APP PRIVACY
POLICY
This policy applies to all mobile and web apps published under the MonkeyRebels name. Looking for the website policy instead? It's over here.
// EFFECTIVE JUNE 9, 2026
01 — WHO'S RESPONSIBLE
The MonkeyRebels apps are made by Stefan van Dockum, trading as MonkeyRebels, based in Schijndel, the Netherlands. I'm the data controller for the information described below. For any privacy question or request, email fun@monkeyrebels.com.
02 — SCOPE
This is a general policy that covers all current and future apps released under the MonkeyRebels name. Not every app uses every feature described here — for example, some apps may not require an account, and some may not show ads. The policy below describes the full set of data we may process across the apps.
03 — WHAT WE COLLECT
Account & authentication data (via Supabase). If an app lets you create an account or sign in, we collect and store:
- Your email address (and, where you set one, a password — stored securely as a hash, never in plain text).
- Authentication identifiers and session tokens needed to keep you signed in.
- Any profile details you choose to provide inside the app.
- If you sign in with a third party (e.g. Google or Apple), the basic profile info that provider shares with us.
Email & communications (via Brevo). If an app sends you emails — such as account confirmations, password resets, or (where you opt in) newsletters and updates — we process your email address and basic delivery data through Brevo.
Advertising & device data (via Google AdMob). Apps that show ads use Google AdMob, which may collect:
- Device advertising identifiers (such as the Android Advertising ID or Apple's IDFA).
- Approximate location (derived from IP address), IP address, and general device information.
- Ad interaction and app-usage signals used to serve and measure ads.
We don't collect more than we need, and we don't sell your personal data.
04 — WHY WE USE IT
- To run your account — signing you in, keeping you signed in, and saving your data and settings.
- To communicate with you — sending account-related emails (confirmations, password resets) and, if you opt in, occasional newsletters or updates.
- To show ads — ads help keep the apps free. Depending on your consent, these may be personalized or non-personalized.
- To operate and improve the apps — fixing bugs, preventing abuse, and keeping things secure.
Our legal bases (under the GDPR) are performance of a contract (providing the app and your account), your consent (for personalized advertising and optional features), and our legitimate interest (security, abuse prevention, and basic app functionality).
05 — ADS & YOUR CHOICES
We use Google AdMob to serve ads. Where required by law (e.g. in the EU/EEA and UK), the app will ask for your consent before showing personalized ads, using Google's consent mechanism. You can choose non-personalized ads, and you can reset or limit ad tracking at any time in your device settings (Android: "Reset advertising ID" / iOS: "Allow Apps to Request to Track"). For details on how Google uses data from apps, see "How Google uses information from sites or apps that use our services" and the Google Privacy Policy.
06 — WHO HELPS PROCESS IT
The apps rely on a small set of trusted providers acting as our processors or independent controllers:
- Supabase — stores authentication and account data on our behalf. See Supabase's privacy policy.
- Brevo — handles delivery of account-related emails (and any newsletters, if you opt in). See Brevo's privacy policy.
- Google AdMob — delivers and measures the ads shown in the apps. See Google's privacy policy.
- App stores (Google Play, Apple App Store) — handle distribution and, where relevant, in-app purchases under their own privacy policies.
07 — INTERNATIONAL TRANSFERS
Some of these providers (including Google and, depending on configuration, Supabase) may process data outside your country, including in the United States. Where that happens, transfers are protected by appropriate safeguards such as the EU Standard Contractual Clauses.
08 — HOW LONG WE KEEP IT
Account data is kept for as long as your account exists. Advertising identifiers and related data are retained by Google according to its own policies. If you delete your account (see below), we delete your account data from our systems, except where we're legally required to keep certain records.
09 — DELETING YOUR ACCOUNT & DATA
You can request deletion of your account and associated personal data at any time. Use the in-app delete option if the app provides one, or email fun@monkeyrebels.com from the address tied to your account and we'll take care of it.
10 — YOUR RIGHTS
Depending on where you live, you may have the right to access, correct, delete, or export your data, object to or restrict certain processing, and withdraw consent. To exercise any of these, email fun@monkeyrebels.com. EU/EEA users can also complain to their local data-protection authority (in the Netherlands, the Autoriteit Persoonsgegevens).
11 — CHILDREN
The MonkeyRebels apps are not directed at children under 13 (or the minimum age required in your country), and we don't knowingly collect personal data from them. Ads shown in our apps are not designed for child-directed audiences. If you believe a child has provided us personal data, email us and we'll delete it.
12 — SECURITY
We use reputable providers (Supabase, Google) with industry-standard security, including encryption in transit and hashed credentials. No system is perfectly secure, but we take reasonable steps to protect your data.
13 — CHANGES
We may update this policy as the apps evolve. The "effective" date at the top reflects the latest version, and material changes will be posted on this page.
14 — CONTACT
MonkeyRebels — Stefan van Dockum
Schijndel, the Netherlands
fun@monkeyrebels.com