Privacy Policy

Last Updated: May 20, 2026

This Privacy Policy describes how Babyduck LLC ("Company," "we," "us," or "our"), the owner and operator of the REGO mobile application and the website theregoapp.com, collects, uses, and shares your information. By using our Services, you agree to the terms outlined in this policy.

1. What information do we collect?

Personal information you disclose to us

We collect information that you provide directly to us when you register, create a profile, or interact with the app features. This includes:

• Account credentials: Names, email addresses, phone numbers, and profile images.
• Demographic & regional data: Country, country code, local timezone, and selected/primary languages.
• Authentication data: We may use third-party login providers (such as Google Sign-in). These providers share certain profile information with us to facilitate account creation.

Activity, rewards, and wallet data

To provide our gamification and rewards features, we track:

• Engagement metrics: Login streaks, posts, reviews, comments, replies, likes, poll votes, watchlist actions, and leaderboard-related counts.
• REGO Wallet & REGO Cash: We maintain a ledger of your wallet balance, reward entries, voucher redemption history, and redeemed voucher codes.
• Badges & social proof: We store badge awards. To enhance the community experience, earned badges, your display name, and your profile image may be displayed on your profile and within social "feed highlights" as social proof.

User-generated content

We store the reviews and posts you create. While stored as plain text, these may contain Markdown syntax, hashtags, and URLs. We are not responsible for the content of external URLs opened via the app.

Technical and device data

• Device information: Operating system, platform (iOS/Android), and device model.
• Push notifications: We collect FCM tokens and notification permissions to send deep links and push notifications. These may include action buttons (e.g., "Write Review," "Add to Watchlist") that track your interactions.

2. How do we use your information?

We use your information for legitimate business interests, including:

• Reward administration: We use Firestore and Cloud Functions to track weekly reward progress. Your profile country and email are used to determine eligibility and communicate reward claims.
• Country-based targeting: We use your profile country and Remote Config allow-lists (such as targeting.allowedCountries) to show or hide specific features like the REGO Wallet, banners, or localized rewards.
• Personalization: To tailor movie recommendations, notifications, and language settings to your preferences.

Lawful basis for processing (EEA & UK users)

If you are in the European Economic Area (EEA) or the UK, our legal basis for collecting and using your personal information depends on the context:

• Performance of a contract: To provide the REGO app, maintain your wallet, and deliver requested features.
• Consent: When you opt-in to marketing cookies or SDKs (like Meta).
• Legitimate interests: To analyze app stability, prevent fraud, and improve our services, provided these interests are not overridden by your data protection rights.

3. Analytics and marketing SDKs

To improve REGO and grow our user base, we utilize professional analytics and marketing tools. Where legally required by your jurisdiction (such as the UK and EEA), we will request your explicit, opt-in consent before activating these tracking technologies. These tools include:

• Firebase Analytics: To monitor app stability and user behavior.
• Meta (Facebook) SDK: To track user acquisition, measure the effectiveness of our marketing campaigns, and deliver relevant advertisements.

4. When and with whom do we share your information?

We may share your data in the following situations:

• With service providers and partners: To facilitate backend infrastructure (such as Google Cloud/Firebase) and to manage analytics and marketing services (such as Meta) as described in Section 3.
• For legal reasons: If required to comply with law enforcement or protect the rights of Babyduck LLC.
• Public areas: Any content you post (reviews, badges, profile name) is visible to other users of the REGO community.

5. Data retention and security

We keep your information for as long as necessary to fulfill the purposes outlined in this policy or as required by law. Specifically, we retain your account profile and gamification data for the lifespan of your active account. If you request account deletion, we will purge your personal data within 30 days, excepting any data we are legally required to retain for tax, legal, or security auditing purposes. We implement industry-standard technical and organizational security measures, including data encryption in transit (TLS/HTTPS) and at rest, to protect your personal data against unauthorized access, loss, or alteration. While we strive to protect your data, no electronic transmission or storage system is 100% secure.

6. Children's privacy

The REGO app is not directed to individuals under the age of 13 (or under 16 in certain European jurisdictions). We do not knowingly collect personal information from children under these age limits. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at admin@theregoapp.com so we can take steps to delete such data immediately.

7. International data transfers

Babyduck LLC is headquartered in the United States. Your information, including personal data, may be transferred to, stored, and processed in the United States or other countries where our service providers (such as Google Cloud) operate. By using the app, you acknowledge that your data will be transferred to the US. For users in the EEA/UK, we rely on legally provided mechanisms, such as Standard Contractual Clauses (SCCs), to lawfully transfer your data across borders.

8. Account deletion

You have the right to delete your REGO account and associated personal data at any time. You can initiate this process directly within the REGO app by navigating to Settings > Privacy > Delete Account. Alternatively, you may submit a verifiable deletion request by emailing admin@theregoapp.com.

9. Your privacy rights

Depending on your location (such as the EEA or California), you may have rights to:

• Request access to or a copy of your personal data.
• Request deletion of your account and associated data.
• Opt out of specific tracking or marketing communications.

To exercise these rights, please contact us at the email provided below.

10. Notice to California residents

Under the California Consumer Privacy Act (CCPA), California residents have specific rights regarding their personal information:

• Right to know & delete: You can request access to or deletion of the personal information we have collected over the past 12 months.
• Right to opt-out of sale/sharing: We use the Meta SDK for marketing, which may be considered "sharing" under California law. You can opt out of this tracking via your device's tracking settings or by contacting us.
• Non-discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a request, contact admin@theregoapp.com.

11. Updates to this policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Last Updated" date and the updated version will be effective as soon as it is accessible.

12. Contact us

If you have questions about this policy or the handling of your data, you may contact the Admin of REGO at: