Gamable

1. Introduction

Gamable ("we", "us", "our", or "Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered game generation platform ("Service").

This policy applies to all users of the Gamable service and complies with the General Data Protection Regulation (GDPR), Swedish data protection laws, and other applicable privacy regulations.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

Email address
Username
Password (encrypted)
Profile information (if provided)

Payment Information:

Payment details are processed by Stripe, our payment processor
We do not store full credit card numbers
We retain transaction records and payment history

User-Generated Content:

Game generation prompts and descriptions
Text inputs for game creation
Feedback and support communications

2.2 Information Collected Automatically

Usage Data:

Game generation history
Features used and interaction patterns
Time and date of Service access
Session duration and frequency

Technical Information:

IP address
Browser type and version
Device type and operating system
Language preferences
Referring/exit pages

Cookies and Similar Technologies:

Session cookies for authentication
Functional cookies for Service operation
Analytics cookies (with consent)
Preference cookies for user settings

2.3 Information from Third Parties

Payment Processor (Stripe):

Transaction confirmation
Payment status
Fraud prevention data

Authentication Services:

If you use social login, we receive basic profile information

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

Creating and managing your account
Processing game generation requests
Storing and providing access to generated games
Processing payments and managing credits
Providing customer support

3.2 Service Improvement

Analyzing usage patterns to improve features
Training and improving AI models
Testing new features and functionality
Conducting research and development

3.3 Communication

Sending transactional emails (purchase confirmations, account notifications)
Responding to your inquiries
Sending Service updates and announcements
Marketing communications (with your consent)

3.4 Security and Compliance

Detecting and preventing fraud
Ensuring platform security
Enforcing our Terms of Service
Complying with legal obligations

3.5 Analytics

Understanding how users interact with the Service
Measuring Service performance
Identifying trends and usage patterns

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

Contract Performance: Processing necessary to provide the Service
Legitimate Interests: Improving the Service, security, and fraud prevention
Legal Obligation: Compliance with applicable laws
Consent: Marketing communications and optional features (where required)

5. Data Sharing and Disclosure

We may share your information with:

5.1 Service Providers

Stripe: Payment processing
Cloud Hosting Providers: Service infrastructure and data storage
AI Service Providers: Game generation functionality
Analytics Providers: Service analytics and improvement
Customer Support Tools: Support ticket management

All service providers are contractually bound to protect your data and use it only for specified purposes.

5.2 Legal Requirements

We may disclose information if required to:

Comply with legal obligations or court orders
Protect our rights, property, or safety
Prevent fraud or illegal activities
Respond to government requests

5.3 Business Transfers

If Gamable is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5.4 With Your Consent

We may share information for other purposes with your explicit consent.

6. Data Retention

We retain your personal data for as long as:

Your account remains active
Necessary to provide the Service
Required by law or legitimate business purposes

Specific Retention Periods:

Account data: Until account deletion plus 30 days
Transaction records: 7 years (legal requirement)
Generated games: Until account deletion (or user-initiated deletion)
Usage logs: 24 months
Marketing consent records: 3 years after consent withdrawal

After retention periods expire, we securely delete or anonymize your data.

7. Your Privacy Rights

Depending on your location, you have the following rights:

7.1 GDPR Rights (EU/EEA Users)

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a structured, machine-readable format
Object: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for marketing or optional processing

7.2 Exercising Your Rights

To exercise your rights:

Email us at: [email protected]
Use in-app account settings for certain actions
We will respond within 30 days (GDPR requirement)

7.3 California Privacy Rights (CCPA)

California residents have additional rights including:

Right to know what personal information is collected
Right to deletion
Right to opt-out of sale (we do not sell personal information)
Right to non-discrimination for exercising privacy rights

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

Security Measures:

Encryption in transit (TLS/SSL)
Encryption at rest for sensitive data
Secure authentication and password hashing
Regular security assessments
Access controls and least-privilege principles
Secure backup procedures
Employee training on data protection

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

If you access the Service from outside Sweden/EU:

Your data may be transferred to and processed in Sweden or other EU countries
We ensure adequate protection through appropriate safeguards
For non-EU transfers, we use Standard Contractual Clauses or other approved mechanisms

10. Cookies and Tracking Technologies

10.1 Types of Cookies We Use

Essential Cookies:

Required for Service functionality
Session management and authentication
Cannot be disabled

Functional Cookies:

Remember your preferences
Enhance user experience
Can be managed in settings

Analytics Cookies:

Help us understand usage patterns
Improve Service performance
Require consent (opt-in)

10.2 Managing Cookies

You can control cookies through:

Browser settings
Our cookie preference center
Third-party opt-out tools

Note: Disabling essential cookies may affect Service functionality.

11. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect data from children under 13.

If we learn we have collected data from a child under 13:

We will delete it promptly
We will not use it for any purpose
Parents may contact us to request deletion

Users between 13 and 18 must have parental consent to use the Service.

13. AI-Generated Content Privacy

Prompt Privacy:

Your game generation prompts are used to create your games
Prompts may be used in aggregate to improve AI models
We do not share individual prompts with other users
You can request deletion of your prompts and generated content

Model Training:

We may use aggregated, anonymized data to improve our AI models
Personally identifiable information is removed before training
You can opt-out of having your data used for model improvement

14. Data Breach Notification

In the event of a data breach:

We will notify affected users within 72 hours (GDPR requirement)
Notification will include nature of breach and recommended actions
We will notify relevant supervisory authorities as required

15. Privacy by Design

We incorporate privacy considerations into:

Product development
Feature design
Data collection practices
Default settings (privacy-friendly)

16. Your Choices

You have control over your data:

Account Settings:

Update personal information
Manage notification preferences
Control data sharing settings

Marketing Communications:

Opt-out of promotional emails (unsubscribe link)
Manage communication preferences

Data Deletion:

Delete individual generated games
Request full account deletion
Export your data before deletion

17. Updates to This Policy

We may update this Privacy Policy to reflect:

Changes in our practices
Legal or regulatory requirements
New features or services

Notification of Changes:

Email notification for material changes
In-app notification
Updated "Last Updated" date
Continued use constitutes acceptance

We encourage you to review this policy periodically.

18. Supervisory Authority

If you are in the EU/EEA and have concerns about our data practices, you have the right to lodge a complaint with your local data protection authority.

19. Contact Us

For privacy-related questions or to exercise your rights:

Data Protection Contact:
Email: [email protected]
Phone: +46 79 342 99 78

20. Additional Information

20.1 Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

20.2 Do Not Track Signals

We currently do not respond to Do Not Track browser signals, but you can control tracking through our cookie settings.

20.3 Credit Information

Credit balances and transaction history are maintained for account management and displayed in your account dashboard.

By using Gamable, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Effective Date: January 14, 2026