RoleKey

Privacy Policy

Last updated: April 24, 2026

This Privacy Policy explains what personal data RoleKey ("we", "us") collects, why we collect it, and what rights you have. RoleKey is a platform for creating and running text-based roleplay communities. If anything here is unclear, email us at cronachedirajadunia@gmail.com.

1. Data we collect

When you use RoleKey we collect:

  • Account data — your email address and a hashed password (we never store the password in plain text).
  • Profile data — the display name you choose, and any optional status message, signature, or profile image you add.
  • Technical data — your IP address, browser user agent, and session cookies, used for authentication, rate limiting, and security.
  • Game content — everything you create inside a land: characters, chat messages, private messages, forum posts, uploaded images, and any other content you submit.
  • Activity data — timestamps of logins, last-seen status, and basic audit entries for staff actions (e.g. character edits, moderation).

We do not collect analytics data, advertising identifiers, or third-party tracking data. We do not sell or share your data with advertisers.

2. Why we collect it

  • To provide the service — serving pages, delivering messages, persisting your characters and progress.
  • To authenticate you — verifying your login and keeping your session secure.
  • To keep the platform safe — detecting abuse, preventing spam, investigating violations of our Terms.
  • To contact you about your account — e.g. email confirmations, password resets, security notices.

Under the GDPR, the legal bases we rely on are performance of a contract (delivering the service you signed up for) and legitimate interest (keeping the platform secure).

3. Where your data is stored

Your data is stored on infrastructure operated by Supabase (our database, authentication, and file storage provider), currently hosted in the European Union. Application hosting is provided by Vercel. Both providers act as data processors on our behalf and are bound by their own security and privacy commitments.

If data is ever transferred outside the European Economic Area, we rely on Standard Contractual Clauses or equivalent safeguards provided by our processors.

4. Third parties

We use the following third-party services to run RoleKey:

  • Supabase — database, authentication, real-time messaging, file storage.
  • Vercel — web hosting and content delivery.
  • Google Fonts — font files are loaded from fonts.googleapis.com / fonts.gstatic.com. Google may log the request IP per its own policy.

We do not use analytics providers, advertising networks, or social-media tracking pixels.

5. Cookies

We only use technical cookies that are strictly necessary for the service to work: a Supabase session cookie (keeps you logged in), a theme preference cookie, and a subdomain-resolution cookie used by our multi-tenant routing. We do not use analytics or marketing cookies, so no cookie banner is required under the ePrivacy Directive.

6. How long we keep your data

We keep your data for as long as your account is active. You can delete your account at any time from Settings → Account; deletion removes your platform account, your characters, your private messages, and any lands you own.

Public game content you posted in lands you don't own (chat messages, forum posts) may be retained by those lands as part of their history, since it belongs to the shared story. You can ask the owner of a land to remove specific content, or contact us if they are unresponsive.

Backup copies may persist for up to 30 days after deletion and are then overwritten.

7. Your rights (GDPR)

If you are in the European Economic Area, the UK, or Switzerland, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — delete your account and associated personal data.
  • Portability — receive your data in a machine-readable format.
  • Objection / restriction — object to or restrict certain types of processing.
  • Complaint — lodge a complaint with your local data protection authority.

To exercise these rights, email cronachedirajadunia@gmail.com. We respond within 30 days.

8. Security

Passwords are stored hashed via Supabase Auth. Data in transit is encrypted with TLS. Access to production data is restricted to the operators of RoleKey. Despite our best efforts, no online service can be 100% secure — if we become aware of a breach that affects you, we will notify you as required by law.

9. Age requirement

RoleKey is not intended for users under 16 years of age. By creating an account you confirm that you are at least 16. If we learn that we have collected data from a user under 16, we will delete the account and associated data.

10. Changes to this policy

We may update this policy from time to time. If we make material changes we will notify registered users by email or by a prominent notice in the product. The "Last updated" date at the top of this page always reflects the current version.

11. Contact

Data controller: the operator of RoleKey. For any privacy question, data request, or complaint, email cronachedirajadunia@gmail.com.