Privacy Policy

Last updated: February 27, 2026

Overview

Fitbit Bingo ("we", "our", "the app") is a multiplayer fitness bingo game. This policy describes what data we collect, why we collect it, and how you can control it. We collect only what is necessary to run the game and never sell or advertise with your data.

Data We Collect

When you sign in with Fitbit and use the app, we collect the following:

  • Fitbit activity data — your daily step count, distance walked or run (in km), and active minutes. This is fetched from the Fitbit API each time you sync.
  • Fitbit profile data — your Fitbit display name and avatar URL, used to identify you in multiplayer game lobbies.
  • Game activity — which games you have created or joined, your bingo board state, tile completions, and game outcomes.

We do not collect your Fitbit email address, heart rate, sleep data, weight, food logs, or any other health metrics beyond the three listed above.

How We Use Your Data

  • To generate your personal bingo board with goals scaled to your activity level.
  • To mark bingo tiles as complete when your daily stats meet their thresholds.
  • To display your name and avatar to other players in games you join.
  • To show your game history on your dashboard.

We do not sell your data, use it for advertising, share it with third parties for their own purposes, or use it for any purpose other than operating the bingo game.

Data Retention

Your data is stored for as long as your account is active. Daily activity syncs are retained to maintain game state accuracy. If you delete your account, all of your data — including your user profile, game history, boards, tiles, and daily syncs — is permanently deleted immediately and cannot be recovered.

Third Parties

We rely on the following third-party services to operate:

  • Fitbit (Google LLC) — used as our OAuth sign-in provider and as the source of your activity data. Your use of Fitbit is governed by Fitbit's Privacy Policy.
  • Supabase — our database hosting provider. Your data is stored in a Supabase-managed PostgreSQL database. Supabase's data handling is governed by Supabase's Privacy Policy.

We do not use analytics services, advertising networks, or any other third-party data processors beyond the two listed above.

Your Rights

You have the right to access, correct, or delete your data at any time:

  • Delete your account — use the "Delete account" option on your dashboard to permanently erase all your data from our systems.
  • Revoke Fitbit access — you can revoke our access to your Fitbit account at any time through Fitbit's application settings. Revoking access will prevent future syncs but does not delete data already stored in our system; you must also delete your account for full removal.

Cookies and Sessions

We use a single encrypted session cookie (fitbit_bingo_session) to keep you signed in. This cookie contains only your user ID and expires after 30 days. We do not use tracking cookies, advertising cookies, or third-party cookies.

Contact

If you have questions about this privacy policy or your data, contact us at fitbitbingo@example.com.