Privacy Policy

Who we are

This policy describes how Manu Games LLC ("Manu Games", "we", "us") handles personal data across two surfaces: Tideward (the "App") and the website at tideward.app (the "Website").

For privacy questions, write to privacy@manugames.com. We aim to respond within 30 days, faster where statute requires.

Scope of this policy

The two surfaces have different audiences, different data flows, and different geographic availability. This matters; please don't read them as one thing.

• The App — Tideward on iPhone, iPad, Mac, Apple TV, Apple Vision Pro, and Apple Watch. At launch, the App is distributed only via the United States App Store. Users outside the United States cannot install it. App-specific sections of this policy apply to U.S. residents and are framed around U.S. law. When we expand, this policy will be updated first.
• The Website — tideward.app. Globally accessible, hosted on GitHub Pages. The Website runs no analytics, no advertising scripts, no tracking pixels, no third-party cookies, and sets no first-party tracking cookies. There is no "Accept cookies" banner because there are no cookies to accept.

Each section below carries one or more surface tags so you know which surface its disclosures apply to. Where a section says App, read it as a U.S.-only disclosure. Where it says Website, the disclosure is written for a global audience.

The Manu Games newsletter (The Assembly Line) and the publisher-level website at manugames.com have their own privacy policy at manugames.com/privacy.

What we collect — and don't

The short version, in plain language. The strongest single statement is this:

The App does not embed any third-party SDK. No analytics, no advertising, no attribution, no crash reporting, no fingerprinting library, no anything that could phone home about you. The App's only network calls reach Apple's frameworks: CloudKit, Game Center, and StoreKit.

Across the surfaces:

• App — only Apple-mediated identifiers and the gameplay content you create. Never sent to Manu Games beyond what Apple's frameworks provide.
• Website — no scripts that profile you, no first-party or third-party tracking cookies, no advertising network. The only third-party requests originate when you choose to load the YouTube trailer.

Data flows in the App

Three discrete flows touch personal data inside the App. There are no others.

• Save state — Apple iCloud / CloudKit private database. Your character, inventory, skill XP, settings, and other in-game state are stored in your private iCloud container. Apple is the service provider. We do not have access to the contents of that container; we cannot read your save.
• Game Center. If you have Game Center enabled and choose to use leaderboards or achievements, Apple displays your Game Center alias and score to other Game Center users. Apple is the controller for Game Center; we render Apple-supplied leaderboard data inside the App.
• StoreKit 2 — in-app purchase. When you make a purchase, Apple is the merchant of record. The App reads your entitlement (a yes/no flag indicating you own the unlock) via Apple's StoreKit framework. Refunds, disputes, and billing are handled at reportaproblem.apple.com.

On-device-only telemetry

To make balance and pacing decisions in future updates, the App generates lightweight engagement metrics — session lengths, return gaps between sessions, and Day-N retention markers — and stores them in a JSON file on your device. This file is never transmitted to Manu Games. It is read only by the App on your device.

You can clear it at any time using Settings → Delete Local Data inside the App; it is also removed when you uninstall the App. An optional debug screen lets you export this file as JSON if you want to share it with us voluntarily; without your explicit, voluntary export, we have no path to this data.

Game Center

Game Center is Apple's gaming social layer. If you choose to use it, your Game Center alias may be visible to other Game Center users on Apple-hosted leaderboards, and the App will render Apple-supplied leaderboard rows inside its own UI.

You can disable Game Center system-wide in iOS Settings → Game Center, or per-game on iOS 17+ in Settings → Game Center → Per-Game Profile. When Game Center is disabled, the App cannot read your alias or post scores, and it does not retain a shadow copy of either.

Apple as processor

Apple Inc. processes save-state and entitlement data on Manu Games's behalf, in its capacity as a service provider under the Apple Developer Program License Agreement and Apple's published iCloud and Game Center processing terms. We rely on those documents as the operative service-provider agreement; we do not separately negotiate processor terms with Apple, and we do not represent otherwise.

App Privacy Nutrition Label

Apple's "App Privacy" disclosure framework on the App Store excludes data that is "processed only on device" from a developer's collection-and-disclosure obligations. That is the basis on which the on-device-only telemetry described above is not declared as data collection in App Store Connect, even though it is described in this policy. We surface it here for transparency; it does not appear on the App Store privacy nutrition label because it does not leave your device.

Apple itself collects and discloses information related to its own services (Game Center alias display, App Store purchase history). Those disclosures are Apple's responsibility; consult Apple's privacy policy.

The website

The Tideward website at tideward.app hosts this policy, the dev blog, the FAQ, the roadmap, and a press kit. It runs no analytics, no advertising, no tracking pixels, and no fingerprinting. The site sets no first-party or third-party cookies. There is no "Accept cookies" banner because there are no cookies to accept.

One embedded third-party element loads on certain pages and may make its own request when you interact with it:

• YouTube — the homepage embeds the trailer using YouTube's privacy-enhanced mode. When you press play, your browser contacts YouTube; YouTube's behavior is governed by Google's privacy policy.

If you do not want to load the YouTube trailer, simply do not press play.

Server logs

The Website is hosted on GitHub Pages. As a structural matter, GitHub's edge servers (operated by Fastly) record standard HTTP access logs containing IP address, user agent, requested path, response code, and timestamp. We do not have access to these logs, do not retrieve them, and do not maintain any parallel copy. GitHub's data practices are governed by GitHub's privacy statement.

Retention

• CloudKit save data is retained until you delete it. You can delete it inside the App at Settings → Delete iCloud Data for Manu, or in your device's Settings → Apple Account → iCloud → Manage Account Storage.
• On-device telemetry is retained until you tap Settings → Delete Local Data in the App or uninstall the App.
• Game Center data is retained per Apple's Game Center policies; you can disable Game Center system-wide or per-game in iOS Settings (iOS 17+).
• StoreKit purchase history is retained by Apple per its policies; we hold no parallel copy.
• Server logs at GitHub / Fastly are retained per GitHub's policies; we do not retrieve or retain them ourselves.

Your rights

The specific rights you have depend on where you live and which surface is involved. To exercise any of them, write to privacy@manugames.com. We will respond within the timeframe applicable law requires (commonly 45 days, sometimes extendable).

• Right to know / access — confirmation of whether we process personal information about you and a copy of what we hold. For the App, our response will describe categories rather than produce stored content (we hold no off-device data); for the actual data your devices and iCloud hold, use Apple's Data and Privacy portal or the in-app export.
• Right to correct — to correct inaccurate personal information we hold.
• Right to delete — for App data, use Settings → Delete Local Data and Settings → Delete iCloud Data for Manu in the App. For anything else, email us.
• Right to opt out of "sale" or "sharing" for cross-context behavioral advertising. We do not sell or share. There is nothing to opt out of.
• Right to portability — receive your personal information in a structured, machine-readable format. For the App, use the in-app export and Apple's Data and Privacy portal.
• Right to limit use of sensitive personal information. We do not process sensitive personal information.
• Right to non-discrimination — we will not deny service, charge different prices, or provide different quality because you exercised a privacy right.
• Right to appeal — if we deny a rights request you submit, you may appeal by replying to our response email within 60 days; we will respond to the appeal within 60 days and explain our reasoning.

Children

Tideward is rated 12+ in Apple's age-rating system but is not directed to children within the meaning of the U.S. Children's Online Privacy Protection Act (COPPA, 16 CFR Part 312) or the New York Child Data Protection Act. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and become aware that a child under 13 has used the App, contact privacy@manugames.com. We will delete personal information consistent with COPPA, document the deletion, and confirm in writing.

The App applies child-protective defaults to all users — no profiling, no targeted advertising, data minimization, sensible privacy defaults — regardless of age.

International transfers

One flow leaves your home jurisdiction in any meaningful sense:

• Apple infrastructure (App). Apple operates iCloud and Game Center infrastructure in the United States and other jurisdictions. Apple's transfer protections — including its Standard Contractual Clauses and certifications — apply to those flows. We do not separately re-transfer data; we rely on Apple's processor terms.

Apple's privacy policy is at apple.com/legal/privacy.

Security

We rely on infrastructure-level security from our service providers. CloudKit data is encrypted in transit and at rest; on-device data is protected by iOS data protection. The Website is a static site with no server-side logic, no database, and no authentication system. Because we operate no servers ourselves, our attack surface is reduced to the App binary itself, distributed and signed through Apple. We follow Apple's secure-development practices and review every dependency we add.

Breach notification

If a personal-information breach occurs that is likely to affect you, we will notify you and, where required, the applicable state attorney general or enforcement authority within the timeframes the applicable law requires — generally "without unreasonable delay" under most U.S. state breach-notification statutes, with specific deadlines in some states.

Where a breach occurs on Apple's infrastructure, Apple as processor is required to notify Manu Games without undue delay; the same notification clocks then run for us as data controller.

US state-specific notices

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Iowa, Indiana, Tennessee, Montana, Delaware, New Hampshire, New Jersey, Nebraska, Maryland, Minnesota, or Rhode Island — or another state with a substantially similar comprehensive privacy law — the following apply to your interactions with the App:

• Categories of personal information processed: Apple-mediated identifiers (Apple ID, Game Center player ID, StoreKit entitlement) and gameplay content stored in your iCloud private database.
• Purposes: delivering the App, syncing your save through Apple's CloudKit, and granting your in-app purchase entitlement.
• Categories of third parties with whom personal information is shared: Apple Inc. as service provider for CloudKit, Game Center, and StoreKit; GitHub Inc. hosts the Website and logs standard HTTP access requests at the edge.
• We do not sell personal information. We have not sold personal information in the prior 12 months and do not intend to.
• We do not "share" personal information for cross-context behavioral advertising. We do not engage in advertising at all.
• We do not engage in profiling for legal or similarly significant decisions.
• Sensitive personal information: we do not process sensitive personal information as defined by these statutes.
• Universal opt-out signals (GPC): because we do not engage in selling, sharing, or targeted advertising, there is no such processing for a Global Privacy Control or equivalent signal to opt out of. We honor any signal we are required by law to honor.
• Right to appeal: if we deny a rights request you submit, you may appeal by replying to our response email within 60 days; we will respond within 60 days and explain our reasoning.

Maryland (MODPA). We limit collection of personal data to what is reasonably necessary and proportionate to the specific service you have requested. We do not sell personal data of any consumer we know to be under 18, and we do not process minor data for targeted advertising.

California (CCPA / CPRA). California residents have specific rights described above (right to know, delete, correct, opt out of sale/sharing, limit use of sensitive PI, non-discrimination, appeal). Retention windows are described in Retention. Our designated method for submitting rights requests is the email address in Contact.

Washington and Nevada — consumer health data

Tideward is a game. It is not framed as wellness, mindfulness, mental-health support, fitness, sleep tracking, or any health-related service.

We do not collect or process "consumer health data" as defined in Washington's My Health My Data Act (RCW 19.373.020(8)) or Nevada SB 370. Session-length, return-gap, and engagement telemetry are stored only on your device, are not transmitted to Manu Games, and are not used to identify any past, present, or future physical or mental health status.

New York minors (CDPA)

Tideward is a general-audience service and is not "primarily directed to minors" within the meaning of the New York Child Data Protection Act. We do not knowingly process personal data of New York minors under 13 except as permitted by COPPA, and we do not process personal data of New York minors aged 13–17 except as strictly necessary to provide the service the user has requested.

Third-party links

The App and the Website link to third-party services we don't control: Apple's TestFlight and App Store, Discord, X, YouTube (for the trailer), and our personal portfolio link. Once you click through, you're governed by their privacy practices, not ours. We've chosen partners we believe handle data responsibly, but please review their policies for the parts we can't speak to.

Updates to this policy

We may update this policy when our data practices change, when statute requires, when we expand to new regions, or when we improve the wording. The Effective Date and Last Updated stamps at the top will move forward and we will surface a first-launch notice inside the App for material changes. International expansion of the App will be one of those material changes — that update will add the jurisdiction-specific disclosures EU, UK, and other international users need.

Contact

Three channels, each scoped to a specific kind of question:

• Privacy questions, rights requests, deletion requests, complaints: privacy@manugames.com
• Refund-rights inquiries and other legal notices: legal@manugames.com
• General support and product questions: support@manugames.com

Manu Games LLC
89 Waynesville Plaza #1028
Waynesville, NC 28786
United States