← Back to Home
Privacy Policy for wildcard dex
Last Updated: March 7, 2026
Introduction
This privacy policy describes how Play Outside Games ("we", "us", or "our") collects, uses, stores, and protects your information when you use the wildcard dex mobile application ("the app"). We are committed to protecting your privacy and being transparent about how we handle your data.
By using wildcard dex, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the app.
Information We Collect
Information You Provide Directly
- Photos: Images you take or select to identify species
- Display Name: An optional name you choose for your profile
- Profile Photo: An optional photo you set as your profile picture (stored locally)
- Location Data: Optional location information when you photograph species, if you grant permission
Information Collected Automatically
- Device Identifier: A unique device identifier generated from your device's vendor ID (iOS) or Android ID, combined with a random component. This is used to identify your account for social features
- Authentication Data: We create an anonymous account for you via Firebase Authentication. If you subscribe to dex++, your email address is collected for account authentication
- Push Notification Token: If you enable push notifications, a Firebase Cloud Messaging (FCM) token is collected to deliver notifications to your device
- Device Information: Basic device type and operating system information used for generating your device identifier
- App Version: Your app version, collected for compatibility purposes
Information Collected Through Social Features
If you use friend and trading features, the following is collected and stored on our servers:
- Your display name, level, total species count, total card count, earned badges, and selected title
- Friend connections and friend request history
- Trade offers and trade history
- Photos uploaded for trading cards (stored in Firebase Storage)
How We Use Your Information
- Species Identification: Photos and optional location data are sent to Google Gemini AI via our secure server proxy for species identification. Photos are not permanently stored by the AI service
- Social Features: Your profile information, friend connections, and trade data are stored on Firebase servers to enable multiplayer features
- Push Notifications: FCM tokens are used to notify you of friend requests, trade offers, and other app events
- Advertisements: Google AdMob displays ads to free users. AdMob may collect device identifiers and usage data according to Google's privacy policy. Premium subscribers (dex++) do not see ads
- In-App Purchases: Subscription purchases are processed by Apple (App Store) or Google (Play Store). We store your subscription status locally; we do not collect or store payment information
- App Improvement: Usage data stored locally on your device helps us understand how features are used
Data Storage
Local Storage (On Your Device)
- Species discoveries, sighting history, and photos
- Quest progress, XP, and badge data
- Profile picture and user preferences
- Subscription status
Server Storage (Firebase/Google Cloud)
- User profile data (display name, level, badges, friend code)
- Friend lists and friend requests
- Trade data and uploaded trade photos
- FCM push notification tokens
- Anonymous or email authentication credentials
Our servers are hosted on Google Cloud Platform (Firebase) in the United States. If you are located outside the United States, your data will be transferred to and processed in the United States.
Data Security
We use industry-standard security measures to protect your data:
- All communication between the app and our servers uses HTTPS encryption
- Server access is restricted to authenticated users via Firebase Authentication
- Firestore security rules enforce that users can only access their own data
- Firebase Storage rules restrict photo uploads to authenticated users
- AI identification requests are routed through our authenticated server proxy
Third-Party Services
The app uses the following third-party services, each with their own privacy policies:
We do not sell your personal information to any third party.
Permissions
The app may request the following device permissions:
- Camera: To take photos for species identification and trading
- Location (Optional): To record where you discovered each species and to provide location context for AI identification
- Notifications (Optional): To receive alerts about friend requests, trades, and app events
All permissions are optional and requested at the point of use. You can revoke permissions at any time through your device settings.
Your Rights
Regardless of where you are located, you have the right to:
- Access: View your data, which is primarily stored locally on your device. Server-stored profile data is visible within the app
- Deletion: Request deletion of your server-stored data by contacting us at the email below. Local data can be deleted by uninstalling the app or clearing app data
- Opt-Out of Location Tracking: Deny or revoke location permission in your device settings
- Opt-Out of Push Notifications: Disable notifications in your device settings
- Withdraw Consent: Stop using the app at any time
Additional Rights for Users in the European Economic Area (EEA) and United Kingdom
Under the General Data Protection Regulation (GDPR), you also have the right to:
- Rectification: Request correction of inaccurate personal data
- Portability: Request a copy of your data in a portable format
- Restriction: Request restriction of processing of your personal data
- Object: Object to processing of your personal data
- Lodge a Complaint: File a complaint with your local data protection authority
Our legal basis for processing your data is:
- Consent: For optional features like location tracking and push notifications
- Legitimate Interest: For core app functionality, security, and fraud prevention
- Contract Performance: For providing subscription services you purchase
To exercise any of these rights, contact us at: support@playoutsidegames.com
Data Retention
- Local Data: Retained on your device until you uninstall the app or clear app data
- Server Data: Profile and social data are retained while your account exists. You may request deletion by contacting us
- Trade Photos: Retained in Firebase Storage while the associated trade exists
- FCM Tokens: Retained while you have notifications enabled; removed when you disable notifications or uninstall the app
- Authentication Data: Retained until account deletion is requested
Children's Privacy
The app is suitable for general audiences. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA) without verifiable parental consent. If we learn that we have collected personal information from a child without appropriate consent, we will delete it promptly. If you believe a child has provided us with personal data, please contact us.
International Data Transfers
Our servers are located in the United States. If you use the app from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the app, you consent to this transfer. For users in the EEA and UK, these transfers are conducted in compliance with applicable data protection laws, relying on Google's data processing terms and standard contractual clauses.
Changes to This Policy
We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy within the app and updating the "Last Updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions, concerns, or requests regarding this privacy policy or your personal data, please contact us at:
← Back to Home