Mythora

Privacy Policy

Last updated: March 12, 2026

Welcome to Mythora (“we,” “us,” or “our”). We operate the website mythora.app and provide an AI-powered persistent world platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read it carefully.

1. Information We Collect

Information you provide directly

  • Account information: email address, display name, and profile details when you register.
  • User-generated content: world seeds, narrative inputs, and in-game actions you submit.
  • Communications: messages you send to us via email or support channels.

Information collected automatically

  • Log data: IP address, browser type, pages visited, referrer URL, and timestamps.
  • Device data: operating system, screen resolution, and language preferences.
  • Usage data: features accessed, session duration, and click-stream behavior.
  • Cookies and similar tracking technologies (see Section 3).

Information from third parties

  • OAuth providers (e.g., Google, Discord) if you choose to sign in via those services.
  • Payment processors for subscription and billing details (we do not store raw card data).

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain the Mythora platform.
  • To personalize your experience and generate AI-driven world content.
  • To process transactions and manage subscriptions.
  • To send transactional emails (account confirmation, password reset) and, with your consent, marketing communications.
  • To monitor and analyze usage trends to improve the service.
  • To detect, prevent, and address fraud, abuse, and security issues.
  • To comply with legal obligations.

3. Cookies & Tracking Technologies

We use cookies and similar technologies (local storage, session storage) to operate the service and understand how you interact with it.

  • Essential cookies: Required for authentication, security, and core functionality. Cannot be disabled.
  • Analytics cookies: Used via Google Analytics 4 to measure traffic and usage patterns. Only activated after you accept our cookie banner.
  • Preference cookies: Store your settings such as language and theme choices.

You can manage your cookie preferences at any time through the cookie banner or your browser settings. Note that disabling non-essential cookies may limit some features.

4. Third-Party Services

We integrate with the following third-party services that may process your data:

  • Google Analytics: Collects anonymized usage data. Subject to Google's Privacy Policy.
  • AI Providers (Google Gemini): User-submitted prompts and world seeds are sent to AI providers to generate content. We use data processing agreements (DPAs) with these providers. Your inputs may be used to improve AI models per the provider's terms unless you opt out via their settings.
  • Stripe: Handles payment processing. Card data is handled entirely by Stripe and subject to their Privacy Policy.
  • Amazon Web Services (AWS): Hosts our infrastructure including databases and file storage. Data is stored in US East (N. Virginia) by default.

We do not sell your personal data to third parties.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. If you delete your account, we will delete or anonymize your personal data within 90 days, except where we are required to retain it by law (e.g., billing records for tax purposes, typically 7 years). User-generated world content may be retained in anonymized/aggregated form for service improvement.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

GDPR (EEA/UK residents)

  • Right to access — request a copy of your personal data.
  • Right to rectification — correct inaccurate data.
  • Right to erasure — request deletion of your data (“right to be forgotten”).
  • Right to restrict processing — limit how we use your data.
  • Right to data portability — receive your data in a machine-readable format.
  • Right to object — object to processing based on legitimate interests or direct marketing.

CCPA (California residents)

  • Right to know what personal information is collected and how it is used.
  • Right to delete personal information we have collected.
  • Right to opt-out of the sale of personal information (we do not sell your data).
  • Right to non-discrimination for exercising your privacy rights.

To exercise any of these rights, please contact us at support@mythora.app. We will respond within 30 days.

7. Children's Privacy

Mythora is not directed at children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at support@mythora.app.

8. Data Security

We implement industry-standard security measures including HTTPS encryption, database encryption at rest, and access controls. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, for material changes, notify you via email or an in-app notice. Your continued use of the service after changes are posted constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Mythora

Email: support@mythora.app

Website: mythora.app