Privacy Policy
Last updated: 2026-06-19
Hot & Cold is operated by Lambda 7 Tech LLC (“we”, “us”). This policy explains what data the app may process, why we process it, and your choices.
1. Data we generally do not collect
- No contact list, photo library, or precise location data.
- No GPS location data.
- No email address. Sign-in (described in §4) deliberately uses minimal scopes that exclude email and profile name.
- No mandatory sign-in for core gameplay.
- No analytics SDK in the mobile app. Web analytics are described in §10; the mobile app's optional rewarded ad is described in §14.
2. Data stored on your device
The app stores gameplay state locally so your experience can resume between sessions, including progress, stats, display preferences, and a locally-generated identifier used for multiplayer presence.
You can wipe local data via Settings → Reset data → Reset everything, or by uninstalling the app. Note that this only affects local storage; for server-side data tied to a signed-in account, see §11.
3. Multiplayer (challenge rooms)
When you join or host a challenge room, the display name you choose and the gameplay data needed to run the match are processed by our backend. Challenge rooms are temporary and retained only as long as needed to operate active sessions.
4. Optional sign-in (Apple / Google)
Sign-in is optional and only required for the public leaderboard, cross-device stats sync, and reporting other players' display names. You can play Daily, Endless, and Challenge modes anonymously without signing in.
We use Apple's “Sign in with Apple” and Google Sign-In with the minimal scope needed to identify your account (the provider's “subject” identifier). We do not request your email address or your provider profile name. After sign-in we store on our backend:
- The provider (Apple or Google) and the opaque subject identifier returned by that provider.
- An internal account ID we generate.
- The display name you set inside the app (you choose it; we never copy a name from the provider).
- The date the account was created and, if applicable, a flag indicating the name has been hidden by moderation (see §6).
Apple and Google receive standard authentication metadata (your IP address, the redirect to Hot & Cold, etc.) when you sign in. Their privacy policies apply to that exchange.
5. Display name and public leaderboard
The display name you set when signed in is shown publicly on the
daily leaderboard and to opponents in challenge rooms. We display
it together with a short tag derived from your account ID (for
example, Cooper #A1B2) so two players with the same
name aren't visually identical. The leaderboard also shows your
score, guess count, whether you completed the puzzle, and (if any) a
small supporter badge described in §14.
Anonymous players appear on the leaderboard as a generic
Player #XXXX handle and can sign in later to claim
their score for that day.
6. Reports and display-name moderation
Signed-in players can report another player's display name from the leaderboard. When you submit a report we store the report (your account ID, the target's account ID, the category you chose, a snapshot of the offending name at the time of report, and a timestamp) so we can act on it. Reports are visible to our moderators; they are not shown to other players.
When enough distinct reporters flag the same display name, we
automatically hide that name on the leaderboard and replace it with
the generic Player #XXXX handle. The affected player
can recover by picking a new display name in the app.
Hidden names are also added to a permanent banlist so the same name (and trivial morphs of it) can never be reused on Hot & Cold. The banlist stores the offending name and a normalised form used for matching; it does not store who originally used the name.
7. Cloud-stored stats (signed-in players)
When you are signed in, your aggregate Daily-mode stats (games played, won, current streak, total score, etc.) are stored on our backend so they sync across devices that sign in to the same account. Anonymous play stays on your device only.
8. App content
The app may download and cache game content over HTTPS so features work reliably across sessions.
9. Daily mode
Daily mode uses our backend to run the puzzle and keep your progress consistent across sessions. The backend records anonymous gameplay (guess counts, hints used, time taken, final result) tied to a per-day identifier so we can build aggregate statistics and, for signed-in players, the public leaderboard described in §5.
10. Analytics and diagnostics
On the web (hotandcold.app and related pages, including the in-browser game at /play), we use Google Analytics 4 to understand aggregate usage. Google Analytics may collect standard web request metadata such as IP address (used to derive approximate, non-precise location), user agent, device and browser information, referrer, page path, and interaction events. It may set cookies or use local storage to operate. See Google's Privacy Policy and How Google Analytics handles data for details. You can opt out using the Google Analytics opt-out browser add-on or by blocking analytics cookies in your browser. The mobile app does not include an analytics SDK.
We may also collect diagnostic data to maintain reliability. If this changes materially, we will update this policy.
11. Your rights and account deletion
You can:
- Wipe local data inside the app at any time (Settings → Reset data).
- Sign out from inside the app to unlink the device from your account. Your account row, leaderboard entries, and synced stats remain on our backend.
- Permanently delete your account from inside the app: Settings → Account → Delete account. This removes your account record, every leaderboard entry tied to your account, your synced stats, and reports you submitted. The action is immediate and cannot be undone.
- If you can't sign in (lost device, etc.), email [email protected] from a device that's previously been signed in, or include your account ID (visible in Settings → Account when signed in) and we'll perform the deletion for you.
- Uninstall the app to remove all local data from your device.
Two narrow exceptions apply on deletion: (a) entries on the display-name banlist (§6) are kept for ongoing moderation integrity, and (b) we may retain limited records required to comply with legal obligations.
12. Service providers
We rely on infrastructure, identity, hosting, and analytics providers to operate the Service. As with any internet service, providers may receive standard request metadata (for example IP address and user agent) in transit.
- Cloudflare — hosting, edge compute, and database infrastructure.
- Apple — “Sign in with Apple” identity verification.
- Google — Google Sign-In identity verification, Google Analytics 4 web analytics, and Google AdSense web advertising (see §14).
- Unity / ironSource (LevelPlay) — optional rewarded-ad mediation in the iOS and Android app (see §14).
13. Children
Hot & Cold is suitable for general audiences and does not knowingly collect data from children under 13. If you believe a child has provided personal data via our Service, contact us and we will delete it.
14. Advertising
Web. On the web (hotandcold.app and the in-browser game at /play) we show ads served by Google AdSense.
Mobile app. The iOS and Android app includes an optional “Support the developer” rewarded video, served by Unity LevelPlay (ironSource) ad mediation. It is entirely voluntary — no part of the game is gated behind watching an ad, and the app shows no other ads. When you choose to watch, LevelPlay and its mediated ad networks may process device and advertising identifiers (such as Apple's IDFA / Google's Advertising ID), coarse device and network information, and ad interaction events to serve and measure the ad. On iOS we ask, via Apple's App Tracking Transparency prompt, before any cross-app advertising identifier is used; you can decline and still use the app (ads, if you choose to watch one, are then non-personalized). You can reset or limit your advertising identifier in your device settings (iOS: Settings → Privacy & Security → Tracking / Apple Advertising; Android: Settings → Privacy → Ads). See Unity's privacy policy for how LevelPlay handles this data.
If you watch a support ad while signed in, we increment a supporter count on your account. This is a cosmetic tally with no effect on gameplay or ranking. It is shown on your own menu and, for signed-in players, as a small badge next to your display name on the public leaderboard. Anonymous play keeps the count on your device only until you sign in.
Google and its ad partners may use cookies, device identifiers, and similar technologies to serve and measure ads, including to show ads based on your prior visits to this and other websites. Google may collect standard request metadata such as IP address (used to derive approximate, non-precise location), user agent, and the pages you view, and may combine it with data it holds. We do not share your account identity, display name, or gameplay data with advertisers.
For users in the European Economic Area, the United Kingdom, and Switzerland, we present a Google-certified consent message (a Consent Management Platform) before personalized ads are served, so you can grant or refuse consent for ad personalization. You can change your choice at any time via the privacy/consent control on the page.
You can manage or opt out of personalized advertising through Google My Ad Center, the controls at aboutads.info and youronlinechoices.eu, or by blocking ad cookies in your browser. See How Google uses cookies in advertising for details.
15. Changes
We may update this policy. Material changes will be reflected by an updated date at the top of this page.