Privacy Policy

Last updated: February 11, 2026

Pinwheel Fates is built on the principle that whoever controls the context holds the power. In Pinwheel, players steward their own context. This policy explains what data we collect, how we use it, and what we never do.

1. What We Collect

Account Data (via Discord OAuth)

  • Discord user ID — to identify your account
  • Username — displayed in the game interface
  • Avatar URL — displayed in the navigation bar

We request only the identify scope. We do not access your Discord messages, friends list, server memberships, or any other Discord data.

Gameplay Data

  • Floor actions — proposals you submit, votes you cast, tokens you spend
  • Session metadata — when you log in, basic request timing for performance monitoring

All Floor actions are stored as immutable events in an append-only log. This is a feature, not a bug — it provides full auditability of the Floor process.

2. Private Reports

This is the most important section of this policy.

The AI generates private reports — reports on your individual Floor behavior. These reports are:

  • Visible only to you. No other player, administrator, or developer can see your private report content.
  • Never used for evaluation. Our automated eval framework measures report quality using only aggregate statistics (counts, rates, scores) — never the text of private reports. The manual rubric system rejects private reports at the type level.
  • Never used for training. Report content is not sent to any AI training pipeline.
  • Deletable. You may request deletion of your private reports at any time.

Public reports (simulation and Floor reports visible to all players) are not subject to these restrictions — they are part of the shared game experience.

3. What We Never Do

  • We never sell your data to third parties.
  • We never use your data for advertising or engagement optimization.
  • We never access private report content for development or debugging.
  • We never share individual player behavior data with other players (aggregate standings and public Floor actions are visible by design).

4. AI Processing

Your Floor actions and game data are processed by Claude (Anthropic) to generate reports and interpret rule proposals. This data is sent to Anthropic's API under their privacy policy, which prohibits using API inputs for model training.

5. Security

We make best-effort attempts to maintain the security of your data:

  • Session cookies are signed, HTTP-only, and SameSite=Lax
  • CSRF protection on OAuth flows
  • All production traffic is HTTPS-only
  • Database access follows the principle of least privilege

However, Pinwheel Fates is an experimental project. We cannot guarantee the security of your data against all threats. Do not submit sensitive personal information through Floor proposals or other game inputs.

6. Data Retention

Gameplay data is retained for the duration of the season. Between seasons, data may be archived or reset. Account data (Discord ID, username, avatar) is retained until you request deletion or revoke the Discord OAuth connection.

7. Your Rights

You may at any time:

  • Request your data — we will provide an export of your Floor actions and report history
  • Request deletion — we will remove your account and associated data
  • Revoke access — disconnect via Discord's Authorized Apps settings

8. Open Source Transparency

The complete source code is available under the MIT license. You can verify every claim in this policy by reading the code. The privacy boundaries described here are enforced at the code level, not just the policy level.

9. Changes

Material changes to this policy will be announced in the Discord server. The current version is always available at this URL.

10. Contact

Privacy questions? Reach out via the project's GitHub repository or Discord server.