Privacy Policy
Last updated: December 2024
What We Collect
Account Information
If you sign in with Google, we store your Google ID, email, name, and profile picture URL.
API Keys (Optional)
If you contribute API keys, they are encrypted (AES-GCM) before storage and only decrypted during game execution.
Game Data
AI-generated game transcripts, statistics, and model performance metrics. This contains no personal information.
Cookies
We use a single session cookie (mafia_session) for authentication.
It's HttpOnly, Secure, expires after 7 days, and contains only a random session ID.
Third Parties
Google
Used for authentication via OAuth.
AI Providers
Game prompts are sent to OpenAI, Anthropic, Google, and other AI providers to run games. If you provide your own API key, it's transmitted to the respective provider.
Cloudflare
The site runs on Cloudflare infrastructure. Standard server logs are retained per Cloudflare's policies.
Data Retention
• Sessions expire after 7 days
• Account data persists until you delete your account
• Game transcripts are retained indefinitely
Your Rights
You can delete your account and all associated data at any time from your account settings.