DroidSquadDroidSquad

Privacy Policy

Last updated: 2026-04-30

What we collect

  • Account: email, role, Google Account email (testers)
  • Profile (testers): country, device fingerprint hash, optional PayPal email
  • Campaign (devs): app name, package, Play Console opt-in URL, description
  • Usage: daily check-ins, optional feedback text, IP country at check-in

How we use it

  • Match testers to campaigns by country
  • Send transactional emails (magic links, campaign events)
  • Detect duplicate accounts via fingerprint hashing
  • Generate compliance reports for Google Play

Third parties

  • Resend / Gmail SMTP — transactional email (magic links, campaign notifications)
  • Google APIs — Play Console data (tracks, vitals, reviews) accessed via service-account credentials each developer provides
  • Google Groups — shared testers group membership (only your Google email goes here, devs never see it)
  • Cloudflare — DDoS/DNS/Turnstile bot detection
  • Google Analytics 4 — anonymous traffic analytics. IP anonymized; Demographics/Interests collection disabled.

Your rights

Export or delete your data by emailing [email protected] — we respond within 72h. EU/UK users: GDPR / UK DPA basis is consent for marketing email, contractual necessity for account data, legitimate interest for fraud detection (fingerprint hashing).

Data retention

Account + campaign data retained while your account is active and for 30 days after deletion (so we can restore if you change your mind). Audit log + security event records retained for 365 days for forensics. Anonymized aggregates may be retained indefinitely.

Cookies

Essential session cookies only. No ad trackers. Sentry error reporting configured to strip PII.

Contact

Questions? Email [email protected].