AnyTale

AnyTale RPG

Privacy Policy

How ANYTALE LLC handles information across the Service.

Last updated: June 2, 2026

Privacy Policy

This Privacy Policy explains how ANYTALE LLC (“ANYTALE”, “we”, “us”) collects, uses, shares, and protects information when you use AnyTale RPG (the “Service”).

1. Who we are

Controller (data responsible party): ANYTALE LLC.

Contact: privacy@anytalerpg.com (or use the in-app support/report features).

2. Information we collect

A. Information you provide

Account and profile

  • Email address, username, and a password (stored as a cryptographic hash, not in plain text).
  • Profile details you choose to add, such as avatar image URL, cover image URL, and bio.
  • Preferences such as theme preference and language.

User-generated content

  • Campaigns (title/description, settings, join/invite key, public listing details, content rating).
  • Characters (name, avatar, character sheet data) and GM notes you add (which may include “secrets” for planning/AI).
  • In-game chat and logs (in-character, out-of-character, system, dice/roll metadata, whispers), direct messages, and conversations.
  • Social content such as posts, comments, likes, follows, notifications, communities and community posts.
  • LFG posts and reviews.
  • Reports/complaints and moderation-related messages you submit.

Uploads

  • Images you upload (e.g., avatars, campaign banners, character images, chat images). Uploads may be stored and served from object storage/CDN and may be accessible to anyone who has the URL.

Billing and purchases

  • If you purchase a subscription, add-on, AI credit pack, donation, or other paid feature, we collect and store purchase-related records such as your user ID, selected product, plan/tier, price snapshot, transaction/session identifiers, subscription status, renewal/cancellation status, credit balances, usage/reservation records, billing audit events, support/dispute records, and your acceptance of billing-related terms.
  • Payment card numbers and sensitive payment credentials are processed by our payment processor and are not stored by us. We may receive limited billing details from the payment processor, such as customer ID, invoice/payment IDs, billing address status, payment status, refund/dispute status, and tax/compliance metadata where applicable.

B. Information we collect automatically

Device and network data

  • IP address, user agent, and basic request metadata (e.g., timestamp and requested endpoint) in server logs.
  • Connection identifiers and metadata for real-time features (e.g., WebSocket/Socket.IO connections).

Usage and feature metrics (first-party)

  • Feature-related counters and state used to operate the Service (for example, play time minutes, social progression values, and AI usage quota counters).
  • Storage quota and media usage records, including file size, content type, storage object identifiers, and whether usage is billed to the uploader or campaign owner.
  • AI usage records needed to operate quotas, credits, fair-use controls, abuse prevention, billing, debugging, and provider routing. These records may include request metadata, model/provider routing metadata, token/credit estimates, reservation records, timing, errors, and limited context needed to diagnose or enforce the Service.

Push notifications

  • If you enable web or PWA push notifications, we store push subscription endpoint data, related browser/device metadata, notification preferences, and delivery state needed to send and manage notifications.
  • Depending on your settings, notifications may include preview text or private/whisper previews. You can disable previews or notifications in the Service or through your browser/device settings.

C. Information from cookies and similar technologies

We use:

  • A strictly necessary authentication cookie (e.g., auth_token) to keep you signed in and to secure API/WebSocket requests.
  • Local storage in your browser for certain preferences and convenience (for example, saved language choice and a cached copy of basic user profile data).
  • Browser APIs for optional installed-app and push-notification features when you choose to enable them.

3. How we use information

We use information to:

  • Provide, maintain, and improve the Service (accounts, gameplay, social features, messaging, real-time sessions).
  • Authenticate you, prevent fraud/abuse, enforce rate limits, and secure the Service.
  • Store and display your profile and content according to your settings (public/private campaigns, public profiles, etc.).
  • Moderate content and respond to reports.
  • Operate AI-assisted features when you request them.
  • Process payments, subscriptions, billing support, refunds where applicable, fraud prevention, chargeback/dispute evidence, tax/compliance requirements, and paid feature access.
  • Enforce storage limits, AI credit limits, paid plan limits, fair-use controls, and abuse-prevention rules.
  • Send optional push notifications and in-product notifications according to your settings.
  • Communicate with you about important Service updates (where applicable).

4. AI features and third-party processing

If you use AI features (e.g., rewriting/polishing, summaries, NPC actions, referee interpretation, assistant chat, image/avatar generation, system-building tools, or other generation/assistant features), we send the text, images, metadata, and context reasonably needed to fulfill your request to AI infrastructure providers, model providers, routing/proxy providers, or related service providers selected by us.

Our AI provider stack may change over time and may include direct or indirect access to hosted model providers, gateway/proxy providers, inference providers, model routers, safety/moderation providers, image-generation providers, and observability/billing infrastructure. We may add, remove, replace, or route between providers without updating this Privacy Policy each time, provided the processing remains consistent with this Policy.

Depending on the feature, this context may include:

  • The text you submit,
  • Recent in-game chat/log excerpts (which may include other players’ messages in your campaign),
  • Campaign, scene, character, sheet, lore/world, GM note, roll, system, or page/context information used to provide the assistant response,
  • Uploaded or generated images when required by an image-related feature,
  • Account tier, quota, credit, and routing metadata needed to authorize and bill the request.

Do not include sensitive personal information, passwords, API keys, payment card data, private keys, government IDs, medical information, or other highly sensitive data in AI requests. Third-party AI providers process data under their own terms, privacy policies, security practices, and retention rules, which may differ from ours. We do not guarantee that AI providers will treat inputs as confidential beyond their own commitments to us or to you.

5. How we share information

We may share information:

  • With other users, when you choose to post content, join campaigns, send messages, create public content, or otherwise interact socially. What’s visible depends on your settings and the features you use.
  • With service providers that help us run the Service (for example, hosting/infrastructure, object storage for images such as Cloudflare R2-compatible storage, and AI providers for AI features). These providers process data on our behalf to deliver the Service.
  • With payment and billing providers, including payment processors, subscription platforms, fraud/dispute tools, tax/compliance providers, and related billing infrastructure.
  • With push notification providers and browser/device push services, when needed to deliver notifications you enable.
  • For legal and safety reasons if we believe disclosure is necessary to comply with law, enforce policies, protect rights/safety, or prevent abuse.

We do not sell your personal information.

6. Data retention

We retain information for as long as needed to:

  • Provide the Service and your account,
  • Maintain game and social features (including logs/messages/content you and others create),
  • Comply with legal obligations, resolve disputes, and enforce agreements,
  • Maintain billing, tax, accounting, refund, chargeback, dispute, security, and abuse-prevention records for a reasonable period.

If you request deletion, some data may remain where it is necessary for legitimate interests (e.g., security logs) or where your content is intertwined with other users’ experiences (e.g., campaign logs), unless we can remove or anonymize it.

Paid access, billing records, credit usage records, support records, dispute evidence, and fraud-prevention records may be retained after account deletion where reasonably necessary to comply with law, defend claims, prevent abuse, resolve chargebacks, or enforce our agreements.

7. Security

We use reasonable technical and organizational measures to protect information, including access controls and password hashing. No method of transmission or storage is 100% secure.

8. Your choices and rights

Depending on your location, you may have rights to:

  • Access, correct, or delete your personal information,
  • Object to or restrict certain processing,
  • Request a copy/portability of certain data.

To exercise rights, contact us at privacy@anytalerpg.com. You can also update certain profile information within the Service.

9. International data transfers

We may process and store information in countries other than where you live, including where our service providers operate. These countries may have different data protection laws.

10. Children’s privacy

The Service is not directed to children under 13 (or the minimum age required by local law). If you believe a child has provided personal information, contact us so we can take appropriate action.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version and update the “Last updated” date.

12. Contact

Privacy inquiries: privacy@anytalerpg.com

Company: ANYTALE LLC

This Privacy Policy is incorporated into the AnyTale Terms of Service.