Privacy Policy
Frog Crossing · Effective 16 July 2026
Introduction
Frog Crossing is made by Duwit Technologies, an independent game developer based in Kenya ("we", "us"). Duwit Technologies is the data controller for the game and for this website.
This policy covers both the Frog Crossing mobile game and this site you are reading it on. It explains exactly what the game sends off your device, what never leaves it, and who else is involved.
User age limits
Frog Crossing is a mixed-audience game: we expect both children and adults to play it. The first time you open it, before anything else happens, the game asks for your month and year of birth.
Three things about that screen are worth stating plainly:
- It is neutral. Nothing on it hints at what answer produces what result, and neither field is pre-filled. This holds in all 39 languages the game ships in.
- Your date of birth is never stored. The game derives a single age category from it and keeps only that. Retaining a child's date of birth would itself be collecting personal information from a child, so we do not.
- No ad is ever requested before you answer. The advertising SDK is not started until the answer exists, because ad settings only apply to requests made after they are set.
The category determines how ads are treated:
| Your answer | How ads are treated | Consent |
|---|---|---|
| Under 13 | Tagged as child-directed (COPPA). Never behaviourally targeted. Ad content rated G only. | Never asked to consent. |
| 13 to 15 | Tagged as under the age of consent (GDPR). Never behaviourally targeted. Ad content rated G only. | Never asked to consent. |
| 16 or over | Standard ad treatment. Ad content rated PG or below. | Asked to consent where the law requires it. |
Players under 16 are never behaviourally targeted regardless of any consent choice. This is enforced by a flag we set on every ad request, not by a preference that could be toggled.
What data do we collect?
Data reaching us or our providers falls into three usual buckets. For Frog Crossing, one of them is completely empty:
- Data you give us: none. There is no account, no sign-up, no email field, no contact form, no newsletter, and no competition entry anywhere in the game or on this site. There is no way for you to hand us personal information, because we never ask for any.
- Data collected automatically: advertising, purchase and configuration data, described in the next section.
- Data from other sources: none. We do not buy data, receive demographics from partners, or use social logins.
We do not operate a server that stores player data. There is no database of players anywhere, because there is nothing to put in it.
Data collected automatically
When you play, the following is sent off your device by the services built into the game:
- Advertising ID — your device's resettable advertising identifier (Android Advertising ID, or IDFA on iOS). Used to serve and measure ads. You can reset or disable it at any time in your device settings.
- IP address — unavoidable in any internet request. It reveals approximate (typically city-level) location. We do not request or receive precise GPS location.
- Device and OS information — device model, operating system version, language, and similar technical details.
- Ad interactions — whether an ad was shown, watched or clicked.
- Purchase receipts — only if you buy something. See Purchases below.
The game requests exactly four permissions on Android: internet access, the advertising ID, permission to post notifications, and permission to restart scheduled reminders after a reboot. It requests no location, storage, contacts, camera or microphone permission — those are not in the app at all.
Data that stays on your device
This is the part most players care about, and it is unusually short to write: all of your actual game data never leaves your phone.
- All game progress — stars, levels, your wallet of coins and gems, frogs you own, challenge progress and streaks.
- All settings — language, audio and notification preferences.
- Reminders — notifications are scheduled locally by your device. There is no push server. We do not know whether you have notifications on, and nothing about the schedule is transmitted.
- Your timezone — read on your device so a reminder arrives at a sensible hour. It is not transmitted.
- Cached artwork — promotional images are stored in the app's private storage.
None of this is backed up to us, synced, or readable by us. Deleting the app deletes all of it permanently — we cannot restore it, because we never had a copy.
Third-party service providers
These are every external service the game talks to. There are four, and that is the complete list. Each has its own privacy policy governing what it does with data and how long it keeps it — we link to them rather than restate their terms, which change without our involvement.
| Service | What it receives | Why | Their policy |
|---|---|---|---|
| Google AdMob | Advertising ID, IP address, device and OS info, ad interactions | Serving rewarded ads (the ones you choose to watch for a reward) | Google Privacy Policy · How Google uses data |
| RevenueCat | Purchase receipts, an app-generated user ID, device and platform info | Validating in-app purchases and unlocking what you bought | RevenueCat Privacy Policy |
| Google Firebase Remote Config | A Firebase installation ID, IP address, app and device metadata | Delivering configuration and seasonal event settings without an app update | Firebase Privacy |
| Apple and Google (app stores) | The purchase transaction itself | Billing and payment processing | Apple · Google |
Seasonal artwork is downloaded over the internet from a host set in our configuration. Like any download, this reveals your IP address to whoever hosts the image.
Advertising and your choices
Frog Crossing shows rewarded ads only — ads you actively choose to watch in exchange for something in the game. There are no banner ads and no ads that interrupt you.
You have several independent controls:
- Consent (EU, EEA, UK and similar): where the law requires it, a Google-provided consent form appears before any ad is requested. You choose there whether ads may be personalised.
- Changing your mind: Settings → Privacy inside the game reopens that form wherever it applies.
- Device-level opt-out: Android offers "Opt out of Ads Personalisation" and iOS offers tracking controls in system settings. These apply to every app, including ours, and override anything chosen in-game.
- Resetting your advertising ID: available in your device settings at any time. It disconnects future ads from past ones.
Declining personalised ads does not lock you out of anything. The game remains completely playable and rewarded ads still work — they are simply chosen without using your data to target them.
Purchases
If you buy something, the transaction is handled entirely by Apple or Google. Your payment details go to them, never to us — we never see or store your card number, billing address or bank details.
RevenueCat validates the receipt on our behalf and tells the game what you are entitled to. It receives the receipt, an app-generated user ID, and basic device information. That ID is not linked to your name, email or any account, because there are no accounts.
For a refund or a record of what you bought, contact Apple or Google directly. They hold the transaction; we do not.
What we do not collect
Stated positively, because the list is long and each item is true:
- No analytics of any kind. No Google Analytics, no Firebase Analytics, no Unity Analytics, no third-party analytics SDK.
- No crash or performance reporting.
- No attribution or install-tracking SDK.
- No accounts, usernames, passwords or email addresses.
- No precise or GPS location.
- No contacts, photos, camera, microphone or files.
- No sensitive information: nothing about health, race, religion, politics, sexuality or biometrics.
- No advertising networks other than Google AdMob.
- No sale of personal information, and no sharing of it for cross-context behavioural advertising.
Your rights
Depending on where you live, you may have rights to access, correct, delete or export your personal data, to object to processing, or to withdraw consent. We want to be honest about what that means here, because our design has an unusual consequence.
Because there are no accounts, we cannot identify you. We hold no record that connects you to a device, and nothing in the game identifies you to us. If you emailed us asking for "your data", we would have nothing to look up and no way to verify a request came from you. This is not an evasion — it is the direct result of not collecting anything, and it protects you more than a deletion process would.
What you can do, and what actually works:
- Delete all your data: uninstall the game. Everything described in "Data that stays on your device" is erased. No copy exists anywhere else.
- Withdraw ad consent: Settings → Privacy in the game, where it applies.
- Break the link used for ads: reset your advertising ID in your device settings, or opt out of ads personalisation entirely.
- Exercise rights against our providers: Google, RevenueCat and Apple each hold their own data and have their own request processes. Their policies are linked above.
- Purchase records: contact Apple or Google.
If you have a question about any of this, email us — see Contact below. We will help where we genuinely can, and say so plainly where we cannot.
International data transfers
We are based in Kenya. Our service providers — Google, RevenueCat and Apple — are based in the United States and operate globally, so data described in this policy is processed outside your country, including in the United States.
Each provider maintains its own transfer safeguards for data it processes, described in the policies linked above. We ourselves store no personal data in any country, because we store none at all.
Children
We take this seriously and have built for it rather than written around it. See "User age limits" above for the mechanism.
- Players who indicate they are under 13 have every ad request tagged as child-directed under COPPA, and are never behaviourally targeted.
- Ads shown to under-16s are restricted to G-rated content.
- We do not knowingly collect personal information from children beyond what is described here, and we retain no dates of birth.
- There are no accounts, no chat, no user-generated content and no way for a child to communicate with anyone through the game.
If you are a parent or guardian and believe a child has provided us personal information, please contact us. In practice we hold nothing to delete, but we will explain exactly what applies to your child's device and help you check it.
Security
Our honest security position is that we reduce risk mainly by not holding anything:
- We store no player data, so there is no database of ours to breach.
- All network traffic uses HTTPS.
- Game data on your device is protected by your device's own app sandboxing and whatever lock you set on it.
- Our providers are established companies with their own security programmes, described in their policies.
No system is perfectly secure, and we will not claim otherwise. But the data we could lose is limited to what we never had.
About this website
This site exists to host this policy, and it is deliberately as inert as we could make it.
- No analytics. We do not know or count who reads this page.
- No cookies and no local storage. The site stores nothing in your browser, which is why you are not being asked to accept anything.
- No third-party requests. Everything the page loads comes from this site. No fonts, scripts or assets are fetched from anyone else, so reading this page does not reveal you to a third party.
- Hosting: the site is hosted on GitHub Pages. Like any web host, GitHub receives your IP address in order to serve the page, and processes it under the GitHub Privacy Statement.
Changes to this policy
This policy lives at a fixed address and will not move. When it changes, we update the effective date at the top of this page and publish the change here.
If we ever start collecting something we do not collect today, we will update this policy before that version of the game ships, and where the law requires it we will ask for your consent rather than assume it.
Complaints
If you are unhappy with how we have handled your data, please contact us first — see below. We would rather hear from you and fix it.
If you are not satisfied with our response, you can complain to a data protection authority. We are based in Kenya, where the relevant regulator is the Office of the Data Protection Commissioner, which oversees the Data Protection Act 2019: odpc.go.ke.
If you are in the EU, the EEA or the UK, you may also complain to your own national data protection authority. If you are in another country with a privacy regulator, you may complain to it. You do not have to come through us first.
Contact
For any question about this policy, about privacy, or to make a data protection request, email us at duwittechnologies@gmail.com.
Frog Crossing is made by Duwit Technologies, an independent developer in Kenya. A real person reads that address.