This site is still hatching — feel free to try things out, but don't create accounts yet. Some data may be deleted.
Sign In Sign Up

Privacy Policy

Last updated: February 2026

1. Data Controller

Super Solitaire is operated by an individual developer. For privacy-related inquiries, please contact us.

As the data controller, we are responsible for deciding how your personal data is collected, used, and protected in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

2. Information We Collect

When you use Super Solitaire, we may collect the following information:

  • Account Information: If you create an account, we collect your email address and username.
  • Game Data: We store your game statistics including scores, times, moves, and win records.
  • Usage Data: We collect information about how you interact with our service, including game preferences and settings.
  • Payment Information: When you purchase a premium subscription, payment is processed by Paddle (our Merchant of Record). We receive transaction confirmations but do not store your full payment card details.

3. Legal Basis for Processing (GDPR Article 6)

We process your personal data on the following legal bases:

  • Contract (Art. 6(1)(b)): Processing necessary to provide the service you requested, including account management, game state storage, and premium subscription fulfillment.
  • Legitimate Interest (Art. 6(1)(f)): Processing for analytics, security, fraud prevention, and service improvement, where our interests do not override your fundamental rights.
  • Consent (Art. 6(1)(a)): Personalized advertising cookies are only set with your explicit consent. You may withdraw consent at any time via the cookie settings or in your account settings.
  • Legal Obligation (Art. 6(1)(c)): Retention of transaction records as required by tax and accounting laws.

4. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the game service
  • Display leaderboards and track your personal statistics
  • Save your game progress and preferences
  • Process premium subscriptions and manage your account
  • Improve and optimize the gaming experience
  • Display advertisements (personalized only with your consent)
  • Communicate with you about service updates

5. Cookies and Tracking Technologies

We use cookies and local storage technologies on our site. When you first visit, we ask for your consent before setting any non-essential cookies.

Essential Cookies (always active)

These are necessary for the site to function and cannot be disabled:

  • Supabase auth cookies (sb-*): Manage your login session and authentication state.
  • Local storage keys: solitaire_preferences (game settings), cookie_consent (your cookie choices), theme and game state data.

Analytics Cookies (require consent)

These cookies help us understand how players use the site so we can improve the experience. They are only activated if you consent to analytics cookies:

  • Google Analytics 4: Collects anonymous usage data such as pages visited, session duration, and device type. We use Google Consent Mode v2 to ensure no data is collected without your consent.
  • PostHog: Collects product analytics events to help us understand gameplay patterns and improve features. PostHog respects your opt-out preference.

Advertising Cookies (require consent)

These cookies are set by Google AdSense and are only activated if you consent to advertising cookies:

  • Google AdSense cookies: Used to serve and measure advertisements. When consent is not given, ads are served in non-personalized mode without tracking cookies.

You can change your cookie preferences at any time using the "Manage Cookies" link in the footer, or in your account settings under Privacy & Data.

6. Third-Party Services

We use the following third-party services to operate Super Solitaire:

  • Supabase: Database hosting, user authentication, and backend infrastructure.
  • Paddle: Payment processing and subscription management (acts as Merchant of Record).
  • Google Analytics 4: Anonymous usage analytics. Only active with your analytics consent.
  • PostHog: Product analytics and feature experimentation. Only active with your analytics consent.
  • Google AdSense: Advertising for free-tier users. Personalized ads require your consent.
  • Vercel: Website hosting and content delivery.

Each of these services has its own privacy policy governing the data they process. We encourage you to review their policies.

7. International Data Transfers

Your data may be processed and stored in the United States through our infrastructure providers (Supabase, Vercel). These transfers are conducted in reliance on Standard Contractual Clauses (SCCs) maintained by the respective service providers, in compliance with GDPR requirements for international data transfers.

8. Data Retention

  • Active accounts: Your data is retained for as long as your account remains active.
  • Deleted accounts: When you request account deletion, your data enters a 30-day grace period (during which you can recover your account), after which it is permanently purged.
  • Payment records: Transaction records are retained by Paddle in accordance with applicable tax and accounting laws.
  • Anonymous game data: Aggregated, non-identifiable game statistics may be retained indefinitely for service improvement purposes.

9. Data Storage and Security

Your data is stored securely using industry-standard encryption. Game saves are stored locally on your device and optionally synchronized with our servers if you have an account. We employ technical and organizational measures to protect your data, but no method of transmission over the internet is 100% secure.

10. Your Rights

Under the GDPR and other applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your account and associated data.
  • Right to Restrict Processing: Request that we limit how we process your data.
  • Right to Data Portability: Export your data in a machine-readable format. You can do this from Settings > Privacy & Data.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Withdraw your consent for advertising cookies at any time via the cookie banner or settings page.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with your local Data Protection Authority (DPA) if you believe your data is being processed unlawfully.

To exercise any of these rights, please contact us.

11. Payment Processing

When you make a purchase, your payment is processed by Paddle, which acts as our Merchant of Record. Paddle handles all payment processing, tax calculation, and VAT compliance. We do not store or have access to your full credit card number or payment details.

Paddle may collect:

  • Payment card information (processed securely, not shared with us)
  • Billing address
  • Email address for receipts

We only receive confirmation of successful payment and basic transaction details needed to provide your premium access.

12. Children's Privacy

Super Solitaire is not directed to children under 13 years of age (or under 16 in the EU/EEA). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe your child has provided personal data, please contact us to request deletion.

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes affecting EU/EEA users, we will provide at least 30 days notice where practicable.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us.