Privacy Policy

Last updated: [LAST_UPDATED]

Introduction

This Privacy Policy explains how GameAssist ("we", "us") collects, uses, and protects your personal data when you use our website and services. If you have any questions, contact us at [CONTACT_EMAIL].

What data we collect

We collect only what we need to provide the service:

  • Account information โ€” email address, name, and profile picture, received from Google or GitHub when you sign in via OAuth.
  • Activity data โ€” games you create or play, scores, quiz answers, and broadcast usage. This is needed to make the games work and to show you your history.
  • Payment information โ€” when you purchase premium, our payment processor (acting as Merchant of Record) handles the transaction. We receive only the order reference and amount. We do not see or store your card details.

How we use your data

  • To provide and improve the service
  • To prevent abuse and protect other users
  • To respond to support requests
  • To comply with legal obligations

We do not sell your data, and we do not use it for advertising.

Third parties we work with

The following third-party services receive limited data when you use specific features:

  • Google OAuth and GitHub OAuth โ€” used for sign-in. They confirm your identity and share your email, name, and public profile picture with us.
  • OpenRouter โ€” used by our AI quiz generation feature. When you generate a quiz, your prompt is sent to OpenRouter, which routes it to an underlying language model provider.
  • Our payment processor โ€” acts as Merchant of Record for premium purchases, handling billing, taxes, and refunds on our behalf.

Cookies

We use a small number of strictly necessary cookies to keep you signed in and to remember your preferences. We do not use any third-party tracking cookies. See our Cookie Policy for the complete list.

Data retention

We keep your data for as long as your account exists. If you delete your account, we remove or anonymize your personal data within 30 days. Backups containing your data are purged within 90 days.

Your rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Receive your data in a portable format
  • Object to or restrict certain processing

To exercise any of these rights, email [CONTACT_EMAIL]. We respond within 30 days.

Security

Your data is stored on our servers using industry-standard security practices. Communication between your browser and our service is encrypted with TLS. Authentication tokens are stored as HTTP-only cookies.

Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Significant changes will be communicated to registered users by email.

Governing law

This Privacy Policy is governed by the laws of [JURISDICTION].

Contact

For privacy-related questions or to exercise your rights, contact us at [CONTACT_EMAIL].