At Tricksmith Games, LLC, we are committed to protecting your privacy. This Privacy Policy explains how our app "WristLevels" handles your information on both Apple Watch and iOS platforms when connecting to your Sonos system.
Privacy Policy for WristLevels
Effective Date: January 10, 2025 · Developer: Tricksmith Games, LLC
Overview
Information We Do NOT Collect
WristLevels does not collect, store on our servers, or track any personal information. We do not:
- Collect personal identification information
- Track your Sonos usage, volume levels, or listening habits
- Access your contacts, photos, location, or other personal data
- Store information about your Sonos households, rooms, or speakers on our servers
- Use analytics or tracking services
- Sell or share data with third parties
- Create user accounts or profiles
How WristLevels Works
WristLevels uses OAuth 2.0 to securely connect your devices directly to Sonos:
- Authentication: You log in through Sonos's official system. Your credentials go directly to Sonos—we never see them.
- Access Tokens: After authorization, secure tokens are stored only on your iPhone and Apple Watch in encrypted storage.
- Direct Communication: All commands (volume changes, mute/unmute) go straight from your device to Sonos.
- No Intermediary Storage: We don't route commands through our servers or store any information about your interactions.
Cloud Functions
WristLevels uses Google Cloud Functions solely to facilitate secure OAuth token exchange and refresh, as required by Sonos's API:
- Token Exchange: When you first authorize, our Cloud Function exchanges the authorization code for access tokens directly with Sonos
- Token Refresh: When tokens expire, our Cloud Function requests new tokens from Sonos
- Temporary Logging: Google Cloud Functions automatically generates system logs (error logs, function execution logs) that may temporarily contain request metadata. Logs do not contain your Sonos credentials or personal information.
- No Persistent Storage: We do not store, retain, or access your tokens, Sonos data, or any user information beyond Google's automatic temporary logging
- Secure Transmission: All communications use HTTPS encryption
Why this is necessary: OAuth 2.0 requires secure client credentials that cannot be safely embedded in mobile apps. Using a backend service for token operations is industry best practice and required by Sonos.
Information Stored Locally on Your Device
WristLevels stores the following information locally on your Apple Watch and/or iPhone:
- Access Tokens: Encrypted on device for authenticating with Sonos
- Household and Room Information: Cached on your devices for quick access
- App Preferences: Your selected room and volume preferences
This local data:
- Remains on your device(s) only
- Is shared between iPhone app, Apple Watch app, and widget
- Is never transmitted to Tricksmith Games servers
- Is automatically deleted if you disconnect or uninstall the app
- Cannot be accessed by us
Data Security
We take the security of your data seriously:
- Encrypted Transmission: All API communications use HTTPS encryption
- OAuth 2.0: Industry-standard authentication with automatic token expiration and refresh
- No Password Storage: Your Sonos password is never stored by WristLevels
- Minimal Permissions: WristLevels requests only "playback-control-all" scope from Sonos—the minimum required for volume control
Third-Party Services
WristLevels integrates with:
- Sonos API: WristLevels communicates directly with Sonos's official API. This communication is governed by Sonos's Privacy Policy.
- Google Cloud Functions: Used only for OAuth token operations as described above. Hosted in US-Central region.
WristLevels does not use:
- Analytics services (Google Analytics, Firebase Analytics, etc.)
- Advertising networks
- Social media integrations
- Crash reporting services
Permissions
WristLevels requests the following permissions:
- Internet Access: Required to communicate with the Sonos API
- Watch Connectivity: Allows your iPhone and Apple Watch to sync settings and tokens
WristLevels does NOT request access to:
- Location services
- Camera or photos
- Contacts
- Microphone
- Health data
Children's Privacy
WristLevels does not knowingly collect any information from children under 13 years of age. The app is suitable for all ages and contains no data collection mechanisms beyond what is necessary for Sonos authentication and use.
Your Rights and Choices
You have complete control over WristLevels and your data:
- Disconnect at Any Time: Use the "Disconnect" button in the app to revoke access tokens and clear all data
- Revoke Access: You can also revoke WristLevels's access through your Sonos account settings
- Delete Data: Deleting the app from your devices removes all associated data
- No Account Required: WristLevels doesn't create any accounts—you authenticate directly with Sonos
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes will be posted with a new effective date and notified through App Store update notes. Your continued use of WristLevels after such changes constitutes acceptance of the updated policy.
Given our commitment to privacy, we will never introduce data collection or tracking without explicit user consent and clear notification.
International Users
This Privacy Policy applies to all users worldwide. WristLevels:
- Provides the same privacy protections to all users regardless of location
Contact Us
If you have any questions about this Privacy Policy, please contact us at:
Email: support@tricksmithgames.com
Legal Information
WristLevels is developed and operated by Tricksmith Games, LLC, a company registered in the United States.
Disclaimer: WristLevels is an independent application and is not affiliated with, endorsed by, or sponsored by Sonos, Inc.