Privacy Policy

Last updated: January 6, 2025

1. Introduction

Polyhedral ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you use our AI-enhanced tabletop RPG platform.

2. Information We Collect

2.1 Account Information

  • Account Details: Email address, username, profile information
  • Authentication Data: Password hashes, login sessions, security tokens
  • Profile Data: Display name, avatar images, preferences and settings

2.2 Game Content

  • Game Data: Game sessions, character information, campaign details
  • Chat Messages: Text conversations with other players and AI participants
  • File Uploads: PDFs, images, documents shared in games
  • Notes and Documentation: Game notes, rules, and custom content

2.3 Audio and Voice Data

  • Voice Recordings: Audio captured for transcription purposes
  • Transcribed Text: Speech-to-text conversions of voice recordings
  • Audio Preferences: Voice selection and audio settings

2.4 AI Interaction Data

  • Prompts and Responses: Messages sent to and received from AI systems
  • Usage Patterns: How you interact with AI features and tools
  • Preference Data: AI personality settings, role configurations

2.5 Technical Information

  • Device Data: Browser type, operating system, device identifiers
  • Usage Analytics: Page views, feature usage, session duration
  • Performance Data: Error logs, response times, system performance
  • Network Information: IP address, location data (general geographic region)

2.6 Cookies and Tracking

  • Essential Cookies: Authentication, session management, security
  • Analytics Cookies: Usage tracking, performance monitoring
  • Preference Cookies: User settings, interface customization

3. How We Use Your Information

3.1 Service Provision

  • Platform Operation: Providing core RPG platform functionality
  • Account Management: User authentication, profile management
  • Game Facilitation: Enabling multiplayer games and AI interactions
  • Content Storage: Saving and organizing your game content

3.2 AI Services

  • Content Processing: Analyzing uploads for search and AI enhancement
  • Response Generation: Creating AI-powered game master and player responses
  • Personalization: Customizing AI behavior based on your preferences
  • Context Understanding: Processing game history to provide relevant AI responses

3.3 AI Training and Model Improvement

  • No Training Data Usage: Your content is never used to train or improve AI models
  • Provider Selection: We specifically choose AI providers who do not train on user data
  • Immediate Processing Only: AI interactions are processed solely for real-time response generation
  • No Persistent Storage: User data is not stored by AI providers for training purposes
  • Aggregated Analytics: Only anonymized, aggregated usage patterns may inform platform improvements

3.4 Platform Improvement

  • Feature Development: Understanding usage to build better features
  • Performance Optimization: Improving platform speed and reliability
  • Bug Detection: Identifying and fixing technical issues
  • Security Enhancement: Protecting against threats and abuse

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

Supabase (Database and Authentication)

  • Purpose: User authentication, data storage, real-time features
  • Data Shared: Account information, game content, usage data
  • Location: Distributed globally with data residency controls
  • Privacy Policy: https://supabase.com/privacy

Anthropic (AI Services)

  • Purpose: AI-powered game master and player functionality
  • Data Shared: Game context, chat messages, user prompts
  • Processing: Temporary processing for response generation
  • Privacy Policy: https://www.anthropic.com/privacy

Vercel (Hosting and Analytics)

OpenAI (Speech Services)

  • Purpose: Text-to-speech and speech-to-text functionality
  • Data Shared: Voice recordings, text for speech generation
  • Processing: Real-time processing for audio features
  • Privacy Policy: https://openai.com/privacy

4.2 Legal Requirements

We may disclose your information when required by law, including:

  • Legal Process: Court orders, subpoenas, legal investigations
  • Safety Protection: Preventing harm to users or the public
  • Rights Enforcement: Protecting our intellectual property and rights
  • Regulatory Compliance: Meeting applicable legal obligations

5. Data Security and Protection

5.1 Security Measures

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Limited access to personal data
  • Authentication: Multi-factor authentication for sensitive operations
  • Monitoring: Continuous security monitoring and threat detection

5.2 Data Retention

  • Account Data: Retained while your account is active
  • Game Content: Stored for the duration of game sessions
  • Analytics Data: Aggregated data retained for platform improvement
  • Legal Requirements: Some data retained to meet legal obligations

6. Your Privacy Rights

6.1 Access and Control

  • Data Access: Request copies of your personal data
  • Account Management: Update or correct your account information
  • Content Control: Manage, edit, or delete your game content
  • Setting Preferences: Control privacy and communication settings

6.2 Deletion Rights

  • Account Deletion: Delete your account and associated data
  • Content Removal: Remove specific content or game sessions
  • Processing Cessation: Stop processing of your personal data
  • Retention Limits: Data deleted according to retention schedules

7. International Data Transfers

7.1 Global Operations

  • Multi-Region: Services operate across multiple geographic regions
  • Data Residency: Efforts made to keep data in your region when possible
  • Transfer Safeguards: Appropriate protections for international transfers
  • Compliance: Adherence to applicable international data protection laws

7.2 Regional Considerations

  • GDPR Compliance: European users have additional rights under GDPR
  • CCPA Compliance: California residents have specific privacy rights
  • Local Laws: Compliance with applicable local privacy regulations

8. Children's Privacy

8.1 Age Restrictions

  • Minimum Age: Service intended for users 13 years and older
  • Parental Consent: Users under 18 should have parental guidance
  • COPPA Compliance: No knowing collection of data from children under 13

9. Cookies and Tracking Technologies

9.1 Cookie Management

  • Browser Controls: Manage cookies through browser settings
  • Opt-Out Options: Disable non-essential cookies when possible
  • Third-Party Cookies: Some features may use third-party cookies
  • Impact Notice: Disabling cookies may affect platform functionality

10. Changes to This Privacy Policy

10.1 Policy Updates

  • Regular Review: Privacy policy reviewed and updated periodically
  • Change Notification: Users notified of significant changes
  • Effective Date: Changes take effect on the date specified
  • Continued Use: Using the service after changes constitutes acceptance

11. Contact Information

11.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices, please contact our support team. We aim to respond within 30 days and can escalate requests to our Data Protection Officer when needed.

This Privacy Policy is effective as of the last updated date and applies to all users of Polyhedral. We encourage you to review this policy regularly to stay informed about how we protect your privacy.