Legal

Privacy Policy

Last updated 22 April 2026

This policy explains what data the Adventure Coin mobile app and this website process, why, and what you can do about it.

1. Who is responsible for your data

Adventure Coin is operated by Kevin Kulcsár, an individual developer (referred to here as "the operator", "we", and "us"). The operator is the data controller for the processing described in this policy.

For any question about this policy or your data, contact kulcsarkevin@gmail.com.

2. What the app does

Adventure Coin is a location based game. You travel to real world GPS coordinates and claim Adventure Coin (ADV), a utility token on the Base network. The app includes a peer to peer marketplace where users trade ADV against USDC. The app is non custodial. A wallet is created on your device and its private key is stored only in the iOS Secure Enclave or the Android Keystore. We never receive or store your private key or recovery phrase.

3. What personal data we process

We keep data collection to the minimum the game needs to function.

(a) GPS location

Category: location data. When you claim a coordinate, the app reads your device GPS position to confirm you are physically close enough. The position is evaluated on your device. A short lived request is sent to our server with the data needed to verify the claim cryptographically. We do not build a location history and we do not track your movement between claims.

(b) Public wallet address

Category: identifiers. Your public wallet address is required to send ADV to you and to record marketplace activity. A public wallet address is, by design, visible to anyone who looks at the public ledger.

(c) Anti cheat signals

Category: device data. With each claim request the app sends technical signals: a device fingerprint, jailbreak or root status, and claim timing patterns. These exist to detect GPS spoofing, automation, and multi accounting.

(d) Crash reports and basic analytics

Category: technical and usage data. If you opt in, the app sends crash reports and event names such as "claim_completed". These contain no personal identifiers.

What we do not collect: email address, real name, date of birth, phone number, payment card data, identity documents, contacts, or photos.

4. Legal basis for each activity (Article 6 GDPR)

• GPS verification: Article 6(1)(b), processing necessary to perform the service you requested, which is claiming a coordinate.
• Public wallet address: Article 6(1)(b), necessary to deliver tokens to you and to operate the marketplace.
• Anti cheat signals: Article 6(1)(f), our legitimate interest in keeping the game fair and preventing fraud. You can object to this processing, see section 8.
• Crash reports and analytics: Article 6(1)(a), your consent. You can withdraw consent at any time in the app settings, with no effect on the rest of the app.

5. Where your data is processed

App data is processed on servers located in the European Union and operated by the operator.

6. How long we keep data

• Raw GPS samples used for claim verification: deleted within 90 days.
• Anti cheat signals: kept up to 12 months, then deleted or aggregated into non personal statistics.
• Crash reports and analytics: kept up to 14 months.
• On chain transactions: permanent. They live on the public ledger and cannot be erased by us.

7. Third parties that process data for the service

We rely on the following providers to run the app. Each has its own privacy policy.

• Apple Inc. iOS, the Secure Enclave, and App Store distribution. apple.com/legal/privacy
• Google LLC. Android, the Android Keystore, and Play Store distribution. policies.google.com/privacy
• Base network RPC providers. Used to read balances and broadcast transactions to the Base network. Sending a transaction exposes your public wallet address to the provider, which is unavoidable for any on chain action.
• WalletConnect, now operating as Reown. Used when you connect an external wallet. reown.com/privacy-policy

8. Your rights

Under the GDPR you have the right to access your data, correct it, have it erased, restrict its processing, receive it in a portable format, and object to processing that is based on legitimate interest. To exercise any right, email kulcsarkevin@gmail.com. We respond within one month.

One limit: data already written to the public ledger cannot be erased, because that ledger is public, permanent, and not controlled by us. This is a property of the technology, not a choice we make.

You also have the right to lodge a complaint with the Spanish data protection authority, the Agencia Española de Protección de Datos (AEPD), at aepd.es.

9. Private keys and your wallet

The wallet created inside the app generates its private key on your device. That key is stored only in the iOS Secure Enclave or the Android Keystore. It is never sent to our servers and we cannot access it. If you lose your device and your recovery phrase, we cannot restore your wallet for you.

10. Buying cryptocurrency

The app does not sell cryptocurrency and does not process card payments. If you fund an external wallet such as Coinbase Wallet, MetaMask, or Rainbow with a card or bank transfer, that purchase happens entirely inside that wallet app or its payment provider. Adventure Coin never sees your card data.

11. This website

The website at adventure-coin.com does not set cookies and does not run advertising or analytics trackers. Some pages load fonts or a document viewer from third party content networks, which receive your IP address as a technical part of delivering those files. See the Cookie Policy for detail.

12. Children

The app is not directed at children under 13. We do not knowingly process data from children. If you believe a child has used the app, contact us and we will remove the related data.

13. Changes to this policy

If this policy changes, the new version is posted on this page with an updated date at the top. Significant changes will also be announced in the app.

14. Contact

Privacy requests and questions: kulcsarkevin@gmail.com.