Privacy policy · effective 13 May 2026

Privacy is the default, not the upsell.

This policy explains what data 2UP collects, why, where it lives, and how to remove it. We've kept it short on purpose. If anything below is unclear, email support@flipside.life.

1. Who runs 2UP

2UP is operated by Flipside, an independent studio. We are the data controller for the personal information described below. Contact: support@flipside.life.

2. What we collect

We only collect what's needed to run the app. Specifically:

• Account information — your email address and a display name. Provided directly by you or by your OAuth provider (Apple, Google, Discord, Twitch). Stored in our authentication provider (Supabase) and linked to a user ID.
• App content you create — saved servers, character entries, lore journals, LFG posts, community contributions. Stored against your user ID.
• Notification preferences — which streamers or servers you've asked to be alerted about, plus a per-device push token issued by Apple.
• Region preference — used to default the server-list locale filter. Stored on-device only.
• Crash & error reports — when an error occurs we may capture a stack trace and the iOS version via Sentry. Reports are not linked to your name or email by default.

3. What we don't collect

• We do not track you across other apps or websites.
• We do not sell, rent or share your data with advertisers.
• We do not use third-party analytics or ad SDKs.
• We do not store the contents of your private chats — 2UP is read-only against Twitch/Kick/FiveM and does not connect to game voice or chat.

4. Third parties we rely on

To deliver the app we send data to a small set of service providers, each acting as a processor on our behalf:

• Supabase — account auth, database hosting.
• Apple (APNs) — push notification delivery.
• Apple StoreKit — Crew subscription & tip purchases.
• Vercel — hosting for the API backend.
• Sentry — anonymous crash reporting (only if enabled).

We also read from public Twitch, Kick and FiveM/Cfx.re APIs on your behalf. Those services see our backend's IP address — not yours.

5. How long we keep data

• Account data — for as long as your account exists.
• Crash reports — 90 days, then purged.
• Cached server & stream data — refreshed continuously, retained briefly to power offline reads.

6. Your rights

You can, at any time:

• Export your data — email us and we'll send a JSON dump within 30 days.
• Correct inaccurate data — most of it you can edit in the app.
• Delete your account — in the iOS app, go to Settings → Delete Account. This removes your auth record and all data linked to it from our database. The operation is permanent and takes effect immediately.
• Object or complain — you can also lodge a complaint with your local data protection authority if you believe we're handling your data improperly.

7. Children

2UP is not directed at children under 13. If you believe a child has provided us with personal data, email support@flipside.life and we will delete the account.

8. Changes

If we change this policy materially we'll surface the update in-app and increase the effective date at the top of this page. Continued use after the update means you accept the new terms.

9. Contact

Questions, deletion requests, data exports — support@flipside.life.