We just launched on iOS — Download The 19th
The 19th
The 19th

Privacy Policy

Effective Date: April 17, 2026

The 19th (“we,” “our,” or “us”) operates the The 19th mobile application (the “App”). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the App. By using the App, you consent to the practices described in this Privacy Policy.

This Privacy Policy should be read in conjunction with our Terms of Service, which govern your use of the App.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when creating an account and using the App:

  • Account Information: Your name, email address, and username when you create an account.
  • Authentication Data: Sign-in credentials managed through Apple Sign In or email-based authentication. We do not store passwords directly; authentication is handled by AWS Cognito and Apple's identity services.
  • Date of Birth: We collect your date of birth at the start of account creation solely to verify that you meet our minimum-age requirement (17 and older). Date of birth is stored on your account record in an encrypted database, displayed only to you inside the App, and is never shared with other users, other members of your game sessions, or any third party for advertising or marketing purposes. It can only be changed one time after account creation, after which further corrections require contacting support.
  • Profile Information: Any profile details you choose to provide, such as display name.
  • Game Data: Scores, session history, game outcomes, dollar amounts entered for scoring purposes, and settlement records you create while using the App. This data is user-entered informational content and does not represent actual financial transactions processed by the App.
  • Social Data: Your friends list, friend requests sent and received, and session invitations.
  • Communications: Information you provide when contacting our support team, submitting feedback, or reporting issues.

1.2 Information Collected Automatically

When you use the App, we automatically collect certain technical information:

  • Device Information: Device model, operating system name and version, and a unique push notification token for delivering notifications.
  • Usage Data: App interactions, feature usage patterns, session duration, and performance metrics to help us improve the App experience.
  • Log Data: Server logs that record API requests, including timestamps, request paths, and response status codes. These logs are used for security monitoring, debugging, and performance optimization.

1.3 Information We Do Not Collect

We do not collect:

  • Precise geolocation data (GPS coordinates).
  • Payment card numbers, bank account information, or financial account credentials. All subscription payment processing is handled entirely by Apple or Google, and we have no access to your payment instruments.
  • Health or biometric data.
  • Contacts from your device address book.
  • Browsing history or data from other applications on your device.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To operate, maintain, and deliver the App's core features, including game score tracking, session management, informational settlement calculations, and the Debt Center.
  • Age Verification: To confirm that you meet the App's minimum-age requirement (17 and older) at account creation and to block accounts that do not meet the requirement.
  • Social Features: To facilitate friend connections, session invitations, and in-app notifications between users.
  • Push Notifications: To send you notifications about game events, friend requests, session invitations, and other App activity (with your permission, which you may revoke at any time through your device settings).
  • Subscription Management: To process and manage your subscription tier and associated feature access.
  • Communications: To send you important service-related communications, including security alerts, policy changes, and account notifications. You may opt out of non-essential communications.
  • Improvement and Analytics: To analyze aggregated usage patterns, diagnose technical issues, and improve the App's features, performance, and user experience.
  • Security: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity.
  • Legal Compliance: To comply with applicable legal obligations, enforce our Terms of Service, and protect our rights, privacy, safety, or property.

3. How We Share Your Information

We share your information only in the following limited circumstances:

3.1 With Other Users

Certain information is shared with other App users as part of the App's core functionality:

  • Your username and profile information are visible to your friends and to other members of your game sessions.
  • Your game scores, session activity, and settlement records are visible to other members of those specific game sessions.
  • Your username is searchable by other users for the purpose of sending friend requests.

3.2 With Service Providers

We use trusted third-party service providers to operate and improve the App. These providers process data on our behalf and are contractually obligated to protect your information:

  • Amazon Web Services (AWS): Cloud infrastructure, hosting, database services, authentication (Cognito), email delivery (SES), and data storage.
  • Apple: Authentication (Sign in with Apple) and subscription payment processing (In-App Purchases).
  • Expo: Push notification delivery to your device.
  • RevenueCat: Subscription management and entitlement tracking.

3.3 For Legal Reasons

We may disclose your information if we believe in good faith that disclosure is necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request.
  • Enforce our Terms of Service or investigate potential violations.
  • Detect, prevent, or address fraud, security issues, or technical problems.
  • Protect the rights, property, or safety of The 19th, our users, or the public as required or permitted by law.

3.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

3.5 What We Do Not Do

We do not sell, rent, or lease your personal information to third parties. We do not share your information with third parties for their own marketing purposes. We do not use your data for targeted advertising.

4. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • Encryption in Transit: All data transmitted between the App and our servers is encrypted using TLS/SSL protocols.
  • Encryption at Rest: Data stored in our databases is encrypted at rest using AES-256 encryption.
  • Access Controls: Secure authentication via JSON Web Tokens (JWT) and AWS Cognito. Database access is restricted to authorized services operating within a private network (VPC).
  • Infrastructure Security: Our servers run within Amazon Web Services with network-level isolation, security groups, and role-based access controls following the principle of least privilege.
  • Password Security: We do not store passwords directly. Authentication is managed by AWS Cognito and Apple Sign In, which implement their own security measures including hashing and salting.

While we take reasonable and appropriate precautions to protect your information, no method of electronic storage or transmission over the Internet is completely secure. We cannot guarantee the absolute security of your data, and you acknowledge and accept this inherent risk.

5. Data Retention

We retain your personal information for as long as your account is active or as reasonably necessary to provide the App's services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

  • Account Data: Retained for the duration of your active account.
  • Game and Session Data: Retained to support game history, the Debt Center, and historical tracking features.
  • Log Data: Server logs are retained for a limited period for security and debugging purposes, after which they are automatically deleted.
  • Deleted Accounts: Upon account deletion, we will remove or anonymize your personal information within thirty (30) days. Certain anonymized or aggregated data that cannot reasonably be used to identify you may be retained for analytical purposes.

6. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: You may request a copy of the personal information we hold about you.
  • Correction: You may correct inaccurate or incomplete information through your profile settings in the App, or by contacting us.
  • Deletion: You may delete your account and associated data through the App's Settings screen or by contacting us at support@the19th.io. We will process deletion requests within thirty (30) days.
  • Data Portability: You may request an export of your data in a commonly used, machine-readable format by contacting us.
  • Notification Preferences: You may opt out of push notifications at any time through your device settings or the App's notification preferences. You may unsubscribe from non-essential email communications using the unsubscribe link provided in each email.
  • Withdraw Consent: Where we rely on your consent to process your information, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

To exercise any of these rights, contact us at support@the19th.io. We will respond to your request within thirty (30) days.

7. Children's Privacy and Age Assurance

The App is intended solely for users who are at least 17 years of age. We enforce this minimum-age requirement through a self-declared date-of-birth gate at account creation. If the date of birth you provide indicates that you are under 17, your account creation is blocked or the account is locked before it is used. We do not knowingly collect, solicit, or maintain personal information from anyone under the age of 13. If we become aware that we have collected personal information from a person under 13, we will promptly delete that information in accordance with the Children's Online Privacy Protection Act (COPPA). If you believe that a minor has provided us with personal information, please contact us immediately at support@the19th.io.

8. Third-Party Services

The App integrates with the following third-party services, each of which is governed by its own privacy policy:

  • Apple Sign In: For account authentication. Apple's privacy policy governs their handling of your sign-in data. We receive only the information you authorize Apple to share (name, email address).
  • Apple In-App Purchases: For subscription processing. Payment information is handled entirely by Apple and is never stored by or accessible to us.
  • Expo Push Notifications: For delivering push notifications to your device. Expo receives your device's push notification token.
  • RevenueCat: For subscription and entitlement management. RevenueCat receives anonymized identifiers for managing subscription state.
  • Amazon Web Services: For cloud infrastructure, including hosting, database, authentication, and email services.

We encourage you to review the privacy policies of these third-party services. We are not responsible for the privacy practices of any third party.

9. International Data Transfers

Our servers and service providers are located in the United States. If you are using the App from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence. By using the App, you consent to the transfer of your information to the United States.

10. State-Specific Privacy Rights

10.1 California Residents (CCPA/CPRA)

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), including the right to know what personal information we collect and how it is used, the right to request deletion, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights.

10.2 Other U.S. State Privacy Laws

Residents of states with comprehensive privacy legislation (including but not limited to Virginia, Colorado, Connecticut, Utah, and Texas) may have similar rights under their respective state laws. To exercise any applicable rights, please contact us at support@the19th.io.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or through a notification in the App at least fourteen (14) days before the changes take effect. Your continued use of the App after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically. The “Effective Date” at the top of this page indicates when this Privacy Policy was last revised.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

support@the19th.io