1. Introduction
Built by Foundry, Inc., formerly known as Playpen Games, Inc. ("Foundry," "we," "us," or "our"), operates the Point of Divergence mobile application ("App") for the creator Monsieur Z (Dean Monsieur). This Privacy Policy explains how we collect, use, share, and protect information when you use the App or contact us about it.Contact: For privacy requests, email privacy@builtbyfoundry.io. For general questions: hello@builtbyfoundry.io2. Information We Collect
2.1 Information Stored on Your Device
Your ideology test result, campaign progress, decisions, saved items, and Chronicle are stored locally on your device. They are not uploaded to our servers unless you sign in for backup. Deleting the App deletes them.2.2 Orders You Write
The Open Order feature lets you type an instruction to the simulation. What you type is interpreted entirely on your device by a fixed rules engine. It is never sent to our servers or to any third party, and the App does not use a large language model.2.3 Information You Provide
• Account details if you choose to sign in for progress backup: email, display name, and sign-in identifiers from Apple or Google. Signing in is optional; every feature of the App works without an account
• Support requests and feedback you send us, including any information you include in the message2.4 Automatically Collected Information
• Device and app information: device type, operating system, app version, language settings
• Usage and analytics: screens viewed, features used, campaigns started and completed, and similar product events
• Crash and error diagnostics used to fix bugs
• Subscription state returned by our billing providers (active, trial, expired), if you purchase a subscription3. How We Use Your Information
• Run the ideology test and your alternate-history campaign
• Save your progress and Chronicle, and back them up if you sign in
• Authenticate your account if you choose to sign in, and delete it when you ask
• Process subscriptions, renewals, restores, and customer support requests
• Monitor product performance, debug issues, and improve the App
• Detect abuse, enforce our terms, and comply with legal obligations4. Third-Party Service Providers
We share limited data with service providers to operate the App. All are contractually required to protect your data and use it only as we instruct.Infrastructure and Authentication: Supabase (database and optional sign-in with Apple or Google). Stores your account details and backed-up progress if you sign in. Data processed in the United States.Subscriptions and Payments: RevenueCat for subscription management. Apple App Store for payment processing. Apple handles refunds.Analytics: PostHog for product analytics (screens viewed, features used, campaigns completed).Crash Reporting: Sentry for crash and error diagnostics. Text inputs are not captured.We Never Sell Your Data. Full service provider details and privacy policies available upon request.5. International Data Transfers
The App is hosted in the United States. If you access from other regions, your data is transferred to and processed in the US.EU/UK Users: International transfers are handled under the legal mechanisms and safeguards available for the applicable provider and request. Those mechanisms may vary by service and processing location. You can request information about the safeguards used for a particular transfer by contacting privacy@builtbyfoundry.io.6. Data Retention and Deletion
We retain data only as long as necessary or required by law.Your ideology result, campaign progress, and Chronicle live on your device and are deleted with the App. If you sign in and later delete your account, we remove or de-identify your account records within 30 days; backup copies are purged within 90 days. Analytics events are retained up to 26 months, crash reports up to 90 days, and subscription and tax records up to 7 years as required by law.7. Your Privacy Rights
All Users can request access, correction, or deletion of personal data.EU/UK Users (GDPR)
Additional rights: Data portability, restrict processing, object to processing, withdraw consent, file complaints with your Data Protection Authority.File a complaint: UK (ICO: ico.org.uk), Ireland (dataprotection.ie), or your local EU authority.Legal basis: Contract performance, legitimate interests (analytics, security), consent (session replay), legal obligations.California Users (CCPA/CPRA)
Additional rights: Know what data we collect and who we share with, delete data, correct inaccuracies, opt out of certain data sales or sharing where applicable, limit use of sensitive information.You can designate an authorized agent to make requests. We verify identity before fulfilling requests. No discrimination for exercising rights.How to Exercise Rights
Email privacy@builtbyfoundry.io with your name, email, user ID (Settings → Profile), and specific request.In-app deletion: Settings → Account → Delete AccountResponse time: GDPR: 30 days, CCPA: 45 days. Requests are free.8. Children's Privacy
Point of Divergence is not directed to children under 13. We do not knowingly collect data from children under 13.Parents: If your child under 13 has provided information, contact privacy@builtbyfoundry.io. We'll delete it within 30 days.Teens (13-17): Review this policy with a parent or guardian.9. Data Breach Notification
If a breach compromises your data, we will notify you and relevant authorities within 72 hours, describing what happened, what data was affected, what we're doing, and what you should do.Report security concerns: privacy@builtbyfoundry.io10. Security
We use encryption in transit (TLS 1.3+), encryption at rest (AES-256), secure authentication (OAuth 2.0), access controls, and regular security audits. While no system is 100% secure, we work to protect your data.You should: Protect your device passcode and biometric authentication, use strong Apple/Google account passwords, enable two-factor authentication.11. Updates to This Policy
We may update this policy to reflect new features or legal requirements. Material changes will be communicated via email or in-app notification 30 days before taking effect. Continued use after changes means you accept the updated policy.