Riffle

Privacy Policy

Last updated: 18 April 2026

Who we are

Riffle (“we”, “us”) operates the website at riffle.cc and the daily song-guessing game accessible through it. For privacy questions, contact us at support@riffle.cc.

Information we collect

  • Account data (only if you sign up): your email address, optional display name, and a unique account identifier.
  • Anonymous play data: if you play without an account, we generate a temporary anonymous user identifier so we can save your progress, streak, and Riffs balance to your device session.
  • Gameplay data: daily puzzle results, streaks, friends-room participation, wager outcomes, hint use, pack purchases.
  • Usage analytics: page views, feature interactions, and error reports, used in aggregate to improve the product. We do not sell this data.
  • Device data: browser type, screen size, IP address (for rate limiting and abuse prevention only, not stored long-term).

How we use it

  • To provide the game (saving progress, syncing rooms, awarding Riffs).
  • To prevent abuse and enforce rate limits.
  • To measure feature adoption and improve gameplay (aggregated analytics).
  • To process Riffs purchases (via Stripe, see “Third parties” below).

Third parties

We share data only with the providers needed to run the service:

  • Supabase (database, auth, realtime), stores your account, gameplay data, and Riffs balance.
  • Vercel (hosting), serves the website and processes requests.
  • Stripe (payments), processes Riffs purchases. We never see or store your card details.
  • Apple iTunes, we link to public song preview clips. Apple may log these requests independently.
  • PostHog (analytics) and Sentry (error reporting), usage and crash data, anonymised where possible.

Cookies and local storage

We use cookies for authentication sessions and to remember your preferences. We use browser local storage to save your daily progress, played-songs history, and onboarding state. You can clear these at any time from your browser settings.

Your rights

Depending on your jurisdiction (e.g. UK GDPR, EU GDPR, CCPA), you have the right to access, correct, export, or delete your personal data. To exercise any of these rights, email support@riffle.cc and we’ll respond within 30 days.

Children

Riffle is not directed at children under 13 (or under 16 in the EU/UK). If you believe a child has created an account, contact us and we’ll delete it.

Changes

We’ll update this policy as the product evolves. The “Last updated” date at the top will reflect any change. Material changes will be announced in-app.

Operated by Riffle. Contact: support@riffle.cc