gridlo

Privacy

Privacy policy

Last updated: 3 July 2026.

This policy explains how BreadRolls Group Ltd uses personal data for gridlo, including the mobile app, website, puzzle API, account system, support, purchases, notifications, first-party product analytics, diagnostics, and Puzzle Builder features.

Quick Summary

  • gridlo is run by BreadRolls Group Ltd, trading as gridlo.
  • Contact us about privacy at contact@thegridlo.com.
  • We use account, gameplay, purchase, support, notification, first-party product analytics, diagnostic, age-gate, and puzzle-builder data to operate the game.
  • We use first-party product analytics to understand starts, completions, drop-off, retention, mode usage, credit usage, matchplay/tournament usage, and reliability.
  • We do not use advertising SDKs, cross-service advertising tracking, or sell personal data.
  • Under-13 users cannot create accounts. Puzzle publishing and puzzle sending are limited to users confirmed as 18+.
  • You can delete your account in the app or contact us if you cannot access it.

Controller And Contact

gridlo is operated by BreadRolls Group Ltd, a private limited company registered in England and Wales under company number 17108384. BreadRolls Group Ltd is the controller of the personal data described in this policy. Our UK Information Commissioner's Office registration reference is ZC177785.

You can contact us at contact@thegridlo.com or through Account > Help, Report a bug, or Feedback in the app.

For Singapore privacy matters, contact BreadRolls Group Ltd's Data Protection Officer function at contact@thegridlo.com. For New Zealand privacy matters, contact BreadRolls Group Ltd's Privacy Officer function at contact@thegridlo.com.

European Representative Under Article 27 Of GDPR

We have appointed EU Rep as our Representative under Article 27 of the EU General Data Protection Regulation ("GDPR"). All GDPR queries from EU Data Subjects or Data Protection authorities should be submitted to eurep.ie via their dedicated form. Bizlegal t/a EUREP, Company number 635921, Ireland. You may also contact us directly at contact@thegridlo.com.

For Younger Players

We ask for your birth month and year so we can block under-13 accounts and apply age-based feature rules. If you are 13-17, you can play and save puzzle drafts, but you cannot publish or send puzzles. Some shared puzzles may be visible only when they have been marked suitable for younger players.

Please do not put private information about you or anyone else in usernames, puzzle text, themes, word banks, reports, support messages, or feedback.

Data We Collect

  • Account data, such as email address, user ID, session metadata, username, avatar, optional country, and account timestamps.
  • Age eligibility data, such as birth month and year, calculated age band, age-gate policy version, confirmation time, and under-13 device lock.
  • Gameplay, ranking, friend, club, match, tournament, challenge, leaderboard, and progress data.
  • User content, including puzzle titles, descriptions, tags, words, clues, puzzle JSON, drafts, shared puzzles, Puzzle Builder themes, word banks, and generated results.
  • Purchase and credit data, including App Store, Google Play, Qonversion, product, entitlement, transaction, credit ledger, and sanitized webhook records.
  • Notification data, including preferences, in-app notification rows, Expo push tokens, device platform, device model name, app version, and native build version.
  • Support and moderation data, including bug reports, feedback, help requests, report reasons, optional report details, moderation status, content hashes, and moderator notes.
  • Usage and diagnostic data, such as first-party product analytics events for app opens, app backgrounding, surface opens, puzzle starts, completions, exits, matchplay/tournament lifecycle events, session and attempt IDs, game mode, puzzle/date references, puzzle API usage, request IDs, rate-limit metadata, job status, sanitized breadcrumbs, crash or performance diagnostics, platform, and pseudonymous user identifiers. Product analytics does not send grid letters, answers, clues, keystrokes, advertising IDs, or free-text puzzle content.
  • Local device data, such as auth sessions, local progress, downloaded packs, local drafts, seen-state, runtime config cache, retry queues, and age-gate records.

Why We Use Data

  • Contract: to create and secure accounts, run puzzles, save progress, provide social features, process purchases, operate credits, deliver requested Puzzle Builder grids, and send service notifications.
  • Legitimate interests: to prevent abuse and fraud, enforce rate limits, apply age-based access controls, investigate bugs, moderate content, protect players, maintain reliability, and understand first-party product analytics such as starts, completions, drop-off, retention, mode usage, credit usage, matchplay/tournament usage, and reliability. We do not use this for advertising tracking.
  • Consent: only to register and use an Expo push token after the operating-system push-permission flow, and to send optional push categories you leave enabled.
  • Legal obligation: to keep records needed for tax, accounting, consumer, refund, dispute, law-enforcement, or regulatory obligations where they apply.

What Is Public Or Shared

Your public profile fields can be shown through profile search, leaderboards, public clubs, puzzle pages, shared puzzles, app-feed entries, and social activity feeds. Content you publish to public clubs, public leaderboards, and public app-feed surfaces is visible to other players.

Direct or private puzzle-share cards are limited by access controls to the relevant participants, but support or moderation tooling can access them when needed to run the service or review reports.

Processors And Services

  • Supabase provides authentication, database storage, row-level security, realtime features, and Edge Functions. The production project is recorded in eu-west-1 and current records say Supabase project backups are not configured.
  • Cloudflare Workers, Workflows, Pages, and CDN run the puzzle API, async builder jobs, rate-limit usage, operational logging, the website, and app-link pages using standard global/default processing.
  • Turso/libSQL is queried by backend puzzle-generation and matching routes for crossword solution-grid, clue-corpus, and custom word-bank data. Current records place Turso in AWS eu-west-1.
  • OpenAI is used for AI puzzle-generation routes, including theme word generation, async builder support-word generation, and clue-style rewriting, and for automated moderation of published or shared puzzle content after configured rules pass. Current records say OpenAI API retention is default and has not been modified; moderation requests are sent with store:false.
  • Qonversion, Apple, and Google process in-app purchase and entitlement data for credit purchases. Qonversion is recorded as hosted in London, United Kingdom on Microsoft Azure.
  • Expo processes push tokens and push payload delivery. Expo EAS is used for production build and submit metadata.
  • Sentry processes sanitized crash, performance, breadcrumb, worker, and edge-function diagnostics. Current records place Sentry event storage in Frankfurt, Germany.
  • Microsoft 365 / Graph sends support, feedback, bug-report, and signup-notification emails to contact@thegridlo.com. Current records place the tenant geography in the UK, except Exchange Online Protection and Viva Connections have no commitment.

These vendors use standard vendor DPAs, data terms, platform terms, and transfer safeguards such as SCCs or UK transfer terms where required.

International Transfers

We are established in the United Kingdom and use service providers in the UK, EEA, Ireland, Germany, AWS eu-west-1, London, and standard global/default cloud-processing locations. Where personal data is transferred internationally, we rely on vendor data-processing terms, adequacy decisions where available, standard contractual clauses, UK transfer terms, and related safeguards where required.

Retention

  • Most account, profile, gameplay, leaderboard, social, notification, support, moderation, purchase, and credit records are kept while your account exists, unless a shorter rule applies or a legal/support reason requires longer retention.
  • Birth month and year are currently kept while the account exists so the app can recalculate age-band access over time.
  • Async Puzzle Builder generation jobs expire after 7 days and are pruned by a scheduled database function.
  • Puzzle API usage events are pruned after 31 days.
  • Raw first-party product analytics events are pruned after 90 days. Normalized puzzle-attempt lifecycle rows are pruned after 13 months. Aggregated analytics views may be kept longer where they no longer contain contact details, puzzle content, answers, clues, or advertising/device identifiers.
  • Social activity feed events are pruned after 30 days when new feed activity is written, and the public app feed keeps only the latest 60 events.
  • Local daily puzzle progress expires after 7 days. Local club puzzle progress expires after 24 hours. Completed game progress is cleared when the game is finished.
  • Expo push tokens remain until disabled, replaced, reported invalid by Expo, or removed through account deletion.
  • Some vendor-side retention settings still need final dashboard evidence, including Sentry event retention days, Cloudflare log and Workflow retention, Microsoft mailbox retention, Qonversion deletion detail, and Turso deletion/log retention.

Deletion And Export

You can delete your account from Account > Delete account. The deletion process removes the Supabase auth user and profile, deletes or cascades many user-linked app rows, removes service-owned puzzle API usage and processed webhook rows linked to the user, and anonymizes public app-feed actor payloads.

Some moderation, purchase, fraud-prevention, tax, accounting, dispute, safety, or legal records may remain where needed. Apple, Google, and Qonversion may keep their own purchase, refund, and entitlement records outside gridlo.

See Account deletion and privacy requests for the public deletion route.

Security And Minimisation

Supabase row-level security restricts private rows to the account owner, relevant participants, authenticated users, or service-role tooling depending on the table. Logging helpers redact authorization headers, access tokens, refresh tokens, service-role keys, emails, Expo push tokens, raw Qonversion events, full puzzle JSON, answers, clues, tokens, secrets, passwords, API keys, UUID-shaped values, and sensitive URL parameters where used. Product analytics is written through an authenticated RPC with allowlisted event names and metadata. Direct client table access is revoked, and the app does not send grid cells, answers, clues, keystrokes, free text, advertising IDs, or device IDs for product analytics.

The app does not intentionally ask for special-category data such as health, religion, political views, ethnicity, biometric identity, or precise location.

AI And Automated Controls

OpenAI-backed puzzle features generate words or rewrite clues from the puzzle prompt data you submit. OpenAI-backed moderation can classify published or shared puzzle content for release, blocking, or review. These features do not make legal or similarly significant decisions about you.

Age-band checks, puzzle-suitability filters, rate limits, abuse checks, username validation, purchase reconciliation, and push-token disabling are automated service controls used to run and protect the service.

Your Rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal data linked to your account. You can also withdraw push-notification consent by changing app or operating system notification settings.

To make a privacy request, contact contact@thegridlo.com. We may need to verify your identity before exporting, correcting, or deleting account data. If UK GDPR applies, you can complain to the UK Information Commissioner's Office at ico.org.uk. EU users can also complain to the supervisory authority where they live or work.

Data Capture Forms

For further information on how your data is used, how we maintain the security of your data, and your rights to access information we hold on you, see our privacy policy.

Changes

We will update this policy before using personal data for a materially new purpose. We also review it when tables, processors, public access paths, notification types, purchase flows, AI routes, or logging behavior change.

Terms of use Privacy policy Account deletion Contact

BreadRolls Group Ltd, trading as gridlo. Company number 17108384. Registered in England and Wales.

Registered office: Unit A, 82 James Carter Road, Mildenhall, England, IP28 7DE.

Privacy, Singapore DPO and New Zealand Privacy Officer: contact@thegridlo.com