# Privacy and Data Inventory Draft

Use this to prepare App Store privacy labels, Google Play Data safety and your privacy policy.

## Data currently implied by the prototype

### Account data
- Email address if signed in with Supabase Auth.
- User ID generated by Supabase.
- Username, handle, avatar, bio, country/region and public/private profile setting.

### Gameplay data
- Owned parcels.
- Parcel upgrades.
- Cash/wallet balance.
- Lifetime earnings.
- Marketplace listings.
- Leaderboard score.
- Missions, achievements and event claims.

### Location data
- Browser geolocation may be requested to centre the map on the player.
- Current prototype should not store precise GPS history unless you add it.
- If GPS history, anti-cheat location logs or movement checks are added, update this inventory.

### Payments / rewards data
- Reward wallet balance.
- Payout requests.
- Payout method placeholder.
- Terms acceptance.
- Fraud-risk checks.

If using real payouts, you may need to collect identity, tax, bank, PayPal, Stripe Connect or KYC data. Do not collect this directly in the frontend unless it is handled by a compliant provider.

### Advertising / analytics data
- Phase 2.9 uses a rewarded-ad simulator.
- When a real ad SDK is connected, update privacy disclosures for ad identifiers, approximate location, device information, diagnostics and tracking where applicable.

## User controls needed before launch
- Account deletion request path.
- Data deletion request path.
- Privacy policy link in app and store listings.
- Terms and rewards policy links.
- Notification opt-in and opt-out.
- Location permission fallback.
- Public/private profile control.

## Notes
Store privacy forms must reflect the real production build and third-party SDKs at the time of submission.
