Privacy Policy

Introduction

Clave LLC ("we", "us", or "our") operates the Down2Debate mobile application and website (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using the Service, you consent to the data practices described in this policy.

1. Information We Collect

We collect the following categories of information to provide and improve the Service:

1.1 Account Information

• Email address
• Display name (nickname)
• Profile picture (optional)
• Authentication credentials (hashed passwords, or tokens from Apple/Google/X social login)

1.2 Voice and Debate Data

• Audio recordings of your debate turns (temporarily stored for AI judging and replay)
• Speech-to-text transcriptions generated from your audio
• AI judge evaluations and feedback text
• AI opponent response text and audio
• Your debate position (PRO/CON) and topic selections

1.3 Usage and Activity Data

• Debate history and win/loss records
• Rating and ranking scores
• Feature usage patterns and interaction data
• In-app purchase and subscription history

1.4 Technical Information

• Device information (model, operating system, version)
• App version
• IP address
• Crash logs and error reports
• Push notification tokens

2. How We Use Your Information

We use collected information for the following purposes:

• Providing, operating, and maintaining the Service
• User authentication and account management
• Debate matchmaking, turn management, and game progression
• Generating AI judge evaluations by sending debate transcriptions to OpenAI's API
• Generating AI opponent responses by sending debate context to OpenAI's API
• Computing and updating user ratings and rankings
• Sending push notifications (with your consent) for match updates and results
• Service improvement, analytics, and new feature development
• Preventing fraud, abuse, and enforcing our Terms of Service
• Responding to user inquiries and support requests
• Complying with legal obligations

3. Third-Party Services and Data Sharing

We share your data with third-party service providers solely for the purposes of operating the Service. We do not sell your personal information to third parties.

• With your explicit consent
• When required by law, regulation, legal process, or governmental request
• To protect the rights, property, or safety of us, our users, or the public
• With service providers under confidentiality agreements (detailed below)

Third-Party Services We Use

• Firebase (Google LLC) — Authentication, Firestore database, Cloud Storage, Cloud Functions, Analytics, Crashlytics. Google's privacy policy: https://policies.google.com/privacy
• OpenAI — AI judge evaluations and AI opponent responses. We send debate transcription text (not raw audio) to OpenAI's API. OpenAI's usage policies: https://openai.com/policies/usage-policies
• LiveKit — Real-time voice communication for human-vs-human debates. Audio streams are transmitted peer-to-peer via LiveKit's infrastructure. LiveKit's privacy policy: https://livekit.io/privacy
• RevenueCat — Subscription and in-app purchase management. RevenueCat's privacy policy: https://www.revenuecat.com/privacy
• Expo (EAS) — Push notification delivery and app updates. Expo's privacy policy: https://expo.dev/privacy

4. Data Retention and Deletion

We retain your data for the following periods:

• Audio recordings: Temporarily stored during and after a debate for replay functionality. Automatically deleted after 7 days.
• Transcription text and AI evaluations: Stored as part of your debate history until you delete your account.
• Account data: Retained until you request account deletion. Upon deletion, all personal data is removed within 30 days, except data we are required to retain by law.
• Technical logs: Crash logs and error reports are retained for up to 90 days for debugging purposes, then automatically purged.
• Anonymized and aggregated data (which cannot identify you) may be retained indefinitely for analytics and service improvement.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• All data in transit is encrypted using TLS/SSL
• Data at rest is encrypted in Firebase/Google Cloud infrastructure
• Firestore Security Rules enforce access control at the database level
• Authentication tokens are securely managed and regularly rotated
• We conduct regular security reviews of our codebase and infrastructure

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to promptly delete such information. If you believe we have inadvertently collected information from a child under 13, please contact us immediately at support@down2debate.com.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of access — Request a copy of the personal data we hold about you
• Right to rectification — Request correction of inaccurate personal data
• Right to erasure — Request deletion of your personal data (account deletion)
• Right to restrict processing — Request that we limit how we use your data
• Right to data portability — Request your data in a structured, machine-readable format
• Right to object — Object to processing of your data in certain circumstances
• Right to withdraw consent — Withdraw consent at any time where processing is based on consent

To exercise these rights, use the account settings in the app or contact us at support@down2debate.com. We will respond to your request within 30 days (or sooner if required by applicable law).

8. For Residents of the European Economic Area (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the following additional provisions apply under the General Data Protection Regulation (GDPR):

Legal Bases for Processing

• Contract performance — Processing necessary to provide the Service you requested (account management, debate functionality, matchmaking)
• Legitimate interests — Processing for fraud prevention, security, service improvement, and analytics, where our interests do not override your rights
• Consent — Processing based on your explicit consent (push notifications, optional data collection)
• Legal obligation — Processing required to comply with applicable laws

In addition to the rights listed in Section 7, EEA residents have the right to lodge a complaint with a supervisory authority in their country of residence.

For GDPR-related inquiries, contact us at: support@down2debate.com

Your data may be transferred to and processed in countries outside the EEA (including the United States and Japan). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

9. For Residents of California (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to know — You may request disclosure of the categories and specific pieces of personal information we have collected about you
• Right to delete — You may request deletion of your personal information
• Right to correct — You may request correction of inaccurate personal information
• Right to opt-out of sale — We do not sell your personal information. There is nothing to opt out of
• Right to non-discrimination — We will not discriminate against you for exercising your privacy rights

We do not sell, rent, or share your personal information for monetary or other valuable consideration as defined under the CCPA/CPRA.

To exercise your CCPA rights, contact us at support@down2debate.com or use the account settings in the app.

10. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including Japan and the United States, where our servers and service providers are located. These countries may have data protection laws that differ from those in your country. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy, including the use of Standard Contractual Clauses for transfers from the EEA and reliance on adequacy decisions where available.

11. Cookies and Tracking

Our website (down2debate.com) may use essential cookies for functionality (e.g., language preference). We do not use advertising cookies or third-party tracking cookies. The mobile app does not use cookies. We use Firebase Analytics to collect anonymized usage data to improve the Service. You can disable analytics data collection in your device settings.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through in-app notifications, email, or by posting a prominent notice on our website. The updated policy will be effective from the date posted. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all inquiries within 30 days.