# Privacy Policy for StatusXP

**Last Updated: December 10, 2025**

## Introduction

StatusXP ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mobile application.

## Information We Collect

### Account Information
- Email address (for authentication via Supabase)
- Gaming platform usernames (PlayStation Network ID, Xbox Gamertag, Steam Display Name)
- Profile avatars from connected gaming platforms

### Gaming Data
- Achievement and trophy data from PlayStation Network, Xbox Live, and Steam
- Game titles, completion percentages, and unlock dates
- StatusXP scores and statistics calculated from your achievements

### Usage Data
- AI guide usage and credit consumption
- Sync history and timestamps
- App feature usage analytics

## How We Use Your Information

We use your information to:
- Authenticate your account and provide secure access
- Sync and display your gaming achievements across platforms
- Calculate your StatusXP scores and statistics
- Provide AI-powered achievement guides
- Track premium subscription status and AI credit usage
- Improve app functionality and user experience

## Data Storage and Security

- All data is securely stored in Supabase (PostgreSQL database)
- We use industry-standard encryption for data transmission
- Authentication is handled via Supabase Auth with secure tokens
- We do not sell or share your personal information with third parties

## Third-Party Services

StatusXP integrates with the following services:
- **Supabase**: Authentication and database hosting
- **PlayStation Network**: For fetching PSN trophies (via your NPSSO token)
- **Xbox Live**: For fetching Xbox achievements (via OAuth)
- **Steam**: For fetching Steam achievements (via your Steam API key)
- **OpenAI/Gemini**: For AI-powered achievement guides (anonymous, no personal data shared)

## Platform API Usage

When you connect gaming platforms:
- **PSN**: We store your NPSSO token securely to fetch trophy data
- **Xbox**: We use OAuth tokens (refreshed automatically) to access achievements
- **Steam**: We store your Steam ID and API key to fetch achievement data

We only fetch data you explicitly authorize and never share your gaming credentials.

## Your Rights

You have the right to:
- Access your personal data stored in our database
- Request deletion of your account and all associated data
- Disconnect gaming platforms at any time
- Opt out of AI feature usage

## Data Retention

- Account data is retained while your account is active
- You can delete your account at any time from Settings
- Upon account deletion, all personal data is permanently removed within 30 days

## Children's Privacy

StatusXP is not intended for users under the age of 13. We do not knowingly collect data from children under 13.

## Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted in the app and on this page with an updated "Last Updated" date.

## Contact Us

If you have questions about this Privacy Policy, please contact us:
- Email: support@platovalabs.com
- GitHub: [Your GitHub Issues Page]

## Compliance

StatusXP complies with:
- Google Play Store data disclosure requirements
- Apple App Store privacy guidelines
- General Data Protection Regulation (GDPR) principles
- California Consumer Privacy Act (CCPA) guidelines

---

**By using StatusXP, you agree to this Privacy Policy.**