This Privacy Policy describes how ThreadCircle (“we”, “us”, or “our”) handles information when you use our Android mobile application (“App”) and this website at threadcircle.uk (together, the “Services”).
ThreadCircle is a casual fidget toy: you create bouncing orbs on screen. We do not require an account, and we do not ask you to submit your name, email, or other contact details inside the App.
For the purposes of the EU General Data Protection Regulation (“GDPR”), UK GDPR, and similar laws, the data controller is:
ThreadCircle (developer of the App)
Contact: [email protected]
Website: https://threadcircle.uk
If you have questions about this policy or wish to exercise your rights, email us at the address above. We will respond within the time required by applicable law (typically within 30 days for GDPR requests).
The App does not include registration, profiles, or forms that collect personal data. If you email us voluntarily, we receive the content of your message and your email address.
When you use the App, our integrated SDKs may collect technical and usage data, including:
We do not intentionally collect precise location, contacts, photos, microphone audio, health data, or payment information through the App.
Orb positions, colors, and game state are processed locally on your device for animation and are not transmitted to us for storage. Clearing the App or uninstalling removes this local data.
This static site hosts our privacy policy. We do not use advertising cookies on this page. Standard web server or CDN logs (e.g. IP address, user agent) may be processed by Google Firebase Hosting and Cloudflare (DNS/CDN) for security and delivery.
If you are in the European Economic Area (EEA) or United Kingdom, we rely on:
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Operate and secure the App; deliver core functionality | Performance of a contract / legitimate interests |
| Analytics to understand how the App is used and improve it | Legitimate interests; consent where required by local law |
| Crash reporting and performance monitoring | Legitimate interests (security, reliability, debugging) |
| Respond to your privacy requests and support emails | Legitimate interests / legal obligation |
| Comply with law and enforce our rights | Legal obligation / legitimate interests |
Where we rely on legitimate interests, you may object as described in Section 8. Where consent is required (e.g. certain analytics under ePrivacy rules), you may withdraw consent through device or Google settings as applicable.
We use service providers that process data on our behalf:
These providers may process data in the United States and other countries outside your own. For EEA/UK users, transfers are subject to appropriate safeguards where required, such as the EU Standard Contractual Clauses or UK International Data Transfer Addendum, as applicable. Google publishes information on international transfers in its privacy documentation.
We do not sell your personal information for money or other valuable consideration.
We use reasonable technical and organizational measures appropriate to the nature of the data, including HTTPS for this website and relying on Google’s infrastructure for SDK data in transit and at rest. No method of transmission or storage is 100% secure.
The App is not directed at children under 13 (United States, COPPA) or under 16 where that age applies under local law in the EEA/UK without parental consent. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact [email protected] and we will take steps to delete it.
Subject to conditions and exceptions in law, you may have the right to:
To exercise these rights, email [email protected]. We may need to verify your request. You may also limit ad/analytics identifiers in Android Settings → Privacy → Ads (reset or opt out of Ads Personalization where available).
If you are a California resident, the California Consumer Privacy Act as amended by the CPRA (“CCPA/CPRA”) may provide additional rights. Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws may have similar rights. These can include:
Categories collected (last 12 months) — identifiers (device/app instance IDs); internet or network activity (usage and crash/performance logs); other information described in Section 2.
Sources — directly from your device via the App and SDKs; indirectly from Google Firebase.
Business purposes — provide the App, analytics, security, debugging, and legal compliance.
Sold or shared for cross-context behavioral advertising — No.
To submit a verifiable consumer request, email [email protected] with subject line “Privacy Request — ThreadCircle” and your state of residence. We will respond within 45 days (or as extended by law). You may designate an authorized agent where permitted by law.
Shine the Light (California Civil Code § 1798.83): We do not share personal information with third parties for their direct marketing purposes in a way that triggers this statute’s disclosure requirement.
We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects.
The App requests:
INTERNET — to send analytics, crash, and performance data to FirebaseACCESS_NETWORK_STATE — to determine whether the device has network connectivity before sending dataWe may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. For material changes, we may provide additional notice in the App or on Google Play where appropriate.
Email: [email protected]
App: ThreadCircle on Google Play
Package ID: shani.threadcircle