Anti Fakes — Privacy Policy
Effective date: 2026-04-29 Last updated: 2026-04-29 Publisher: Hogan Sung (sole developer / hes.labs.dev) Contact: hes.labs.dev@gmail.com
This privacy policy explains how the Anti Fakes mobile application (“the app”, “we”) collects, uses, shares, and stores your information. By installing and using the app you agree to this policy.
1. Who we are
Anti Fakes is published by an individual developer (Hogan Sung) operating under the project name hes.labs.dev. There is no separate legal entity. Throughout this policy, “we” refers to that individual.
2. What the app does
Anti Fakes is a fact-checking voice game. In each round, the app reads a fictional or distorted statement aloud, listens to the player’s spoken correction for ~15 seconds, and an AI judge scores how well the player identified what was wrong.
To make this work, the app:
- Records short audio clips on device only while a round is active.
- Sends the audio to a third-party speech-to-text service to convert it to text.
- Sends the transcript and the round’s claim to a third-party AI service that returns a numeric score plus brief feedback text.
- Stores anonymous gameplay events (round duration, score, locale, app version, crash reports) so we can detect bugs and improve the game.
3. Data we collect
| Category | What | Source | Purpose |
|---|---|---|---|
| Voice recordings | Up to ~15 seconds of microphone audio per round (e.g. recording_<timestamp>.m4a) |
Captured locally during a round | Transcribed to text so the judge can score it |
| Voice transcripts | The text version of your spoken answer | Returned by the speech-to-text provider | Sent to the judge; stored briefly with the round result for review |
| Gameplay events | Round number, claim ID, score, streak, locale, TTS on/off, selected topics, daily-challenge day index, session ID, app version, build channel, platform | Generated by your device while you play | Diagnose gameplay bugs, balance difficulty, measure engagement |
| Anonymous user ID | A random Firebase UID assigned the first time you open the app (not tied to any account, name, or email) | Firebase Authentication anonymous sign-in | Group your sessions together so we can debug per-user issues |
| Tester alias (optional) | A short nickname you type into the app yourself | Provided by you | Help us correlate feedback you send us with telemetry |
| Crash and performance data | Stack traces, device model, OS version, app version, frame timing | Firebase Crashlytics + Firebase Performance | Detect and fix crashes and slow paths |
| Device & install identifiers | Firebase Installation ID (FID), platform name, app version | Firebase SDKs | Required for Firebase services to function |
| Player feedback | Optional thumbs-up / thumbs-down / written feedback you submit at the end of a round | Submitted by you | Improve judging quality and content |
The app does not collect:
- Your real name, email address, phone number, or postal address.
- Your contacts, calendar, photos, files, location, or any other sensors beyond the microphone.
- Behavioral advertising identifiers (we do not run ads).
- Payment information (the app is free, with no in-app purchases).
4. How we use your data
| Use | Data used |
|---|---|
| Score your in-game answers | Voice transcript, claim text |
| Show you your past results | Score, transcript, judge feedback |
| Fix crashes and bugs | Crash reports, device info, app version |
| Decide whether your app is too old and needs a forced update | App version, build channel |
| Measure overall engagement (daily active users, completion rates) | Anonymous gameplay events |
| Reply to a bug report you send us | Tester alias + the events tied to it |
We do not use your data to:
- Build advertising profiles.
- Sell or rent it to anyone.
- Train third-party AI models. (See “Third parties” below for the contractual terms that bind our processors.)
5. Third parties we share data with
The app cannot work without sending some data to the following processors. Each one is named here so you know exactly who gets what.
5.1 OpenAI (speech-to-text)
- What is sent: the ~15-second audio clip from a round, plus the locale tag (e.g.
en-US). - Why: to transcribe your speech into text using the Whisper model.
- Endpoint:
https://api.openai.com/v1/audio/transcriptionsover TLS. - Their terms: OpenAI’s API data usage policy (audio submitted via the API is not used to train OpenAI’s models). See openai.com/policies/api-data-usage-policies.
5.2 Google Firebase / Google Cloud (judging, hosting, analytics, crash reports)
We use Google Firebase as our entire backend. This means several Google services receive data:
- Firebase AI Logic / Vertex AI Gemini — receives the round’s claim text plus your transcript; returns a score and short feedback. Google’s Vertex AI generative AI terms apply; data sent through Vertex AI is not used to train Google’s foundation models.
- Cloud Firestore — stores anonymous gameplay events, your round/session documents, and your optional feedback.
- Firebase Authentication — issues your anonymous user ID.
- Firebase Storage — hosts the gameplay content bundles your app downloads on launch (the records of fictional statements). No personal data is uploaded here.
- Firebase Analytics — receives basic event names and the install ID. We do not enable IDFA / Advertising ID collection.
- Firebase Crashlytics — receives crash stack traces and device metadata when the app crashes.
- Firebase Performance Monitoring — receives anonymized timing samples for app startup and key screens.
- Firebase Remote Config — pushes feature flags and a “minimum supported version” number to your app. This is server-to-app only; nothing about you is sent up.
- Firebase App Check — verifies that requests to our backend come from a genuine, untampered build of the app. Uses Apple App Attest / Google Play Integrity tokens; no personal data.
Google’s privacy commitments for these services live at firebase.google.com/support/privacy and cloud.google.com/terms/cloud-privacy-notice.
5.3 The platform stores (Apple, Google)
When you install or update the app, Apple and Google process diagnostic and crash data per their own privacy policies. We do not control that.
6. How long we keep your data
| Data | Retention |
|---|---|
Voice recording (.m4a) |
Deleted from your device immediately after transcription completes (and on app cleanup) |
| Voice transcript | Stored in your local round history; copied to Firestore as part of the round document; retained indefinitely unless you request deletion |
| Round / session documents in Firestore | Retained indefinitely unless you request deletion |
| Crash reports, performance traces | Retained for up to 90 days by Firebase, per Google’s defaults |
| Firebase Analytics events | Retained for up to 14 months, per Google’s defaults |
| Firebase Storage gameplay bundles | Indefinite; contains no personal data |
7. Children
Anti Fakes is rated Teen / 13+ and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has used the app, please contact us and we will delete the associated anonymous data on request.
8. Your rights
You have the right to:
- Know what data we have about you (this policy lists every category; we do not collect anything else).
- Request deletion of all data tied to your anonymous user ID. Email us at hes.labs.dev@gmail.com; to identify your data, we’ll ask you for the Firebase UID shown in the app’s Settings → About panel and we will delete all matching Firestore documents within 30 days.
- Stop participating at any time by uninstalling the app. Uninstalling stops further data collection but does not retroactively delete data already sent — use the deletion request above for that.
- Withdraw microphone permission in your device’s system settings at any time. The app will continue to launch but rounds that need your voice will not score correctly.
EU/UK residents: this policy is the legal basis for processing under GDPR Articles 6(1)(b) (performance of a contract — gameplay) and 6(1)(f) (legitimate interest — debugging and improving the app). California residents: the app does not “sell” or “share” your personal information as those terms are defined under CCPA / CPRA.
9. Security
- All network traffic between the app and our processors uses TLS / HTTPS.
- Audio recordings live only on your device’s encrypted private app sandbox before transcription.
- Backend writes go through Firebase App Check, so requests from a tampered or non-genuine app are rejected.
- We do not store any account passwords because the app does not have accounts.
No system is perfectly secure. If you believe you’ve found a vulnerability, please email hes.labs.dev@gmail.com and give us a reasonable opportunity to fix it before public disclosure.
10. International transfers
Your data may be processed in the United States (OpenAI, Google) and other countries where Google operates regional data centers. By using the app you consent to those transfers. We rely on the standard contractual clauses of our processors where applicable.
11. Changes to this policy
If we change how the app collects or uses data, we will post an updated version of this page and bump the “Last updated” date at the top. Material changes will be announced in the app’s release notes for the next version.
12. Contact
Questions, deletion requests, or privacy concerns:
Hogan Sung — hes.labs.dev Email: hes.labs.dev@gmail.com
隱私權政策 (繁體中文)
生效日期: 2026-04-29 最後更新: 2026-04-29 發行者: Hogan Sung(個人開發者 / hes.labs.dev) 聯絡方式: hes.labs.dev@gmail.com
本政策說明 Anti Fakes(中文名稱:闢謠對決)行動應用程式如何收集、使用、分享與儲存您的資料。安裝或使用本應用程式即表示您同意本政策。
1. 我們是誰
Anti Fakes 由獨立開發者 Hogan Sung 以 hes.labs.dev 名義發行,目前並非註冊公司,因此本政策中的「我們」指該開發者本人。
2. 應用程式做什麼
每一回合中,應用程式會朗讀一則含錯誤的虛構陳述,您有約 15 秒以口語指出錯誤,AI 評審會根據您的描述給分。
為達成此功能,應用程式會:
- 在回合期間於本機錄下您的語音。
- 將該段音訊傳送給第三方語音轉文字服務轉成文字。
- 將文字與該回合的陳述送給第三方 AI 評審以取得分數與簡短回饋。
- 記錄匿名的遊戲事件(回合用時、分數、語系、應用程式版本、當機紀錄)以利除錯與改善遊戲。
3. 我們收集的資料
| 類別 | 內容 | 用途 |
|---|---|---|
| 語音錄音 | 每回合最多約 15 秒的麥克風音訊 | 轉成文字供評分用 |
| 語音逐字稿 | 您口語回答的文字版本 | 送交評審;以回合紀錄保存 |
| 遊戲事件 | 回合編號、陳述 ID、分數、連勝數、語系、TTS 開關、所選主題、每日挑戰序號、Session ID、App 版本、建置通道、平台 | 除錯、平衡難度、衡量參與度 |
| 匿名使用者 ID | 首次開啟時由 Firebase 隨機指派(與任何帳號、姓名或 Email 無關) | 將同一使用者的回合彙整,用於除錯 |
| 測試者暱稱(選填) | 您自行輸入的簡短代號 | 將您回報的問題與遙測資料對應 |
| 當機與效能資料 | Stack trace、裝置型號、作業系統版本、App 版本、影格時間 | 偵測並修復當機與效能問題 |
| 裝置與安裝識別碼 | Firebase Installation ID、平台名稱、App 版本 | Firebase 服務運作所需 |
| 玩家回饋 | 回合結束後的選填讚/倒讚/文字回饋 | 改善評審品質與內容 |
我們不會收集真實姓名、Email、電話、地址、聯絡人、行事曆、相片、檔案、定位資訊,以及任何用於行為廣告投放的識別碼。本應用程式為免費,亦無內購功能,因此不收取付款資料。
4. 第三方處理者
- OpenAI:接收語音音訊並回傳逐字稿(不用於訓練 OpenAI 的模型)。
- Google Firebase / Google Cloud Vertex AI:包含 Firebase AI Logic(評審推論)、Cloud Firestore(事件儲存)、Firebase Authentication(匿名 ID)、Firebase Storage(遊戲內容包)、Analytics、Crashlytics、Performance Monitoring、Remote Config、App Check。Vertex AI 接收到的內容不用於訓練 Google 的基礎模型。
- 平台商店(Apple、Google):依其各自隱私政策處理安裝與診斷資料,我們無法干預。
5. 保存期限
- 語音錄音檔:轉文字完成後立即從本機刪除。
- 逐字稿與回合紀錄:除非您要求刪除,否則保留於 Firestore。
- 當機與效能紀錄:依 Firebase 預設保留至多 90 天。
- Analytics 事件:依 Firebase 預設保留至多 14 個月。
6. 兒童
本應用程式分級為 13 歲以上 / Teen,並非以 13 歲以下兒童為對象。若您發現有未滿 13 歲兒童使用本應用程式,請聯絡我們,我們將依請求刪除相關匿名資料。
7. 您的權利
- 資料查詢:本政策已列出所有蒐集類別。
- 要求刪除:寄信到 hes.labs.dev@gmail.com,附上 App 內「設定 → 關於」中顯示的 Firebase UID,我們會在 30 天內刪除對應的 Firestore 文件。
- 停止使用:可隨時解除安裝;解除安裝會停止後續收集,但已上傳的資料須以上述方式請求刪除。
- 撤回麥克風權限:可在裝置系統設定中關閉,但回合將無法計分。
歐盟/英國使用者:本應用程式以 GDPR 第 6 條第 1 項 (b)(履行契約—遊戲功能)與 (f)(正當利益—除錯與改善)作為處理依據。加州使用者:本應用程式並未依 CCPA / CPRA 之定義「販售」或「分享」您的個人資料。
8. 安全
- 所有網路傳輸均使用 TLS / HTTPS。
- 語音檔僅短暫存於裝置加密的 App 私有空間。
- 後端寫入需通過 Firebase App Check,遭竄改的非正式版 App 將被拒絕。
- 本應用程式無帳號,因此不儲存任何密碼。
9. 國際傳輸
您的資料可能在美國(OpenAI、Google)以及 Google 所在的其他國家/地區處理。使用本應用程式即表示您同意上述傳輸。
10. 政策變更
當我們調整資料收集方式時,將更新本頁並修改頂端的「最後更新」日期。重大變更會於下一版的更新說明中告知。
11. 聯絡
如有疑問或刪除需求:
Hogan Sung — hes.labs.dev Email: hes.labs.dev@gmail.com