Privacy Policy
You Don't Know Africa is a game series developed and operated by David Bauer. This privacy policy explains how David Bauer (hereinafter "David Bauer", "You Don't Know Africa", "we", or "us") processes personal data when you use these games. It applies to registration, login, gameplay, and leaderboard participation.
We comply with the Swiss Data Protection Act (DSG) and, where applicable, the EU General Data Protection Regulation (GDPR).
1. Data Controller
David Bauer
Zurich, Switzerland
info@davidbauer.ch
https://www.davidbauer.ch
2. EU Representative (Art. 27 GDPR)
VGS Datenschutzpartner GmbH
Am Kaiserkai 69
20457 Hamburg
Deutschland
info@datenschutzpartner.eu
https://datenschutzpartner.eu/
3. Data Protection Contact
For questions about data protection or to exercise your rights, contact: info@davidbauer.ch
4. Personal Data We Process
4.1 Account Data (Email Registration)
- Email address
- Optional username (3–20 characters, if you choose to set one)
- Registration date and timestamp
We use email-based one-time codes for sign-in. No passwords are stored.
4.2 Game Data
When you play our games (Find on map, Name from memory, Identify the flags, Impossible edition), we collect:
- Per-game statistics: Attempts, completions, fastest completion time, last completion time, and ranking (percentile) per game and mode (standard/hard)
- Game results: For each play, we store whether you completed the game, completion time, game and mode identifiers, and a timestamp
- Guess sequences (Game 2 only): For the "Name from memory" game, we store the sequence of country names you guessed, duration, and correct/total counts for analytics and future features
- Country guess tallies (Games 1 and 3): Aggregate correct/incorrect counts per country for analytics (not linked to individual users in a personally identifiable way)
- Badges: Records of badges you have unlocked
Game data is recorded both for signed-in users (linked to your account) and for anonymous visitors (using a browser-generated session ID stored in local storage). Anonymous data helps us improve the games and calculate rankings; it is not tied to your identity unless you later sign in.
4.3 Technical Data
- IP address (processed by infrastructure providers)
- Browser type and version
- Operating system
- Session token required for login
- Error messages and logs
4.4 Local Storage
We use browser local storage for:
- Authentication session (Supabase)
- Anonymous session ID (to group plays before sign-in)
- Pending game results (temporarily, until synced to the server)
- Local stats cache
4.5 Usage Analytics
We collect aggregated, anonymous usage statistics via Plausible Analytics. For details on the provider and how it works, see section 6.2.
5. Purposes and Legal Bases
We process your data for the following purposes:
- Providing and operating the games platform (contract performance, where applicable)
- Managing your user account (contract performance)
- Displaying your stats, rankings, and badges (contract performance)
- Detecting and preventing abuse and fraud (legitimate interest)
- Anonymous usage analysis to improve the platform (legitimate interest)
- Compliance with legal obligations
6. Third-Party Providers and Processors
6.1 Supabase (Database Infrastructure)
We use Supabase Inc. (USA) as a data processor for database infrastructure and authentication. We maintain an appropriate data processing agreement where required by law.
Server location: West EU (Ireland)
For data transfers to the USA, Supabase provides safeguards such as EU Standard Contractual Clauses (SCCs).
More information: supabase.com/legal/privacy
6.2 Plausible Analytics
We use Plausible Analytics by Plausible Insights OÜ (Estonia, EU) for anonymous usage statistics. Plausible does not use cookies and does not create personal profiles.
More information: plausible.io/privacy
7. International Data Transfers
Where personal data is transferred outside your local jurisdiction (for example to processors in the USA), we rely on appropriate safeguards such as SCCs where required.
8. Data Retention
- Account data: Until account deletion by you or by us after prolonged inactivity (more than 3 years without login)
- Game results, stats, and leaderboard entries: Until account deletion; you may delete your account and all associated data at any time
- Technical logs: Maximum 90 days
- Legally required data: retained according to statutory retention obligations
After applicable retention periods, data is deleted or anonymized where feasible.
9. Your Rights
Depending on applicable law, you may have the following rights regarding your personal data:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to object
- Right to data portability
To exercise your rights, contact: info@davidbauer.ch
10. Data Security
We implement appropriate technical and organizational measures to protect data from unauthorized access, loss, or misuse, including:
- Encrypted transmission (HTTPS/TLS)
- Access controls based on least privilege
- Infrastructure-level security controls
- Periodic review of security measures
11. Minimum Age
Our platform is not intended for children under 16 years of age. If you believe a child has provided personal data, contact us at info@davidbauer.ch and we will take appropriate action.
12. Cookies and Local Storage
We use technically necessary storage/cookies for authentication and session management. We do not use advertising cookies. Plausible Analytics does not rely on cookies.
13. Changes to This Privacy Policy
We may update this privacy policy from time to time. For material changes, we will provide notice through the product or other appropriate channels. The current version is always available on this page.
14. Supervisory Authority
Competent data protection authority in Switzerland:
Federal Data Protection and Information Commissioner (EDÖB)
edoeb.admin.ch
If you reside in the EU, you may also contact the data protection authority of your EU member state.