Pulse — Privacy Policy

Effective: 04 May 2026 App: Pulse - A Tap Roguelike Publisher: Biological Games (sole developer, Australia) Contact: biologicalgames.dev@gmail.com

TL;DR

Pulse does not collect any personal data. Everything you do in the game stays on your device. The only third parties involved are Apple, Google, RevenueCat, and Google AdMob (the last only when you tap a clearly-marked button to watch an opt-in rewarded video).

Pulse shows no banner ads and no interstitials. Rewarded video ads are opt-in only — they play when you tap a clearly-marked button to claim a reward (extra orbs, a daily chest, a Pass boost, a cosmetic preview). They can be removed permanently with a one-time purchase.

If you uninstall Pulse, your save data is deleted. There is no account to delete, no server holding your data, no analytics dashboard tracking what you do.

1. What information Pulse collects

Pulse itself collects nothing. There is no signup, no login, no profile, no email field, no questionnaire, no tracking SDK, and no behavioural-analytics network.

The app stores the following on your device only, using your operating system’s standard storage (Web localStorage on browser builds; Apple iOS UserDefaults and Android SharedPreferences on native builds, via Capacitor Preferences):

Best level reached, best score, total banked orbs.
Currently equipped cosmetics + which Progenitor you’ve selected.
Per-Progenitor local leaderboard (your own runs only — there is no online leaderboard).
Sound volume + mute preference.
Pulse Pass tier, XP, and quest progress for the current season.
Achievements you’ve unlocked (e.g. “banked 500 orbs in one run”).
A 2–4 character “player tag” you can type into the Scoreboard screen.
Whether you’ve purchased the Remove Ads entitlement (also unlocked automatically by buying the Pulse Pass or any orb pack ≥ A$5).

This data never leaves your device. It is not synced to a cloud, not sent to a server, and not shared with us. We have no way to read it.

2. What information third parties may collect

Pulse uses four third-party services, all of which have their own privacy policies. You should read theirs alongside this one.

Apple

When you buy something on iOS, Apple processes the payment. Apple receives standard information needed to charge your Apple ID. Apple’s handling of that data is governed by the Apple Privacy Policy.

We do not see your Apple ID, name, billing address, or payment method.

Google

When you buy something on Android, Google Play processes the payment. Google’s handling of that data is governed by the Google Privacy Policy.

We do not see your Google account, name, billing address, or payment method.

Google AdMob

When you tap a clearly-marked rewarded-video button — the post-death “double your orbs”, the title-screen “claim daily chest”, the Pulse Pass “daily Stardust boost”, or “preview a cosmetic” in the Stellarium — Google AdMob serves a single video ad in exchange for the in-game reward. AdMob is the only ad network in the app. There are no banner ads and no interstitials.

If you have purchased Remove Ads (standalone, with the Pulse Pass, or bundled with any orb pack ≥ A$5), the rewarded buttons stay in the UI and still grant the reward, but skip the video.

What AdMob receives, per Google’s documentation:

Your device’s advertising identifier (IDFA on iOS, AAID on Android), unless you have asked your operating system not to share it. On iOS, Pulse does not request the App Tracking Transparency permission, so AdMob receives a non-personalised ad signal by default. On Android, you can clear the advertising ID under Settings → Google → Ads.
Coarse network and device information (IP address, user-agent, OS version, device model, screen size, language, country).
Whether the ad was shown, viewed to completion, or skipped.

AdMob is governed by the Google Privacy Policy and the AdMob Publisher Policies.

RevenueCat

We use RevenueCat to validate App Store / Play Store receipts so we can credit the right number of orbs, unlock the Pulse Pass, or grant the Remove Ads entitlement after a successful purchase.

What RevenueCat receives:

An anonymous user ID generated by RevenueCat (a random UUID) — not your Apple ID, Google account, name, or email.
Your purchase receipt for any IAP you make.
The country your device reports for store-locale purposes.
Your platform (iOS or Android) and the app version.

RevenueCat’s handling is governed by the RevenueCat Privacy Policy.

3. What we don’t do

No banner ads, no interstitials, no forced ads. The only ads in Pulse are opt-in rewarded videos — they play only when you tap a clearly-marked button to claim a reward, and they never interrupt gameplay. Rewarded ads can be removed permanently with the Remove Ads IAP, the Pulse Pass, or any orb pack ≥ A$5; the reward buttons remain functional after removal (they just grant the reward without showing a video).
No behavioural analytics. Beyond the minimal device information AdMob needs to serve a rewarded ad (described in §2), no analytics service is integrated — no Google Analytics, no Firebase Analytics, no Adjust, no AppsFlyer, no Sentry, no Mixpanel, no Amplitude.
No accounts. There is no account to create, no email to verify, no password to choose. The “player tag” in the Scoreboard is a local label, not an account.
No social. No Facebook, Twitter, Discord, or any other social SDK. No share button that posts on your behalf.
No location. Pulse does not request the location permission and does not read GPS data. The country reported to RevenueCat and AdMob (see §2) comes from store-locale and IP-derived signals respectively, not from your device’s GPS.
No camera, microphone, contacts, photos, calendar, or health data. Pulse does not request these permissions.
No data sold or rented. We do not sell, rent, lease, or license data to anyone. There is no first-party data to sell.

4. Children’s privacy

Pulse is rated 9+ on the App Store and equivalent on Google Play. It is suitable for, but not directed at, children under 13. Because Pulse itself collects no personal information, it likewise collects nothing from children directly.

The one nuance is AdMob rewarded ads (§2). AdMob’s data collection happens only when a user actively taps a rewarded-video button. If you are a parent or guardian and a child uses Pulse on your device:

The simplest way to remove ad data collection entirely is to purchase Remove Ads (or the Pulse Pass, or any orb pack ≥ A$5). After that, no rewarded video is requested from AdMob; the reward buttons grant the reward directly.
All in-app purchases are processed by Apple or Google. Their parental-control tools (Screen Time, Family Sharing, Google Family Link) are the way to restrict purchases.
Save data lives only on the device. Removing the app removes the data.

If you have any concern about your child’s use of Pulse, contact us using the address above.

5. Your rights

Because Pulse stores nothing about you on our servers, the GDPR and CCPA “right to access / right to delete” requests are largely satisfied by uninstalling the app — that wipes your local save.

For ad-related data held by Google, you can opt out of personalised ads via your device settings:

iOS: Settings → Privacy & Security → Apple Advertising → Personalised Ads (off).
Android: Settings → Google → Ads → “Delete advertising ID” or “Opt out of Ads Personalisation”.

Or — most decisively — purchase Remove Ads, which prevents Pulse from requesting any ad from AdMob in the first place.

For purchase records held by RevenueCat, you can submit a data request through their Privacy Center — they handle requests directly because they are the data controller for that subset.

For purchase records held by Apple / Google, use their respective account-level data tools.

If you live in the EU, UK, or California, you have additional statutory rights (right to access, rectify, port, restrict, object, and erase). Email us using the address above and we will help — though as noted, we hold no first-party personal data ourselves.

6. Data retention

On-device data: kept until you uninstall the app or clear its storage from device settings.
AdMob data: retained per Google’s policy.
RevenueCat receipt data: retained per RevenueCat’s policy (currently 7 years for tax/audit, see their site for the up-to-date number).
Apple / Google purchase records: retained per their policies.

We do not retain any backups of your data because we never receive any.

7. Changes to this policy

If we add a third-party SDK, integrate analytics, add a backend, or change anything that affects what data leaves your device, we will:

Update this page (the URL stays the same).
Bump the Effective date at the top.
Note the change in the App Store / Play Store update notes.

The current version of this policy is always the one at this URL.

8. Contact

For privacy-specific questions, data requests, or to flag an issue:

biologicalgames.dev@gmail.com

For general bug reports, please open an issue on the public repo (link in the App Store / Play Store listing) — but please do not include personal data in a public issue.

This policy reflects what Pulse actually does. It is not a generic template. If anything in the app changes, this page will change before the change ships.