Privacy Policy
Last Updated: January 14, 2026
1. Introduction
Gamable ("we", "us", "our", or "Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered game generation platform ("Service").
This policy applies to all users of the Gamable service and complies with the General Data Protection Regulation (GDPR), Swedish data protection laws, and other applicable privacy regulations.
2. Information We Collect
2.1 Information You Provide Directly
Account Information:
- Email address
- Username
- Password (encrypted)
- Profile information (if provided)
Payment Information:
- Payment details are processed by Stripe, our payment processor
- We do not store full credit card numbers
- We retain transaction records and payment history
User-Generated Content:
- Game generation prompts and descriptions
- Text inputs for game creation
- Feedback and support communications
2.2 Information Collected Automatically
Usage Data:
- Game generation history
- Features used and interaction patterns
- Time and date of Service access
- Session duration and frequency
Technical Information:
- IP address
- Browser type and version
- Device type and operating system
- Language preferences
- Referring/exit pages
Cookies and Similar Technologies:
- Session cookies for authentication
- Functional cookies for Service operation
- Analytics cookies (with consent)
- Preference cookies for user settings
2.3 Information from Third Parties
Payment Processor (Stripe):
- Transaction confirmation
- Payment status
- Fraud prevention data
Authentication Services:
- If you use social login, we receive basic profile information
3. How We Use Your Information
We use collected information for the following purposes:
3.1 Service Provision
- Creating and managing your account
- Processing game generation requests
- Storing and providing access to generated games
- Processing payments and managing credits
- Providing customer support
3.2 Service Improvement
- Analyzing usage patterns to improve features
- Training and improving AI models
- Testing new features and functionality
- Conducting research and development
3.3 Communication
- Sending transactional emails (purchase confirmations, account notifications)
- Responding to your inquiries
- Sending Service updates and announcements
- Marketing communications (with your consent)
3.4 Security and Compliance
- Detecting and preventing fraud
- Ensuring platform security
- Enforcing our Terms of Service
- Complying with legal obligations
3.5 Analytics
- Understanding how users interact with the Service
- Measuring Service performance
- Identifying trends and usage patterns
4. Legal Basis for Processing (GDPR)
We process your personal data based on:
- Contract Performance: Processing necessary to provide the Service
- Legitimate Interests: Improving the Service, security, and fraud prevention
- Legal Obligation: Compliance with applicable laws
- Consent: Marketing communications and optional features (where required)
5. Data Sharing and Disclosure
We may share your information with:
5.1 Service Providers
- Stripe: Payment processing
- Cloud Hosting Providers: Service infrastructure and data storage
- AI Service Providers: Game generation functionality
- Analytics Providers: Service analytics and improvement
- Customer Support Tools: Support ticket management
All service providers are contractually bound to protect your data and use it only for specified purposes.
5.2 Legal Requirements
We may disclose information if required to:
- Comply with legal obligations or court orders
- Protect our rights, property, or safety
- Prevent fraud or illegal activities
- Respond to government requests
5.3 Business Transfers
If Gamable is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
5.4 With Your Consent
We may share information for other purposes with your explicit consent.
6. Data Retention
We retain your personal data for as long as:
- Your account remains active
- Necessary to provide the Service
- Required by law or legitimate business purposes
Specific Retention Periods:
- Account data: Until account deletion plus 30 days
- Transaction records: 7 years (legal requirement)
- Generated games: Until account deletion (or user-initiated deletion)
- Usage logs: 24 months
- Marketing consent records: 3 years after consent withdrawal
After retention periods expire, we securely delete or anonymize your data.
7. Your Privacy Rights
Depending on your location, you have the following rights:
7.1 GDPR Rights (EU/EEA Users)
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Limit how we process your data
- Portability: Receive your data in a structured, machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent for marketing or optional processing
7.2 Exercising Your Rights
To exercise your rights:
- Email us at: [email protected]
- Use in-app account settings for certain actions
- We will respond within 30 days (GDPR requirement)
7.3 California Privacy Rights (CCPA)
California residents have additional rights including:
- Right to know what personal information is collected
- Right to deletion
- Right to opt-out of sale (we do not sell personal information)
- Right to non-discrimination for exercising privacy rights
8. Data Security
We implement appropriate technical and organizational measures to protect your data:
Security Measures:
- Encryption in transit (TLS/SSL)
- Encryption at rest for sensitive data
- Secure authentication and password hashing
- Regular security assessments
- Access controls and least-privilege principles
- Secure backup procedures
- Employee training on data protection
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
9. International Data Transfers
If you access the Service from outside Sweden/EU:
- Your data may be transferred to and processed in Sweden or other EU countries
- We ensure adequate protection through appropriate safeguards
- For non-EU transfers, we use Standard Contractual Clauses or other approved mechanisms
10. Cookies and Tracking Technologies
10.1 Types of Cookies We Use
Essential Cookies:
- Required for Service functionality
- Session management and authentication
- Cannot be disabled
Functional Cookies:
- Remember your preferences
- Enhance user experience
- Can be managed in settings
Analytics Cookies:
- Help us understand usage patterns
- Improve Service performance
- Require consent (opt-in)
10.2 Managing Cookies
You can control cookies through:
- Browser settings
- Our cookie preference center
- Third-party opt-out tools
Note: Disabling essential cookies may affect Service functionality.
11. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.
12. Children's Privacy
The Service is not intended for children under 13. We do not knowingly collect data from children under 13.
If we learn we have collected data from a child under 13:
- We will delete it promptly
- We will not use it for any purpose
- Parents may contact us to request deletion
Users between 13 and 18 must have parental consent to use the Service.
13. AI-Generated Content Privacy
Prompt Privacy:
- Your game generation prompts are used to create your games
- Prompts may be used in aggregate to improve AI models
- We do not share individual prompts with other users
- You can request deletion of your prompts and generated content
Model Training:
- We may use aggregated, anonymized data to improve our AI models
- Personally identifiable information is removed before training
- You can opt-out of having your data used for model improvement
14. Data Breach Notification
In the event of a data breach:
- We will notify affected users within 72 hours (GDPR requirement)
- Notification will include nature of breach and recommended actions
- We will notify relevant supervisory authorities as required
15. Privacy by Design
We incorporate privacy considerations into:
- Product development
- Feature design
- Data collection practices
- Default settings (privacy-friendly)
16. Your Choices
You have control over your data:
Account Settings:
- Update personal information
- Manage notification preferences
- Control data sharing settings
Marketing Communications:
- Opt-out of promotional emails (unsubscribe link)
- Manage communication preferences
Data Deletion:
- Delete individual generated games
- Request full account deletion
- Export your data before deletion
17. Updates to This Policy
We may update this Privacy Policy to reflect:
- Changes in our practices
- Legal or regulatory requirements
- New features or services
Notification of Changes:
- Email notification for material changes
- In-app notification
- Updated "Last Updated" date
- Continued use constitutes acceptance
We encourage you to review this policy periodically.
18. Supervisory Authority
If you are in the EU/EEA and have concerns about our data practices, you have the right to lodge a complaint with your local data protection authority.
19. Contact Us
For privacy-related questions or to exercise your rights:
20. Additional Information
20.1 Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects.
20.2 Do Not Track Signals
We currently do not respond to Do Not Track browser signals, but you can control tracking through our cookie settings.
20.3 Credit Information
Credit balances and transaction history are maintained for account management and displayed in your account dashboard.
By using Gamable, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
Effective Date: January 14, 2026