Effective date: April 25, 2026
Last updated: April 25, 2026
This Privacy Policy explains how LevelUp Life ("we", "us", or "our") collects, stores, uses, and protects your personal data. We believe in transparency and keeping things simple. This policy applies to the LevelUp Life web application and all related services.
The data controller responsible for your personal data is:
LevelUp Life
Email: samauskasnojus@gmail.com
If you have questions about how we process your data, contact us at the email above. We will respond within 30 days.
If you choose to create an account and sign in:
Your journey data is stored to provide and improve the service:
If you upgrade to LevelUp Life Pro:
If you opt in to social features:
When you use the app, we automatically collect:
This data is stored only on your device (localStorage) and synced to Supabase only if you sign in. We also store anonymous first-party marketing events locally (e.g. button clicks, onboarding completion) to improve the product — never sold or used for ads.
Data we do NOT collect:
Under GDPR (Article 6), we process your data only when we have a lawful basis:
Performance of a Contract
Storing and syncing your game progress to provide the LevelUp Life service you requested.
Legitimate Interest
Maintaining app functionality, preventing data loss, and providing a consistent user experience across devices.
Consent
Social features (leaderboards, friend lists) and cloud sync require your explicit opt-in. You can withdraw consent at any time in Settings.
By default, all your data is stored locally in your browser (localStorage and IndexedDB). This means your progress is private to your device and browser. Clearing your browser data will remove this information.
If you create an account and sign in, your data syncs to Supabase (a secure cloud database hosted on AWS). This lets you access your progress across devices. See Section 5 for details.
We use the following third-party processors who may have access to your data:
Purpose: Authentication, cloud database storage, and data sync
Data accessed: Email, password (hashed), game progress, social data
Location: AWS EU-West (Ireland) by default
Compliance: GDPR-compliant, SOC 2 Type II certified. Data processed under a Data Processing Agreement (DPA).
Privacy policy: supabase.com/privacy
Purpose: Delivering open-source JavaScript libraries (Tailwind CSS, Lucide Icons)
Data accessed: IP address may be logged transiently for CDN delivery. No personal data is shared.
We do not share your personal data with any other third parties. We never sell your data.
Under GDPR Article 28, when a data controller (LevelUp Life) uses a data processor (Supabase Inc.) to handle personal data on its behalf, a Data Processing Agreement (DPA) must be in place.
If you require a copy of the DPA or have questions about data processing arrangements, contact us at samauskasnojus@gmail.com. EU users can also request Supabase's DPA directly at supabase.com/contact.
If you use the app from outside the European Economic Area (EEA), your data may be transferred to and processed in the EU (Ireland) where our Supabase instance is hosted.
If you are an EEA resident, your data stays within the EEA by default (Supabase EU-West region). No data is transferred to countries without adequate data protection.
For users in jurisdictions with data localization requirements, we recommend using the app without signing in (local-only mode) to keep data on your device.
We never sell, rent, or share your data with third parties for their own purposes. We don't use your data for advertising. We only access your data when you request support or when required by law.
| Data Type | Retention Period |
|---|---|
| Account data (email, auth) | Until you delete your account |
| Game progress & stats | Until you delete your account or clear local data |
| Subscription data (tier, dates) | Until you delete your account or subscription expires |
| Social data (friends, leaderboards) | Until you delete your account or opt out of social features |
| Local-only data (no account) | Until you clear browser data or use "Clear All Data" |
| Data after account deletion | Deleted within 30 days from all systems |
We do not retain your personal data longer than necessary. Once you delete your account, all associated data is permanently removed within 30 days.
We implement appropriate technical and organizational measures to protect your data:
While we strive to protect your data, no system is 100% secure. We recommend using a strong, unique password for your account.
| Type | Purpose | Duration |
|---|---|---|
| Authentication cookies | Maintain your signed-in session (Supabase Auth) | Session / 7 days |
| localStorage data | Store game progress and preferences locally | Until manually cleared |
We use no tracking cookies, no analytics cookies, and no advertising cookies. We do not use Google Analytics, Facebook Pixel, or similar ad-tracking services.
We may use optional, privacy-friendly analytics (such as Plausible) or first-party event counts stored in your browser to measure which features and pages are used — without building an advertising profile. If enabled, this collects only aggregated page views and custom events (e.g. "started app", "opened upgrade screen"), not your mission content or personal stats.
Depending on your location, you have the following rights:
Right to Lodge a Complaint: If you believe we have mishandled your data, you have the right to complain to your local supervisory authority. EEA residents can find their authority at edpb.europa.eu. California residents can contact the California Attorney General.
To exercise any of these rights, use the in-app settings or contact us at samauskasnojus@gmail.com. We will respond within 30 days (or 45 days for CCPA requests).
Open the app → Settings → scroll down → tap "Clear All Data". This removes everything from your device immediately.
To delete your account and all cloud data:
Or email us at samauskasnojus@gmail.com with "Delete My Account" and your account email. We will process the request within 30 days.
Before deletion, you can export your data via Settings → Export Data. This gives you a JSON file with all your progress, stats, and history.
Important: Account deletion is permanent and irreversible. All game progress, achievements, and social connections will be permanently removed within 30 days. We cannot recover your data once deleted.
LevelUp Life is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13.
Under GDPR (Article 8), children aged 13–15 in the EEA may use the service with parental consent. Under COPPA (US), we do not collect personal information from children under 13.
If we discover that we have collected personal data from a child under 13, we will delete it immediately. If you believe a child under 13 has provided us with personal data, please contact us at samauskasnojus@gmail.com.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms:
For local-only users (no account), a breach of cloud data would not affect you since your data never leaves your device.
We do not use automated decision-making or profiling that produces legal or similarly significant effects concerning you.
The app uses algorithmic features (adaptive difficulty, mission recommendations, AI coaching tips) to personalize your experience. These are purely for game enjoyment and do not make decisions that affect your legal rights, credit, employment, or similar matters. You can disable these features in Settings at any time.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.
Previous versions of this policy are available upon request by emailing samauskasnojus@gmail.com.
Questions, concerns, or data requests? Reach out:
We will respond to all data subject requests within 30 days (GDPR) or 45 days (CCPA). For verification, we may ask you to confirm your identity before processing your request.
LevelUp Life is committed to protecting your privacy and data rights.
This policy is effective as of April 25, 2026.