Privacy Policy

TRIVELA

Privacy Policy

Effective date: 29 March 2026

Last updated: 11 May 2026

This Privacy Policy describes how Trivela ("we", "us", or "our") collects, uses, and shares your personal data when you use the Trivela mobile application ("App") and our website at trivela.app ("Site"), collectively referred to as the "Services".

Trivela is currently operated by four co-founders as an unregistered project. We are not yet a formally incorporated legal entity. Our operations are based in Sweden, and we are subject to the General Data Protection Regulation (GDPR) as well as applicable Swedish data protection law.

By using our Services, you agree to the collection and use of your information as described in this Privacy Policy. If you do not agree, please do not use our Services.

1. Data Controller

Trivela is the data controller for personal data collected through the Services. As we are not yet a registered company, you may contact us at:

Email: contact@jointrivela.com

Location: Sweden

We will respond to all data-related enquiries within 30 days.


2. Data We Collect

2.1 Waitlist Sign-Up (Website)

When you join our waitlist on the Site, we collect:

- Email address

This data is used solely to notify you when access opens. We do not share it with third parties for marketing purposes.

2.2 Account Registration (App)

When you create an account in the App, you must be at least 13 years old. We do not knowingly collect personal data from children under 13. If we become aware that a user is under 13, we will delete their data promptly.

Data collected depends on the sign-in method you choose:

  • Apple Sign-In: your name and email address (or Apple-relayed email), as provided by Apple.

  • Google Sign-In: your name, email address, and Google profile picture, as provided by Google.

  • Email sign-in: your email address and a password (stored in hashed form; we never store plaintext passwords).

2.3 App Activity Data

When you use the App, we automatically collect:

  • Game scores, results, and leaderboard rankings

  • Username and profile photo or avatar (if you choose to set one)

  • Device identifiers (e.g. device model, operating system version, unique device ID)

  • Usage analytics, including session duration, feature interactions, and crash reports, collected via Firebase Analytics and Firebase Crashlytics

  • IP address (collected automatically by our servers and by Firebase)

2.4 Push Notifications

If you grant notification permission, we collect your device push token in order to deliver in-app notifications (such as game invitations or results). We do not use push tokens for advertising purposes. You can withdraw notification permission at any time through your device settings.

2.5 Communications

If you contact us by email or through the App, we retain the content of your communication and your contact details in order to respond.

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:


  • Performance of a contract (Article 6(1)(b) GDPR): to provide the App and its features to you.

  • Consent (Article 6(1)(a) GDPR): for waitlist sign-up and optional analytics features, where we seek your consent prior to collection.

  • Legitimate interests (Article 6(1)(f) GDPR): to improve the Services, detect and prevent fraud, ensure security, and operate leaderboards. Our legitimate interests do not override your rights.

  • Legal obligation (Article 6(1)(c) GDPR): where processing is required to comply with applicable law.

4. How We Use Your Data

We use the data we collect to:

- Operate and provide the Services, including account creation and authentication

- Power in-app features such as head-to-head games, leaderboards, and trophies

- Send you waitlist and launch communications (only for waitlist sign-ups)

- Send you push notifications related to your activity in the App (where you have granted permission)

- Analyse how users interact with the App in order to improve the product

- Monitor for bugs, crashes, and security issues

- Respond to your enquiries and support requests

- Comply with applicable law

We do not use your data for automated decision-making or profiling that produces legal or similarly significant effects.

5. Third-Party Services

We integrate with the following third-party services. Each has their own privacy policy and acts as a data processor or independent data controller for the data they handle:


  • Google Sign-In — Google LLC. Used for authentication. Google may process your data in accordance with its Privacy Policy: policies.google.com/privacy

  • Apple Sign-In — Apple Inc. Used for authentication on iOS. Data is handled per Apple's Privacy Policy: apple.com/legal/privacy

  • Firebase Authentication — Google LLC. Used to manage user sign-in and session tokens.

  • Firebase Firestore — Google LLC. Used to store app data including game scores and user profiles.

  • Firebase Analytics — Google LLC. Used to understand how users interact with the App. Data may be processed on Google's servers globally.

  • Firebase Crashlytics — Google LLC. Used to collect crash reports and diagnose stability issues.


We require all third-party processors to handle your data in a manner consistent with this Privacy Policy and applicable data protection law, including GDPR. See firebase.google.com/support/privacy for Firebase's privacy practices.

6. Data Transfers

Because we use Firebase and Google services, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. Google LLC participates in the EU-U.S. Data Privacy Framework and provides appropriate safeguards (Standard Contractual Clauses) for such transfers.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes described in this Policy, or as required by law.

  • Waitlist data: retained until beta launch or until you request removal, whichever is sooner.

  • App account data: retained for the duration of your account. Upon account deletion, your personal data is deleted or anonymised within 30 days, except where retention is required by law.

  • Analytics data: retained per Firebase default retention settings (up to 14 months for event data).

  • Communications: retained for up to 2 years.

  • Push notification tokens: deleted upon account deletion or when you withdraw notification permission.

You may request deletion of your data at any time by contacting contact@jointrivela.com or by deleting your account directly within the App. We will action email requests within 30 days.

8. Account Deletion

You can delete your Trivela account at any time directly within the App. To do so, go to **Settings → Account Settings → Delete Account**, then confirm your choice. Deleting your account will permanently remove your profile, game history, and associated personal data from our systems within 30 days.

If you are unable to access the App, you may also request account deletion by contacting us at contact@jointrivela.com.

9. Your Rights Under GDPR

As a data subject under GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you

  • Rectification— request correction of inaccurate or incomplete data

  • Erasure ("right to be forgotten") — request deletion of your personal data

  • Restriction — request that we limit processing of your data

  • Data portability — receive your data in a structured, machine-readable format

  • Object — object to processing based on legitimate interests

  • Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting prior processing


To exercise any of these rights, contact us at contact@jointrivela.com. You also have the right to lodge a complaint with the Swedish supervisory authority:

Integritetsskyddsmyndigheten (IMY)

Website: imy.se

Email: imy@imy.se

10. Children's PrivacY

The Services are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. The registration flow requires users to confirm they meet the minimum age requirement. If we become aware that a user is under 13, we will delete their data promptly. If you believe a child under 13 has provided us with personal data, please contact us at contact@jointrivela.com.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted connections (TLS/HTTPS), hashed password storage, and access controls limited to authorised team members.

No method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

12. Cookies and Tracking (Website)

Our website uses minimal cookies for functional purposes (e.g. remembering form state). We do not use advertising cookies or third-party tracking cookies on the waitlist page. You can manage or disable cookies through your browser settings.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the date at the top of this document and, where appropriate, by email or in-app notification. Your continued use of the Services after changes are posted constitutes acceptance of the updated Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:

Email: contact@jointrivela.com

Subject line: Privacy Enquiry — Trivela

We aim to respond to all enquiries within 30 days.

Create a free website with Framer, the website builder loved by startups, designers and agencies.