Skip to content

Legal

Privacy Policy

Last updated: March 2026

Overview

Playprint ("we", "us", "our") provides an SDK and hosted service that turns gameplay behaviour into persistent player profiles (Legends) for asynchronous social play. This Privacy Policy describes what data we collect, how we use it, and your rights.

The short version: We process gameplay decisions only. We do not collect, store, or process personally identifiable information (PII). All user IDs are hashed before they reach our systems.

What Data We Collect

Gameplay Telemetry

When a studio integrates our SDK, we receive:

  • Gameplay decisions — in-game actions, choices, timing, and strategies as defined by the studio's gameplay mapping.
  • Hashed user identifiers — SHA-256 hashed user IDs. We never receive or store unhashed identifiers.
  • Match context — metadata such as total rounds, match duration, and outcome.
  • Game and mapping identifiers — which game and mapping version produced the data.

What We Do Not Collect

  • Names, email addresses, or account credentials (from players)
  • Voice, chat, or text communication
  • Photos, likenesses, or biometric data
  • Device fingerprints, IP addresses, or location data (from players)
  • Payment or financial information (from players)

Studio Account Data

When studios register for a developer account, we collect standard business contact information (name, email, company) to manage the account. This data is stored separately from gameplay telemetry and is never linked to player data.

How We Use Data

Gameplay telemetry is used to:

  • Compute behavioural trait profiles (6 dimensions scored 0-1)
  • Classify player archetypes
  • Generate ghost AI biases for async play (Legends)
  • Provide analytics to studios about aggregate player behaviour

We do not sell gameplay data. We do not use gameplay data for advertising. We do not share individual player data with third parties.

Children's Privacy (COPPA)

Playprint is designed to be safe for children under 13. Because we only process gameplay decisions through hashed identifiers, no parental consent is required under COPPA. We do not collect "personal information" as defined by the Children's Online Privacy Protection Act.

Studios building kids' games can deploy Playprint without additional age-gating or consent flows for the Playprint component of their game.

GDPR Compliance

For users in the European Economic Area:

  • Legal basis: Legitimate interest (providing the contracted service to studios).
  • Right to erasure: Players or studios can request deletion of all data associated with a hashed user ID. Deletions are processed within 30 days.
  • Data portability: Profile data can be exported in JSON format via the API.
  • Data processing agreements: Available for Comply and Enterprise tier customers.

Data Retention

  • Build tier: 90 days
  • Launch tier: 1 year
  • Grow tier: 2 years
  • Comply tier: 2 years + audit log
  • Enterprise: Custom retention per agreement

After the retention period, data is automatically purged.

Data Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is restricted by role-based permissions. We conduct regular security reviews and penetration testing.

Third-Party Services

We use the following third-party services for our website and business operations (not for player data processing):

  • Plausible Analytics — privacy-first website analytics (no cookies, no PII)
  • Email service — for studio account communications only

Changes to This Policy

We'll notify registered studios of material changes via email at least 30 days in advance. Non-material changes take effect when posted.

Contact

For privacy questions or data deletion requests: