Privacy Policy

1. What we collect

• Email address — used for magic-link sign-in and account identity.
• Authentication metadata — IP, country code, browser User-Agent (hashed), and session timestamps. Stored only to protect your account from session hijacking and to send new-device alerts.
• Optional TOTP secret — encrypted at rest with AES-256-GCM. Used to verify a second factor when you sign in.
• Subscription + payment metadata — Stripe customer ID, subscription ID, last payment status. We never see or store full card numbers; that data is held by Stripe.
• Activity tied to your account — reveals, reports, referrals, points earned/spent. Used to operate the product and prevent abuse.
• License key + last-seen timestamp — if the WarForge app on your machine is reporting intelligence, its license key (the same one you use for the crypt product) and the timestamp of its last successful call.

2. What we don't collect

• Total Battle credentials, in-game character details, chat content, friend lists, or any game-state beyond mercenary-camp signatures.
• Anything we don't actively use. We don't track you across the web, sell your data, or build advertising profiles.

3. How long we keep it

• Account data: until you ask us to delete it, or 12 months after your last sign-in (whichever comes first).
• Session tokens: 24 hours of inactivity, then auto-purged.
• Email magic-link codes: 10 minutes, then auto-purged.
• Reveals and reports: indefinitely as part of the camp-data audit log. Anonymised after account deletion.
• Stripe records: governed by Stripe's own retention policy and applicable financial law.

4. Who we share it with

• Cloudflare — hosts the API, database, and site. Bound by their published data-processing terms.
• Stripe — processes payments. They receive your email + payment method only.
• Resend — sends our transactional emails (magic-link codes, new-device alerts). Receives your email + the email body, nothing else.
• No one else. We do not sell, rent, or trade your data.

5. Other WarForge users see

Admins (just us) see your contribution metrics in the admin dashboard for the purpose of detecting abuse and tuning the product. Other regular users see nothing about you — no leaderboard, no public profile, no exposure of your email. If you use the refer-a-friend feature, the referrer sees a redacted version of your email (first letter + domain only) on their "my referrals" view.

6. Cookies and local storage

We use one HTTP-only session cookie for authentication. The site also uses your browser's localStorage to remember your bearer token between visits and (if you used a refer-a-friend link) the referral code that brought you in (30-day expiry). We do not use third-party tracking cookies or analytics pixels on the merc site.

7. Your rights

You can request a copy of all data tied to your account, correction of anything inaccurate, or full deletion of your account and the data we hold for it, by emailing [email protected]. We respond within 30 days.

8. Security

We hash passwords / recovery codes / device fingerprints, encrypt TOTP secrets at rest, never log full license keys, and rate-limit sensitive endpoints. We don't claim invulnerability, but the design assumes a breach is possible and limits blast radius accordingly.

9. Changes to this policy

Material changes will be reflected on this page with a new "Last updated" date. We will notify active subscribers by email if a change materially affects how we use existing data.

10. Contact

Privacy questions or requests: [email protected].