# Tessera — Privacy Policy **Effective: 2026-06-11** Tessera is a single-player and multiplayer crossword game published by Pim Witlox. This policy explains what data the app handles and what it does not. ## Short version Tessera **does not collect any personal data**. It has no analytics, no advertising, no third-party tracking, and no servers under our control. Game progress is stored on your device; multiplayer is routed through Apple's Game Center. ## Data the app stores on your device The app writes a single JSON file in your device's **Application Support** directory to remember an in-progress solo puzzle (which words you've filled, which cells you've revealed, and your selection). This file lives inside the app's sandbox and is removed when you delete the app or tap "Discard solo game" inside the app. It never leaves your device. The app also reads a bundled, read-only SQLite database (`tessera.sqlite`) that ships inside the app's resources. It contains words and clues only. ## Data the app does *not* collect - We do not collect or transmit your name, email, IP address, device identifiers, advertising identifier, contacts, photos, location, or any other personal data. - We do not use Google Analytics, Firebase, Mixpanel, Sentry, Crashlytics, Adjust, AppsFlyer, Branch, or any other third-party SDK that profiles users. - We do not run our own servers and do not maintain any database of users. - We do not display advertisements. ## Multiplayer (Game Center) If you choose to play a multiplayer match, the app uses Apple's **Game Center** turn-based service: - Your Game Center nickname and your in-game moves are visible to your opponent — that's how the match works. - The match's state (whose turn it is, which letters have been placed, which cells have been revealed) is stored by Apple on Game Center's servers so the other player can resume the match on their device. - We never see your Apple ID, your real name, or your email address. The app only ever knows your Game Center *player identifier*, which is an anonymous, app-scoped string assigned by Apple. Apple's handling of Game Center data is governed by Apple's own privacy policy: . The Game Center multiplayer feature is optional. You can play Tessera without ever signing into Game Center. ## Third-party software inside the app Tessera embeds one third-party library: - **GRDB** () — a Swift wrapper around SQLite, used only to read the bundled word/clue database on your device. GRDB does not make network requests. ## Children The app does not target children under 13 specifically, and it does not collect any data from any user regardless of age. The Game Center multiplayer feature inherits Apple's Game Center age requirements. ## Required-Reason API disclosures Tessera ships a privacy manifest (`PrivacyInfo.xcprivacy`) inside its bundle. It declares **no Required-Reason API category usage**, because none of Tessera's code paths map to one of Apple's published categories: the app reads and writes its own JSON save file without accessing file timestamps, and the embedded SQLite (via GRDB) does not call any of the APIs Apple has placed under a Required-Reason rule. If a future feature ever introduces such an API call, this section and the manifest will be updated to declare it explicitly. ## Changes to this policy If this policy changes, the updated text will be committed to this repository and the effective date above will be updated. The git history is the canonical change log. ## Contact Questions about this policy: **pim@witlox.io**