Privacy Policy
Last updated: July 2026
1. Introduction
Taverneer (“Taverneer,” “we,” “us,” or “our”) is a United States–based platform for building, managing, and sharing Dungeons & Dragons campaigns, shops, and worlds. This Privacy Policy explains what information we collect when you use the service, how we use it, and the choices you have. By using Taverneer, you agree to the practices described here.
2. Information We Collect
- Account information. Authentication is handled by Supabase Auth. When you sign in with Google OAuth or an email magic-link, we receive your email address and, for Google sign-in, basic profile details such as your name and avatar.
- Content you create. Campaigns, towns, shops, items, maps, characters, and other content you author or generate (“Your Content”), including any share links you create for players.
- Payment information. Subscription billing is processed by Stripe. Your full card details are entered directly with Stripe and are never seen or stored by Taverneer; we retain only a Stripe customer identifier and your subscription status (plan, renewal date, and payment state).
- AI prompts. The text and context you submit to generate content is sent to our AI providers (see Section 4) to produce the requested output.
- Usage and device data. Standard server logs and technical data (such as IP address, browser type, and timestamps) that we use to operate and secure the service.
3. How We Use Your Information
We use the information above to provide and operate the service, authenticate your account, generate the content you request, process subscription payments, maintain security and prevent abuse, respond to support requests, and improve Taverneer. We do not sell your personal information.
4. AI Content Generation
Taverneer generates content using third-party AI models from Google (Gemini) and OpenAI. When you request generation, your prompt and the relevant campaign context are transmitted to the selected provider, which returns the generated result. This processing is governed by the provider’s own terms and privacy practices. Please do not include sensitive personal information in prompts.
5. Third-Party Service Providers
We rely on a small set of processors to run the service, each handling data under its own agreements: Supabase (authentication, database, and file storage), Stripe (subscription payments), Google Gemini and OpenAI (AI content generation), and Vercel (application hosting). We share information with these providers only as needed to deliver Taverneer.
6. Data Storage, Security & Retention
Your data is stored on managed United States infrastructure and protected by database row-level security so that, by default, only you can access your own campaigns and content. We retain your information for as long as your account is active. You may request deletion of your account and associated content as described in Section 8; some records may be retained where required for legal, tax, or fraud-prevention purposes.
7. Cookies & Sessions
We use cookies that are strictly necessary to keep you signed in and to maintain your authenticated session. We do not use them for third-party advertising.
8. Your Rights & Choices
You may access, correct, export, or delete your personal information and Your Content. To make a request, contact us at the address in Section 12. Depending on where you live, you may have additional rights under applicable privacy laws.
9. Children’s Privacy
Taverneer is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us information, please contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy as the service evolves. When we do, we will revise the “Last updated” date above and, for material changes, provide a more prominent notice.
11. Contact
Questions about this policy? Reach us at hello@taverneer.com.