brushbrawl
Last Updated: June 4, 2026
This Privacy Policy explains how Digital Charms, Inc. ("Digital Charms," "we," "us," or "our"), a corporation incorporated in the Province of Ontario, Canada, collects, uses, shares, and protects information in connection with the brushbrawl mobile application and related services (the "Service").
We designed brushbrawl to collect as little personal information as reasonably possible. This Policy describes what we do collect and the choices you have. It forms part of, and should be read together with, our Terms of Service.
If you have questions, contact us at support@digitalcharms.com.
This summary is for convenience only; the full Policy below governs.
The Service is intended for users who are at least 13 years old. It is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If we learn that we have collected information from a child under 13, we will delete it. If you believe a child under 13 has provided us information, contact support@digitalcharms.com.
If you are between 13 and the age of majority in your jurisdiction, please review this Policy with a parent or guardian.
We collect the following categories of information.
We assign each account a randomly generated account identifier that we create. This identifier is pseudonymous — it identifies your account within brushbrawl but does not, on its own, reveal your real-world identity, and it does not follow you across other services.
When you buy Pearls or feature unlocks, the purchase is processed by Apple or Google. We receive and store transaction records and identifiers (such as a transaction/receipt ID and date) associated with your account identifier, so we can deliver your purchase, verify it, and prevent fraud and duplicate grants. We do not receive or store your payment card or billing details — those are handled entirely by Apple or Google.
To operate, secure, and improve the Service, we and our analytics providers collect technical and usage information, such as: app interactions and events, feature usage, session information, app version, device type and operating system, language and region settings, approximate region (derived from IP address), and general diagnostic information. This information is used in an aggregated or pseudonymous manner.
We work with advertising partners to show contextual ads, including optional rewarded ads you may watch to earn in-app currency. To serve and measure these ads, we and our ad partners process limited technical information, including the Identifier for Vendors (IDFV) (a per-developer device identifier), IP address, and device/app information.
We do not request App Tracking Transparency permission, we do not access the device advertising identifier (IDFA), and we do not track you across other companies' apps and websites for advertising. Ads are contextual, not based on a cross-app profile of you.
We use app-integrity and anti-abuse technology, which processes device attestation and integrity signals to confirm that requests come from a genuine, unmodified app and to prevent abuse and fraud.
We do not collect: your precise geolocation, your contacts or address book, your photos library (beyond artwork you create or import into the Service), payment card details, the IDFA / ATT identifier for cross-app tracking, or special/sensitive categories of data.
We use information to:
We do not use your information to build cross-app advertising profiles, and we do not sell your personal information.
If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR / UK GDPR:
We do not sell your personal information. We share information only as described below.
We use the following third-party providers ("sub-processors") to operate the Service. Each receives only the information needed for its function, and your use of these features may also be subject to the provider's own privacy policy.
| Provider | Purpose |
|---|---|
| Google (cloud platform) | Backend database, server logic, artwork storage, app security/anti-abuse, and analytics |
| Apple Game Center / Google Play Games | Default account sign-in and player identity |
| Sign in with Apple / Sign in with Google | Fallback account sign-in |
| Apple App Store / Google Play | Processing in-app purchases and payments |
| Google AdMob, Unity Ads, Liftoff (formerly Vungle) | Serving and measuring contextual and rewarded ads (configured in non-personalized / limited mode) |
| AppsFlyer | Privacy-preserving install attribution and marketing measurement, relying primarily on Apple's SKAdNetwork (aggregated, on-device attribution) and configured in strict mode without personally identifying device-level data |
We may disclose information if required by law, regulation, legal process, or governmental request, or where we believe disclosure is necessary to protect the rights, safety, or property of Digital Charms, our users, or the public — including to investigate or address violations of our Terms or unlawful activity.
If Digital Charms is involved in a merger, acquisition, reorganization, financing, or sale of assets, information may be transferred as part of that transaction, subject to this Policy or a successor policy.
Ads in brushbrawl are contextual — they are not based on a behavioral profile built across other apps or websites. We configure our ad partners in non-personalized / limited mode. We do not use the IDFA or show the App Tracking Transparency prompt, and we do not engage in cross-app or cross-site tracking of you for advertising.
Our ad partners receive limited technical information (such as IDFV, IP address, and device details) necessary to display ads, cap frequency, measure performance, and prevent ad fraud. Users who are minors (13–17) are shown contextual ads only.
Rewarded ads are optional: you choose whether to watch an ad to earn in-app currency.
For measuring marketing and installs, we rely primarily on Apple's SKAdNetwork, a privacy-preserving framework that reports aggregated results without identifying individual users — an approach suitable even for child-directed apps.
We are based in Canada, and our infrastructure is hosted with Google Cloud in the United States (US Central region). If you access the Service from outside the United States — including from Canada, the EEA, or the UK — your information will be transferred to and processed in the United States and other countries where we or our providers operate.
Where required, these transfers are protected by appropriate safeguards, such as the Standard Contractual Clauses and the data processing terms offered by our providers (including Google's Cloud Data Processing Addendum). You may contact us for more information about these safeguards.
We keep information for as long as needed for the purposes described in this Policy:
When information is no longer needed, we delete or de-identify it.
You can delete your account at any time from within the app (Profile → Settings → Delete Account), or by emailing support@digitalcharms.com.
When you delete your account, we delete or de-identify the personal information associated with it, including your published artwork and friends list, except for information we are required or permitted to retain (such as purchase records kept for legal and tax purposes, and information needed to prevent fraud or abuse). Deletion may take a reasonable period to propagate across our systems and backups.
Depending on where you live, you may have some or all of the following rights regarding your personal information:
To exercise any right, contact support@digitalcharms.com. We will respond as required by applicable law. We will not discriminate against you for exercising your rights.
If you are in Canada, you may request access to and correction of your personal information. The person responsible for the protection of personal information at Digital Charms is Milo Mitrovic, reachable at milo@digitalcharms.com. You may also direct questions or complaints to us at support@digitalcharms.com, and ultimately to the Office of the Privacy Commissioner of Canada or, in Québec, the Commission d'accès à l'information.
You have the rights listed above, and you may complain to your national supervisory authority. For privacy questions, you may contact Milo Mitrovic at milo@digitalcharms.com.
If you are a California resident, you have the right to know, access, correct, and delete your personal information, and to not be discriminated against for exercising your rights. We do not sell your personal information for money, and we do not engage in "sharing" for cross-context behavioral advertising as defined under California law. To make a request, contact support@digitalcharms.com.
Residents of other regions (for example, other U.S. states with privacy laws, Australia, or Brazil) may have similar rights. Contact us and we will honor applicable rights under your local law.
We use technical and organizational measures to protect information, including encryption in transit, access controls, server-side security rules, and app-integrity checks. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your device and sign-in credentials secure.
The Service relies on third-party services (such as Apple, Google, our ad partners, and AppsFlyer). Their handling of your information is governed by their own privacy policies, which we encourage you to review. We are not responsible for the practices of third parties.
We may update this Policy from time to time. When we do, we will revise the "Last Updated" date above and, for material changes, provide reasonable notice (such as an in-app notice). Your continued use of the Service after changes take effect means you accept the updated Policy.
Digital Charms, Inc.
1070-2482 Yonge St Toronto, ON, M4P 2H5 Canada
Email: support@digitalcharms.com