (GDPR – EU 2016/679) and the French "Loi Informatique et Libertés".

1. Data Controller

The data controller responsible for the processing of your personal data is:

Lops TCG (SASU)
3 avenue Foch, 95220 Herblay sur Seine, France
SIREN: 999 798 630 – RCS Pontoise
Represented by: Mikhael LOPEZ, President
Contact: lopspower@gmail.com

2. Data We Collect

Depending on your use of the Service, we may collect the following categories of personal data:

  • Account data: email address, unique identifier provided by Google Sign-in or Apple Sign-in.
  • User content: card collection, favorite lists, decks and any data you choose to save in the app.
  • Subscription data: Rift.TCG PLUS subscription status (managed through Apple, Google and RevenueCat). We do not collect or store your payment details (card number, etc.).
  • Technical data: device type, operating system, application version, language, anonymous identifiers, and anonymized crash/diagnostic logs (date and time of use, app configuration at the time of an error). IP addresses processed by Firebase Analytics and Crashlytics are anonymized by default and are not stored by us.
  • Usage statistics: aggregated and anonymous analytics data about how the Service is used.
  • Push notification token: if you enable push notifications.

The Service does not display advertising and does not collect advertising identifiers.

3. Purposes and Legal Bases

Your personal data is processed for the following purposes and on the following legal bases (GDPR art. 6):

  • Providing the Service (account creation, authentication, saving your collection across devices) – legal basis: performance of a contract.
  • Managing the Rift.TCG PLUS subscription – legal basis: performance of a contract.
  • Improving the Service and diagnosing errors (Crashlytics, technical logs) – legal basis: legitimate interest in ensuring the security and proper functioning of the Service.
  • Anonymous usage statistics – legal basis: legitimate interest.
  • Sending push notifications – legal basis: your consent (you can revoke it at any time in your device settings).
  • Compliance with legal obligations (accounting, response to legal requests) – legal basis: legal obligation.

4. Recipients and Sub-processors

Your data is only accessed by the publisher of the Service. We rely on the following sub-processors to operate the Service:

  • Google Firebase (Google Ireland Limited / Google LLC): Authentication, Realtime Database, Analytics, Crashlytics, Cloud Messaging, Remote Config.
  • RevenueCat, Inc. (USA): subscription management for Rift.TCG PLUS.
  • Apple Inc. and Google LLC: in-app payments and Sign-in.
  • OVH SAS (France): website hosting for rifttcg.app.

We never sell your personal data.

5. International Data Transfers

Some of our sub-processors (notably Google and RevenueCat) are located in the United States or process data outside of the European Economic Area. These transfers are governed by the European Commission's Standard Contractual Clauses (SCC) and, where applicable, by the EU–U.S. Data Privacy Framework, which provide an adequate level of protection for your personal data.

6. Data Retention

  • Account data and user content (collection, decks, favorites): kept as long as your account is active. Data is deleted when you delete your account.
  • Subscription data: kept for the duration of the subscription and up to 10 years for accounting and tax purposes (legal obligation).
  • Technical logs and crash reports: up to 90 days.
  • Analytics: anonymized; aggregated data may be retained without time limit.

7. Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data:

  • Right of access (art. 15)
  • Right to rectification (art. 16)
  • Right to erasure / "right to be forgotten" (art. 17)
  • Right to restriction of processing (art. 18)
  • Right to data portability (art. 20)
  • Right to object (art. 21)
  • Right to withdraw consent at any time, where processing is based on consent
  • Right to define guidelines for the use of your data after your death

To exercise these rights, contact us at lopspower@gmail.com. We will respond within one month.

You also have the right to lodge a complaint with the French data protection authority (CNIL): www.cnil.fr.

8. Account and Data Deletion

You can delete your Rift.TCG account and all related data at any time directly from the application settings. A deletion request can also be sent by email to lopspower@gmail.com with the subject "Rift.TCG – Delete My Data". Deletion requests are processed within 30 days.

9. Security

We implement technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure or destruction. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

10. Cookies and Trackers

The Rift.TCG mobile application uses Firebase Analytics and Crashlytics for technical and statistical purposes (anonymized). The application does not display advertising and does not use advertising trackers.

The rifttcg.app website may use strictly necessary cookies; no advertising or third-party tracking cookies are used.

11. Links to Other Sites

The Service may contain links to third-party websites. We are not responsible for the content or privacy practices of these websites. We recommend that you review their privacy policies before providing them with any personal data.

12. Minors

The Service is not intended for children under 15 years of age (in France) or under the digital majority age set by your country of residence. We do not knowingly collect personal data from minors below that age without parental consent. If you believe a minor has provided us with personal data, please contact us so we can delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Significant changes will be notified through the Service. Please review this page periodically.

Last update: May 26, 2026