首页功能关于价格常见问题维基
登录

Privacy Policy

Decision Craft is operated by Aliansact France (SIREN 832 019 608), registered in France. For any privacy-related inquiry, contact us at decisioncraft@aliansactfrance.com.

1. Information We Collect

1.1 Account Information

When you sign up via an OAuth provider (Google, Discord, Twitch, or X / Twitter) or via magic-link email, we receive and store:

  • Your email address
  • Your display name and avatar URL (from the OAuth provider)
  • A unique user identifier

1.2 Profile & Preferences

  • Username you choose
  • NSFW content preference (opt-in toggle, available only to users 18+)
  • Avatar visibility preference
  • Terms acceptance status
  • Account role and subscription type
  • Credit balance and free credit balance

1.3 Game Data

Messages, stories, character sheets, choices, images, and all content generated during gameplay are stored to provide the service (save/resume games, continuity, AI generation).

1.4 Technical & Security Data

  • IP address — recorded on login for security, fraud prevention, and legal compliance
  • Last connection timestamp
  • Device type, browser, and operating system (via standard HTTP headers)
  • Moderation records — if your account is suspended or banned for violations, we retain a record of the ban for security and abuse prevention purposes

1.5 Payment Information

Payments are processed by Stripe. We never see or store your full card number. We store Stripe customer IDs, subscription status, payment intent IDs, and transaction records (amounts, dates, credit grants) for billing and accounting purposes.

2. How We Use Your Information

  • Provide the Service — game logic, AI text and image generation, save/resume, multiplayer coordination
  • Security & Abuse Prevention — fraud detection, rate limiting, enforcing content rules
  • Billing — process subscriptions, credit packs, and refunds via Stripe
  • Improve Reliability — error tracking, performance monitoring (without logging sensitive story content)
  • Legal Compliance — respond to legal requests and enforce our Terms of Service

We do not sell your personal data. We do not use your game content for advertising.

3. AI-Generated Content & Third-Party Providers

Decision Craft uses artificial intelligence for text generation (via xAI Grok, Google Gemini, and OpenAI GPT-OSS) and image generation (via Black Forest Labs FLUX.2 [klein] and Illustrious XL, accessed through the Runware platform). These are examples of providers/models we currently use, and we may add, remove, or replace models/providers over time.

To generate responses and images, relevant game context (story, character info, scene descriptions) is sent to these third-party AI providers. These providers process data according to their own terms and privacy policies. We use API configurations that minimize data retention on provider side where available.

AI content is not guaranteed to be accurate. Outputs may contain errors, inconsistencies, or unexpected content. Some retries are provided free of charge when generation fails.

4. Cookies & Local Storage

We use the minimum amount of cookies and local storage necessary to operate the service:

Essential (always active)

  • Authentication token — Supabase session cookie/local storage for login persistence
  • Last OAuth provider — remembers which sign-in method you used
  • Confidential mode — your preference for hiding sensitive content on screen
  • Theme preference — light or dark mode

Optional

  • Analytics consent — we store your choice (accept/deny) in local storage. If you accept, we may load analytics scripts (e.g. Google Analytics) to understand general usage patterns. You can deny and still access the full service.

We do not use advertising cookies. We do not use cross-site tracking cookies.

5. Data Sharing & Disclosure

We may share your information with:

  • AI providers (including OpenAI, xAI, Google, Runware, and other providers/models we may use) — game context for generation purposes only
  • Stripe — payment processing
  • Supabase — authentication and database hosting
  • Analytics providers — only if you consent (anonymized usage data)
  • Law enforcement — when required by law or to protect the safety of our users

We do not read your game content by default. Human access to user content may occur exceptionally for: support at your request, investigation following abuse reports, security incidents, or legal obligations. Such access is restricted, logged, and subject to a legitimate need.

6. Data Retention

  • Account and profile data are retained while your account is active.
  • Game data (stories, characters, choices) is retained while your account is active.
  • Payment records are retained as required by applicable accounting and tax laws.
  • IP addresses and security logs are retained for a reasonable period for security purposes.
  • After account deletion, data is purged from the live database immediately. Backup purge occurs within the next backup rotation cycle.

7. Your Rights (GDPR & Applicable Law)

If you are located in the European Union or in a jurisdiction with similar data protection laws, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct inaccurate data
  • Erasure — delete your account and data (available self-service in your profile settings)
  • Data Portability — request an export of your data
  • Restriction & Objection — limit or object to certain processing
  • Withdraw Consent — for optional processing (e.g., analytics)

To exercise these rights, email us at the address mentioned above.

8. Account Deletion

You can delete your account at any time from your profile settings. Upon deletion:

  • If an active subscription exists, we first request immediate cancellation via Stripe.
  • Your profile, game data, characters, and stories are permanently deleted from the live database.
  • Remaining credits are forfeited and are non-refundable.
  • Backup data is purged within the next backup rotation cycle.
  • Certain data may be retained as required by law (e.g., payment records for tax/accounting obligations).

9. Children's Privacy

Decision Craft is available to users aged 13 and older. Users under 13 are not permitted to create an account or use the service. Adult content features (NSFW) are strictly restricted to users who are 18 years of age or older.

If we become aware that a user under 13 has created an account, we will promptly delete the account and associated data.

10. Security

We implement industry-standard security measures including HTTPS/TLS encryption in transit, access controls, and rate limiting. However, no method of transmission or storage is 100% secure. We apply measures proportionate to the sensitivity of the data but cannot guarantee absolute security.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via a notice on the website. Continued use of the service after changes constitutes acceptance of the updated policy.