Privacy Policy
Effective: May 2, 2026·Canonical English version.
1. Who is the controller
an individual sole developer based in Ukraine, operating the “Playthread” brand(“Playthread,” “we,” “us”) is the data controller for personal data processed through the Service. You can reach us at playthreadgame@gmail.com.
2. The short version
- We collect what we need to run the Service: an account identifier, the stories you create, billing records, and basic technical logs.
- We send your prompts to AI providers so they can generate scenes, images, and audio. We pick providers and tiers that contractually disallow training on customer data where reasonably available.
- We do not sell personal data. We do not use your prompts to train our own models.
- You can export or delete your data at any time. Deleting your account deletes your stories.
3. What we collect
Account data (via Clerk)
Authentication and account management are handled by Clerk Inc. When you sign up, Clerk collects what you provide (email, name, optionally an OAuth identity from Google/Apple/etc.) and assigns you a persistent user ID that we store on our side. We never see your password.
Guest session
If you use the Service without signing in, we set a long-lived first-party cookie (pt_session) with a random identifier so we can attach the stories you create to your browser. No personal data is in this cookie.
Story content
World descriptions, choices, free-text actions, generated narration, generated images, generated audio, and any feedback or ratings you give. These are linked to your account or guest session.
Billing data
We do not currently process payments. There is no live checkout flow, no recurring billing, and we do not collect billing data (name on card, billing address, card number, etc.) anywhere in the Service. When paid plans become available we will name the third-party payment provider that processes payments, describe what data they collect, and link to their privacy notice from this section.
Operational logs and analytics
We log basic technical data necessary to operate and secure the Service: timestamps, request paths, status codes, IP-derived country (via Vercel), provider/model used for each generation, and token / cost figures. We use Vercel Analytics and Vercel Speed Insights for aggregate, non-identifying performance metrics.
Hashed IP for abuse prevention
For anonymous (signed-out) traffic, we store a salted, truncated SHA-256 hash of the client’s IP address alongside each AI-generation event. The raw IP is never written to our database. This hash exists solely to enforce a per-IP daily cost ceiling that prevents a single network from exhausting our AI budget by rotating cookies. The hash is keyed on a server-side secret (a “pepper”) that makes it computationally impractical to recover the original IP from the stored value. We do not link this hash to advertising, profiling, or third parties.
Push notifications (optional)
If you opt in, we store the Web Push endpoint and keys for your browser so we can send re-engagement notifications. You can revoke these at any time in your browser settings.
4. Why we process it (legal bases)
- To provide the Service — generating scenes/images/audio from your prompts, persisting your stories, enforcing per-tier usage limits. Legal basis: performance of the contract.
- To keep it secure — abuse detection, rate limiting, fraud prevention. Legal basis: legitimate interests.
- To bill you — when you have a paid plan. Legal basis: performance of the contract.
- To send service emails — welcome message, billing receipts, security notices. Legal basis: performance of the contract / legitimate interests.
- To send re-engagement push notifications — only if you opt in. Legal basis: consent.
- To comply with law — where we receive a valid legal request.
5. AI providers and what they receive
To generate scenes, images, and audio, we send the relevant prompt and necessary context to one or more of the following providers, selected at runtime based on availability and quality:
- Anthropic — text generation (Claude models).
- OpenAI — text generation (GPT models).
- Google — text generation (Gemini models).
- Groq — fallback text generation.
- fal.ai — image and ambient-audio generation.
We do not send your raw email address or billing info to AI providers. We do send a short context window of the current story (recent scenes, established facts, your latest action). Each provider acts as our processor under their published API terms; we choose API tiers that, where reasonably available, disable training on customer inputs.
6. Other processors
- Vercel — hosting, edge network, analytics, speed insights.
- Clerk — authentication and account management.
- Neon (Neon, Inc.) — managed Postgres, EU region (Frankfurt, Germany) — managed Postgres for story and account data.
- Resend — transactional email delivery.
Each processor is bound by a data-processing agreement and only handles your data on our behalf. A current list of sub-processors is available on request.
7. Cookies and similar technologies
- pt_session — first-party, HTTP-only, ~1 year. Holds an opaque guest-session ID so anonymous stories can be attached to a browser.
- Clerk session cookies— set by Clerk to keep you signed in. See Clerk’s policy at clerk.com/legal/privacy.
- Locale cookie — remembers your language choice.
- Analytics cookies — Vercel Analytics uses cookieless, non-identifying telemetry by default. We do not use ad-tech tracking.
8. International transfers
Our processors are based in the United States and the European Union. Where personal data is transferred outside your country, the transfer is covered by an adequacy decision or by Standard Contractual Clauses with the relevant processor.
9. How long we keep data
- Account data — for as long as your account exists.
- Stories — until you delete them, or until your account is deleted.
- Operational logs — typically 30–90 days, longer where required for security investigations or legal compliance.
- Billing records — for the period required by tax and accounting laws (typically 7 years).
- Backups — encrypted, rotated on a short cycle; deletions propagate within the rotation window.
10. Your rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you;
- correct inaccurate or outdated data;
- delete your data (“right to be forgotten”);
- object to or restrict certain processing;
- port your data to another service;
- withdraw consent (e.g. for push notifications) at any time;
- lodge a complaint with your local data-protection authority. In the EU/UK this is your national supervisory authority; in California, the California Privacy Protection Agency.
To exercise any of these rights, email playthreadgame@gmail.com. You can also delete your account directly from the account portal at any time.
11. Children
The Service is for users 18 years of age or older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, please contact us and we will delete it.
12. Security
Data in transit is encrypted with TLS. Data at rest is encrypted by our managed providers. Access to production systems is restricted to a small number of authorized engineers. No system is perfectly secure; if we ever detect a personal-data breach affecting you, we will notify you in accordance with applicable law.
13. Changes to this Policy
We update this Policy when we change processors, introduce new features, or where required by law. The “Effective” date above always reflects the latest version. For material changes we will provide reasonable notice in the Service or by email.
14. Contact
Privacy questions, deletion requests, or right-of-access requests can be sent to playthreadgame@gmail.com. The controller is an individual based in Ukraine and has not currently appointed a representative in the European Union or the United Kingdom under GDPR Article 27 or the UK GDPR equivalent. EU/UK users may exercise all of their rights directly with us at the email above; if a representative becomes required, this section will be updated.