Leikvin
Get the app
Legal

Privacy

Last updated: May 11, 2026

Leikvin is an iOS app made by a small team in Denmark. We try to collect as little as possible, keep what we do collect for as short as possible, and never sell it. This page explains, in plain language, what that looks like in practice.

If you only read one paragraph: we store your email and the favorites you save, and we use a privacy-respecting product analytics tool to understand which features people use. We don’t sell your data, we don’t show ads, and we don’t see your card details. You can delete everything at any time by writing to info@leikvin.com.

Who we are

The data controller for any personal data processed through Leikvin is:

Legebanken ApS
Kirkepladsen 5
3700 Rønne
Denmark
CVR-nr.: 41862750
Email: info@leikvin.com

Because we’re established in Denmark, the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act (Databeskyttelsesloven) apply to how we handle your data, regardless of where you live. We have not appointed a Data Protection Officer because we’re not required to under Article 37 GDPR; privacy enquiries go directly to the address above.

What we collect

Account information. When you create an account we store the name and email address you give us, together with a hashed password (we never see your password in readable form). If you sign in with Apple or Google instead, we receive the email address and name those services choose to share with us, plus a stable identifier so we can recognise you next time.

App data. The games you favorite and any feedback you send us through the app. This is linked to your account so we can sync favorites across your devices and reply to feedback.

Subscription data.If you subscribe, our payments partner (RevenueCat) records your subscription status, the entitlement you bought, and your App Store transaction history, linked to your Leikvin account ID. We never see, store, or process your payment card or Apple ID password — Apple handles billing directly.

Technical data.When the app talks to our backend, our servers temporarily process the standard request information any web service sees: an IP address, the app version, and the date and time. We don’t build a profile from this; it sits in short-term server logs used for security and debugging.

Product analytics.We use PostHog to understand how Leikvin is used so we can prioritise improvements. PostHog records events about what you do in the app — for example, opening a game, favoriting it, or completing onboarding — together with your device type, OS version, app version, and a truncated IP address used for coarse country-level location and then discarded. Events are linked to your Leikvin account ID so we can follow how features get used over time, but we never pass your email, name, or anything else you typed into the app to PostHog. If you’d rather not be part of this, you can turn analytics off at any time in the app’s Settings — we’ll stop collecting events from you immediately and you won’t lose access to anything.

On-device preferences. The age groups you pick during onboarding and your notification frequency preference are kept on your device only. They are not sent to our servers.

We do not collect your precise location, contacts, calendar, photos, microphone, camera, advertising identifier, or anything else not listed above. We do not run crash-reporting SDKs in the app.

The website

This website (leikvin.com) is a plain marketing site. It does not set analytics or advertising cookies, does not embed third-party trackers, and does not require you to accept anything to read it. If you email us from the site, we’ll obviously have your email address — but only because you sent it to us.

How we use your data

  • To run the app, sync your favorites, and remember your account.
  • To check whether your subscription is active.
  • To respond when you write to us.
  • To diagnose and fix problems, and to keep the service secure.
  • To understand which features people use and where they get stuck, so we can decide what to build next (this is the analytics data described above — we never pass your email or name to PostHog, and you can switch it off in Settings).
  • To meet legal obligations (for example, keeping basic billing records).

We do not sell your data, we do not share it with advertisers, and we do not use it to train machine-learning models.

Our legal basis (GDPR)

For users in the EU/EEA and the UK, we rely on:

  • Performance of a contract— for everything needed to give you the app you signed up for: your account, your favorites, your subscription.
  • Legitimate interests— for keeping the service running, secure, and free of abuse; for replying to messages you send us; and for understanding how Leikvin is used through the product analytics described above. We’ve weighed this against your interests and think it’s a reasonable use of data given that no email or name is shared with the analytics provider, you can opt out at any time, and the data is used only to make the app better — not to advertise to you or sell anything on.
  • Legal obligation— where the law tells us we have to keep certain records (for example, tax records on subscription revenue).
  • Consent— for anything we explicitly ask you to opt in to, such as push notifications. You can withdraw consent at any time from the app’s Settings or your iOS Settings, and we’ll stop the relevant processing.

Who has access

We use a small number of third-party services to operate Leikvin. Each of them processes data on our behalf, under their own privacy terms. This is the complete list:

  • Apple— App Store distribution, Sign in with Apple, and billing for subscriptions.
  • Google— only if you choose to sign in with Google. Google then provides us with your basic profile (email and name).
  • Better Auth— the authentication library that handles sign-in, sessions, and password hashing. It runs on our own backend infrastructure.
  • Convex— our backend database and server platform. Your account, favorites, and feedback live here.
  • RevenueCat— subscription management. They receive your Leikvin account ID and your App Store purchase information so we can tell whether you have an active subscription.
  • PostHog— product analytics. They receive the anonymous events and device information described above, on PostHog’s U.S. Cloud.
  • Unsplash— the source of background images shown behind quotes. Images are loaded from Unsplash’s CDN when the app needs them; Unsplash sees the standard request data (IP address, user agent) at that moment.

We may also disclose data if a court or competent authority requires it, or if we have to defend a legal claim. If that ever happens, we will push back on overbroad requests and tell you about it unless the law forbids us from doing so.

Where your data is stored

Convex, RevenueCat, and PostHog operate from data centres in the United States, which means your data is transferred outside the EU/EEA. We rely on the European Commission’s Standard Contractual Clauses (and, for U.S.-based providers that participate, the EU–U.S. Data Privacy Framework) as the legal mechanism for that transfer. You can ask us for a copy of the safeguards in place.

How long we keep it

  • Account data— for as long as your account is active. When you delete your account, we delete your profile, your favorites, and your feedback within 30 days.
  • Subscription records— we keep the minimum billing record required by Danish accounting law (the Bogføringslov, currently 5 years from the end of the financial year) after a subscription ends.
  • Server logs— rotated within 30 days.
  • Analytics events— aggregated indefinitely for trend analysis; the underlying per-event records are deleted after 12 months.
  • Email you send us— kept for as long as we reasonably need it to handle the conversation, then deleted.

Your rights

Wherever you live, you can ask us to:

  • send you a copy of the data we hold about you,
  • correct anything that is wrong,
  • delete your account and the data attached to it,
  • restrict or object to certain processing,
  • export your data in a portable, machine-readable format.

Email info@leikvin.com from the address on your account. We will respond within 30 days. There is no cost, and we will never make you give up a right or feature for asking.

If you live in the EU/EEA and you believe we’re mishandling your data, you also have the right to complain to your national data protection authority. In Denmark that is the Datatilsyn(datatilsynet.dk). We’d appreciate the chance to fix things first — but it is your right to go straight to them.

If you live in California, you have similar rights under the CCPA/CPRA to know, delete, correct, and limit the use of your personal information. We do not sell or “share” personal information as those terms are defined under California law.

Children

Leikvin is intended for adults who play with children. The account holder must be 13 or older (16 in jurisdictions that set a higher age). We do not knowingly collect personal information from children. If you are a parent or guardian and you believe a child has signed up, write to us and we will delete the account.

Security

We use HTTPS for everything in transit, and our backend providers encrypt data at rest. Passwords are hashed and never stored in readable form. Auth tokens on your device are kept in the iOS Keychain through expo-secure-store. Access to production data is limited to the people who actually need it to operate the service. No system is perfectly secure, but we take this seriously and will tell you promptly if anything happens that affects your data.

Changes

If we change this policy in a way that affects your rights or expands what we collect, we will let you know in the app and update the date at the top of this page before the change takes effect. Smaller clarifications will just appear here with a fresh date.

Contact

Questions, requests, or anything else — write to info@leikvin.com. A real person will read it.