Our Story logo

Privacy Policy

Last updated: 2026-05-18

This Privacy Policy describes how Our Story (operating at our-story.ai, "we", "us") collects, uses, and shares information when you use the Service through our website, our iOS or Android app, or any other client we publish. By using the Service you agree to the practices described here.

1. Information we collect

Account information

When you create an account we collect:

  • Username
  • Email address
  • Password (stored only in hashed form using Argon2id; we never store your plaintext password)
  • First and last name
  • Date of birth (used to verify the 18+ requirement)
  • Country code (optional)
  • Marketing opt-in preference
  • Terms acceptance timestamp

Gameplay content you submit

The Service is a shared-pawn game, so most of the content you submit is, by design, visible to other players. We collect and store:

  • Votes and commands you cast on a pawn (verb, target, free-form intent text)
  • "After-bang" LLM context notes included in commands
  • Chat messages (say, tell)
  • Pawn names, objective descriptions, skill implementation descriptions you create
  • World seeds and world names you provide
  • Pawn favorites you select
  • The history of which user submitted which vote (used for vote attribution and abuse detection)

Anything in this category is treated as shared content: it is visible to other participants in the same world or pawn and persists in the shared world state.

AI generation inputs and outputs

When we generate narration, descriptions, or images on your behalf or on the shared world's behalf, we collect:

  • Prompts and context sent to our LLM and image-generation providers (which can include any of the gameplay content above)
  • The LLM/image responses themselves, including generated text, JSON metadata, and image URLs
  • Logs of generation use cases, timing, and outcomes for debugging, abuse review, and quality improvement

Technical and session data

  • Authentication session (JWT cookie)
  • Approximate IP and user-agent from server logs
  • GraphQL subscription connection state while you have the Service open

On-device storage

The web client stores some data in your browser's localStorage and sessionStorage, including a cached verb-catalog manifest, UI preferences, and tutorial dismissal flags. The iOS and Android apps may use the platform's equivalent local-storage mechanism for the same purposes. This local data is not transmitted to our servers unless an action requires it.

2. How we use your information

We use the information we collect to:

  • Operate the Service — authenticate you, run the shared simulation, deliver subscriptions, resolve votes, and run the game world tick-by-tick.
  • Generate AI content — produce narration, descriptions, dialogue, and imagery using third-party LLM and image-generation providers (see Section 3).
  • Moderate — detect abusive content, abusive prompts, and Terms violations, and take corrective action.
  • Debug and improve — investigate incidents, fix bugs, and improve gameplay balance and AI prompt quality.
  • Communicate with you — send account, security, and (if you have opted in) product-update emails.

We do not sell your personal information.

3. Third-party providers we share data with

To run the Service we share data with the following categories of provider. We minimize what is shared and use providers only for the purpose listed.

LLM providers (OpenAI, Ollama-compatible hosted endpoints)

  • Data shared: prompts and context — which may include your gameplay-content submissions, pawn state, and world state — required to produce narration or AI decisions.
  • Purpose: generate text completions, AI pawn decisions, and structured narration.

Image-generation providers

  • Data shared: text prompts describing pawns, scenes, or objectives.
  • Purpose: generate avatar and scene imagery for the shared world.

Cloud hosting and database providers

  • Data shared: all stored Service data (account records, hashed passwords, world state, generated images, logs).
  • Purpose: host the database, Redis cache, object storage, and backend servers.

Mobile app stores (when iOS/Android clients ship)

  • Data shared: as required by the store (anonymous device identifiers, crash reports, in-app purchase receipts if offered).
  • Purpose: distribute the app, deliver updates, process platform-billed purchases.

4. Cookies and tokens

Item Purpose Type Duration
auth_token Keeps you signed in HTTP-only, Secure, SameSite Up to 30 days
GraphQL session WebSocket auth for live subscriptions In-memory Per session

The auth_token cookie is essential; the Service will not function while signed in without it. It is HTTP-only (not readable by JavaScript) and transmitted only over HTTPS in production.

5. Data retention

  • Account data — retained for as long as your account is active.
  • Shared-world content (votes, chat, generated narrative and images) — retained as part of the shared world after your account is closed, because removing it would damage other players' story state. We will, on request, disassociate your account identifier from your past contributions where technically practical.
  • LLM/image-generation logs — retained for a limited window (typically 30–90 days) for debugging and abuse review, then deleted or aggregated.
  • Server logs — retained for a limited window for security and incident response.
  • Local-storage data — persists on your device until you clear it.

6. Data security

We implement reasonable security measures, including:

  • Password hashing using Argon2id.
  • HTTPS for all data in transit between client and server in production.
  • HTTP-only Secure SameSite cookies for authentication tokens.
  • JWT session tokens signed and validated on every request.
  • Redis and Postgres access scoped to the backend service.

No system is 100% secure. We cannot guarantee absolute security and you use the Service at your own risk.

7. Your rights

Depending on your jurisdiction you may have the right to:

  • Access a copy of the personal information we hold about you.
  • Correct inaccurate or incomplete information.
  • Delete your account; see Section 5 for what happens to shared-world contributions you have already made.
  • Withdraw consent for marketing communications at any time.
  • Object to certain processing.
  • Data portability — receive your account data in a machine-readable format.

To exercise these rights, contact us at sam@itsmystory.ai.

8. Children's privacy

The Service is not intended for anyone under 18. We collect date of birth at signup and reject accounts that fail the 18+ check. If we learn we have collected personal information from someone under 18, we will delete it. If you believe we have collected information from a minor, please email us.

9. International users

The Service is operated from the United States and data is processed in the United States and in the regions our cloud providers operate. By using the Service from outside the United States you consent to this transfer.

10. Mobile platforms

If you access the Service through our iOS or Android app, the platform you use (Apple iOS or Google Android) may collect its own diagnostic, crash, and purchase data subject to that platform's own privacy policy. We receive only the aggregate or pseudonymous data the platform forwards to us (for example, anonymous crash traces or in-app-purchase receipts).

11. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be announced in-product or by email where we have a verified address on file.

12. Contact

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, email us at sam@itsmystory.ai.