Privacy Policy
Last Updated: March 20, 2026 | Version 1.1
CritForge ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-assisted tabletop RPG content generation service.
Quick Summary:
- We collect only essential data for service operation and safety
- Your generated content belongs to you
- We never sell your personal information
- Safety violation logs are hashed and anonymized
- You can delete your account and data at any time
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Email address: For account creation, login, and communication
- Display name: Optional username for personalization
- Password hash: Stored securely via Supabase Auth (we never see your plain-text password)
- Subscription tier: Trial, Solo, Pro, or Studio status
1.2 Generated Content
We store content you generate through our service:
- Generation parameters: Settings, preferences, and input prompts
- AI-generated output: NPCs, plots, maps, and encounters you create
- Content metadata: Creation date, version history, tags
- Chat history: Conversation turns for content iteration (automatically expires after 7 days)
1.3 Usage & Analytics Data
We collect usage statistics to improve our service:
- Generation logs: Timestamp, content type, token usage, AI model used, cost
- Rate limit tracking: Generations remaining, reset timestamps
- Feature usage: Which content types and features you use most
- Performance metrics: Request latency, error rates, system health
- Session recordings: When enabled, a sample of sessions may record page navigation, clicks, and scroll behavior to help us identify UX issues. All form inputs are masked. Session recording is subject to your cookie consent preference.
1.7 Cookies & Local Storage
We use the following cookies and browser storage:
- Authentication cookies: Required for login sessions. Set by Supabase Auth. These are essential and do not require consent.
- Analytics cookies (PostHog): Track page views, feature usage, and performance metrics. Only set after you accept cookies via the consent banner.
- Consent preference: Stores your cookie consent choice in browser local storage so we don't ask again.
- Theme and UI preferences: Stores your visual theme selection and UI state in browser local storage.
You can manage cookies through the consent banner (shown on first visit), your browser settings, or the cookie preferences link in our footer.
1.4 Safety & Compliance Data
⚠️ Important: Safety Violation Logging
When our automated safety systems detect policy violations, we log:
- User ID: To track repeat violations per our Terms of Service
- Timestamp: When the violation occurred
- Violation type: Category (CSAM attempt, hate speech, self-harm, etc.)
- Severity level: Risk score for enforcement purposes
- SHA256 hash of input: Cryptographic fingerprint only (actual harmful content is never stored)
- Matched pattern: Which safety rule was triggered
We do NOT store the actual content of policy violations. Logs are retained for 30 days for safety monitoring and compliance.
1.5 Payment Information
Premium subscriptions are processed through Stripe. We store:
- Stripe Customer ID: Links your account to Stripe
- Subscription status: Active, canceled, past due, etc.
- Payment method type: Card brand (Visa, Mastercard) - NOT full card numbers
We never see or store your full payment details. Stripe handles all payment processing securely. Stripe's Privacy Policy
1.6 Automatically Collected Data
- IP address: For rate limiting and abuse prevention (not stored long-term)
- Browser/device info: User agent string for compatibility
- Cookies: Session authentication cookies (required for login)
2. How We Use Your Information
2.1 Service Delivery
- Generate AI content based on your requests
- Save and retrieve your generated content
- Enable chat-based content iteration
- Enforce tier limits (generations per month, saved items)
2.2 Safety & Trust
- Detect and prevent prohibited content violations
- Monitor for abuse and automated attacks
- Enforce Terms of Service compliance
- Respond to legal obligations and safety concerns
2.3 Service Improvement
- Analyze usage patterns to improve features
- Optimize AI prompt engineering
- Improve safety detection accuracy
- Debug errors and performance issues
2.4 Communication
- Send account-related emails (password resets, subscription changes)
- Notify you of policy violations or account suspension
- Respond to support requests
- Send optional service updates (you can opt out)
3. How We Share Your Information
3.1 Third-Party Service Providers
We share data with trusted partners who help us operate:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database & Authentication | Email, password hash, generated content |
| Anthropic (Claude) | AI Content Generation | Generation prompts, user input (anonymized) |
| OpenAI | Content Moderation & Fallback AI | User input for safety screening (anonymized) |
| Stripe | Payment Processing | Email, subscription tier, Stripe customer ID |
| PostHog | Product Analytics & Performance Monitoring | Anonymous usage events, page views, feature interactions, device/browser info, AI generation metrics. User identified by internal ID only (not email). All tracking requires cookie consent. |
All third-party providers are bound by their own privacy policies and data protection agreements.
3.2 We Do NOT Sell Your Data
✓ We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3.3 Campaign Sharing
When you share a campaign with other users:
- Your display name and campaign description are visible to anyone with the join link
- Character data submitted by players via join links is visible to you (the campaign owner)
- Campaign content (NPCs, plots, encounters) is only visible to confirmed campaign members
- You can revoke join links at any time from your campaign settings — this immediately prevents new access
3.3 Legal Requirements
We may disclose information if required to:
- Comply with legal obligations (court orders, subpoenas)
- Protect our rights, property, or safety
- Prevent fraud or abuse
- Respond to emergencies involving danger of death or serious physical injury
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Generated content | Until you delete it (or 30 days after account deletion) |
| Chat conversations | 7 days (auto-expires) |
| Generation logs | 90 days |
| Safety violation logs | 30 days (hashed only) |
| Analytics data (PostHog) | 12 months (anonymized usage events and performance metrics) |
| Payment records | 7 years (tax compliance) |
5. Your Privacy Rights
5.1 Access & Control
You have the right to:
- Access your data: View all account and generation data via your dashboard
- Export your data: Download all generated content (coming soon)
- Delete content: Remove individual saved items at any time
- Delete your account: Permanently remove all data (except legally required retention)
5.2 GDPR Rights (EU Residents)
If you're in the EU, you have additional rights under GDPR:
- Right to rectification: Correct inaccurate data
- Right to erasure: "Right to be forgotten"
- Right to restrict processing: Limit how we use your data
- Right to data portability: Receive data in machine-readable format
- Right to object: Opt out of certain data uses
5.3 CCPA Rights (California Residents)
California users have rights under CCPA:
- Know what personal information we collect
- Know if we sell or share personal information (we don't)
- Request deletion of personal information
- Opt out of sale (not applicable - we don't sell data)
- Non-discrimination for exercising CCPA rights
5.4 Exercising Your Rights
To exercise any of these rights, contact us at:
- [email protected]
- Privacy Request - [Your Request Type]
- Within 30 days
6. Data Security
6.1 Security Measures
We protect your data using:
- Encryption in transit: All data sent over HTTPS/TLS
- Encryption at rest: Database encryption via Supabase
- Password hashing: bcrypt with salt (via Supabase Auth)
- Session security: HttpOnly, Secure, SameSite cookies
- Access controls: Row-level security (RLS) policies
- Rate limiting: Protection against brute force attacks
6.2 Safety Violation Anonymization
Special Protection for Violation Logs:
- Actual harmful content is never stored
- Only SHA256 hashes are logged (one-way cryptographic fingerprints)
- Hashes cannot be reversed to recover original content
- Logs are automatically deleted after 30 days
- Used only for enforcement and safety improvement
6.3 Limitations
No security system is 100% secure. While we implement industry best practices, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your password.
7. Children's Privacy (COPPA Compliance)
7.1 Age Requirements
⚠️ COPPA Compliance:
- Users under 13: Not permitted under any circumstances
- Ages 13-17: Requires verifiable parental consent
- Ages 18+: No restrictions
7.2 Parental Consent for Teens (13-17)
For users aged 13-17, we collect:
- Parental consent confirmation (checkbox during signup)
- Email address to contact parent/guardian if needed
- Same data as adult users (see Section 1)
Parents can review, modify, or delete their child's data by contacting: [email protected]
7.3 What Parents Should Know
- All content is AI-generated, not user-to-user chat
- Safety systems actively monitor for inappropriate content
- Violations result in account suspension (see Terms of Service)
- Parents can request account deletion at any time
8. International Data Transfers
CritForge operates globally. Your data may be transferred to and processed in countries other than your own, including the United States. These countries may have different data protection laws.
We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) with service providers
- GDPR-compliant data processing agreements
- Adherence to EU-U.S. Data Privacy Framework principles
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via:
- Email notification to registered users
- Prominent banner on the website
- Updated "Last Modified" date at the top
Continued use after notification constitutes acceptance of the updated policy.
10. Contact Us
For questions about this Privacy Policy or to exercise your privacy rights:
- Privacy Officer: [email protected]
- General Support: [email protected]
- Parental Inquiries: [email protected]
- Safety Concerns: [email protected]
- Legal/Compliance: [email protected]
Privacy Commitment Summary
CritForge's Privacy Principles:
- ✓ We collect only what's necessary to provide our service
- ✓ We never sell your personal information
- ✓ Your generated content belongs to you
- ✓ Safety logs are hashed and anonymized
- ✓ You can delete your account and data anytime
- ✓ We're transparent about how AI providers process your data
- ✓ We are committed to complying with GDPR, CCPA, and COPPA
Last Updated: March 20, 2026 | Version 1.1