Privacy policy

Last updated 2026-06-15

Connect the Dots is operated by TLM Software Design, Inc., a Michigan corporation with offices at 27280 Haggerty Road, Ste C-6, Farmington Hills, MI 48331, USA ("we", "us", "our"). This policy describes what the app and this website collect, why, where it goes, and the choices you have. Questions? privacy@swtlm.com — we respond within 30 days.

Summary

No account, no sign-in, no name or email collected. We never see who you are.
Your progress, settings, and hint balance live only on your device and are lost on uninstall; we never receive them.
Gameplay (the 500-level pack and Zen mode) runs entirely offline.
The Daily Challenge fetches today's puzzle from Firebase (read-only); nothing about you is written back.
On iOS the app never requests App Tracking Transparency and does not read the IDFA.
We run no analytics of our own and log no custom gameplay events — but the Google AdMob and Crashlytics SDKs include Google's measurement components, which collect standard device and ad signals (and, on Android, the advertising ID). Details below.
These Connect Dots pages set no cookies and run no analytics or tracking.

What the app stores on your device

The following values are written to platform key-value storage (SharedPreferences on Android, UserDefaults on iOS). None of it is transmitted to our servers or any third party.

Highest unlocked level — an integer tracking progress through the 500-level pack.
Daily Challenge history — which calendar days you completed, streak counter, and whether weekly / monthly bonuses were claimed.
Hint (tip) count — the number of hints you have available.
Settings — active theme (Starfield / Sand), sound on/off, music on/off, vibration on/off, Zen mode minimum grid size.
Rate-prompt counters — internal counters that control when the native app-review dialog appears (wins since last shown, date of last prompt).
Ad Free entitlement flag — a cached boolean (set by RevenueCat on successful purchase/restore) so the app can skip ads without a network round-trip on every launch. RevenueCat is the authoritative source; this cache is advisory only.

All of the above is lost on uninstall and never uploaded by us.

Analytics & measurement

We do not run our own analytics: our in-app analytics layer is a no-op at the composition root, so the app sends no custom gameplay events, session lengths, or screen views to us.

However, the Google SDKs we bundle carry Google's own measurement components. Google AdMob (for ads) and Firebase Crashlytics (Android crash reporting) pull in Google's app-measurement libraries (play-services-measurement, the firebase-measurement-connector) and the advertising-ID library. Through these, Google may collect standard device and usage signals — and, on Android, your device's advertising identifier — to deliver and measure ads and to attach context to crash reports. This data is processed by Google under Google's privacy policy; we do not receive a per-user analytics profile from it. Removing ads with the one-time Ad Free purchase stops the AdMob requests.

Ad network — Google AdMob

Connect the Dots is free and ad-supported. Google AdMob serves:

A banner ad pinned to a reserved slot at the bottom of game screens.
Interstitial ads shown between puzzles (not during gameplay).
An interstitial ad when you use a hint while your tip balance is empty (the "TIP / AD" button) — the ad grants the hint without spending a tip.

Ad content rating is capped at Teen on both platforms. On Android, the AdMob SDK uses your device's advertising ID to request and measure ads; you can reset or limit it in Settings › Privacy › Ads. On iOS, the app never requests App Tracking Transparency and does not read the IDFA — iOS ads are served without that identifier. Whether ads are personalised is governed by your Google account settings, applicable regional consent (GDPR / CCPA), and your device-level ad preferences. AdMob's data practices are governed by Google's privacy policy at policies.google.com/privacy.

Purchasing the one-time Ad Free upgrade ($3.99) permanently removes all ads — banners, interstitials, and the ad gate on hints (hints are granted without an ad).

In-app purchase — RevenueCat

The Ad Free non-consumable purchase ($3.99) is managed by RevenueCat. When you initiate or restore a purchase, RevenueCat receives an anonymous, app-generated user ID and the store receipt to verify the entitlement. Payment itself is handled entirely by Apple App Store or Google Play — we and RevenueCat never see your payment method or financial details.

Daily Challenge — Google Firebase

The Daily Challenge uses Firebase Anonymous Authentication to sign in silently (no account you create; a randomly generated ID issued by Google) and performs a read-only Firestore fetch of the day's level document (dailyChallenges/{date}). Nothing about your gameplay is written back to Firestore. If Firebase is unreachable (no network or service outage) the app falls back to generating a board locally.

Firebase data practices are governed by Google's privacy policy.

Crash reporting — Firebase Crashlytics (Android only)

Android builds only include Firebase Crashlytics. When the app crashes it collects the stack trace, device model, OS version, app version, and a Firebase installation ID — no gameplay data, no personal information. iOS builds do not include Crashlytics.

Crash reports are retained by Firebase per Google's standard retention policies.

Notifications

The optional daily reminder at 18:00 is a local notification scheduled entirely on your device. No push notification server, no FCM, no data leaves your phone. On Android 13 and later the app requests the POST_NOTIFICATIONS runtime permission before scheduling the reminder; on iOS the standard notification-permission dialog appears. Both are opt-in via Settings and can be cancelled at any time from the same screen or your device's notification settings.

Android permissions

The Android manifest declares the following permissions:

INTERNET — ads (AdMob), Daily Challenge (Firebase), RevenueCat purchase verification.
ACCESS_NETWORK_STATE — lets the app check connectivity before attempting network calls.
VIBRATE — haptic feedback on path interactions.
POST_NOTIFICATIONS — opt-in daily reminder (Android 13+ runtime prompt).

No camera, microphone, location, contacts, storage, calendar, or biometric permissions are requested.

Children

Connect the Dots is not directed at children under 13 (or under 16 in the EU / UK) and is not listed as a children's app. Ad creatives are capped at a Teen rating. We do not knowingly collect personal data from children. If you believe a child has interacted with the app and you have a data concern, contact privacy@swtlm.com and we will address it promptly.

Your rights and choices

Because we hold no account data or personally identifiable information on our servers, most data-subject rights (access, portability, deletion) are satisfied by uninstalling the app — all on-device storage is removed automatically.

Ad personalisation — managed through your device settings (Settings › Privacy › Ads on Android; iOS ATT is never requested) or your Google account's ad settings.
AdMob / Firebase data — governed by Google's privacy controls at myaccount.google.com.
Notifications — disable in Settings › Notifications inside the app, or from your device notification settings.

To raise any privacy concern email privacy@swtlm.com — we will respond within 30 days.

This website

These Connect Dots pages (apps.swtlm.com/connect-dots-game) are static and hosted on AWS S3 + CloudFront. They load no third-party scripts and set no cookies, no analytics, and no tracking of any kind — there is no cookie banner because there is nothing to consent to. The shared apps.swtlm.com domain hosts other TLM apps whose own pages may differ; this policy covers the Connect Dots pages. The only data that flows is standard CDN access logs (IP address, timestamp, requested URL) retained by AWS per their default logging policy — not joined to any in-app identifier.

Service providers

Google AdMob — in-app advertising (banner + interstitial); uses the advertising ID on Android.
Google measurement (app-measurement) — bundled by the AdMob and Crashlytics SDKs; collects standard device/usage signals processed by Google.
RevenueCat — Ad Free in-app purchase management and entitlement verification.
Google Firebase (Auth + Firestore) — anonymous sign-in and read-only Daily Challenge puzzle delivery.
Google Firebase Crashlytics — Android crash reporting only.
Amazon Web Services (S3 + CloudFront) — hosts this marketing page; standard CDN access logs only.

Changes to this policy

We will post material changes here and update the "Last updated" date above. Continued use of the app after changes are posted constitutes acceptance of the revised policy.

Contact

Privacy questions: privacy@swtlm.com

TLM Software Design, Inc.
27280 Haggerty Road, Ste C-6
Farmington Hills, MI 48331
USA

← Back to Connect Dots