Privacy Policy – iRolled20
Last updated: January 2026
🧙 Plain-English Summary (TL;DR)
Here’s the deal:
- We collect the info we need to run iRolled20 and its features.
- We never sell your personal data. Not now. Not ever.
- You’re in control of your information and can access, update, or delete it.
- We use trusted third-party services to keep the site working smoothly.
- Analytics are used only to make the platform better, not to stalk you.
- Some features (like messaging, listings, and gamification) require storing activity data.
If you want the full, legally-required details, roll initiative and read on.
1. Who We Are
iRolled20 (“we,” “us,” or “our”) is a platform built to help tabletop gamers find games, players, events, and community—online and in the real world.
This Privacy Policy applies to https://www.irolled20.com and all related features, tools, and services (collectively, the “Service”).
2. Information We Collect
2.1 Information You Provide
Account & Login Information
- Email address
- Display name / username
- Password (securely hashed, never stored in plain text)
- OAuth details when using Google login
- Account creation date
Profile Information (Optional)
- Bio or description
- City and state (no precise GPS tracking)
- Age range
- Gaming preferences, experience level, availability
- Preferred role (Player, GM, or Both)
- Social links (Discord, Twitter/X, Instagram, YouTube, Twitch, TikTok, personal sites)
- Privacy and visibility settings
Content You Create
- Forum posts and comments
- Game and player listings
- Event listings and RSVPs
- Direct messages
- Feedback, reports, and submissions
- Marketplace listings (when enabled)
2.2 Information Collected Automatically
Technical & Usage Data
- IP address
- Browser and device type
- Screen size and viewport
- Language and timezone
- Referrer source
- Pages viewed and actions taken
Activity & Gamification Data
- XP, levels, and titles
- Achievements and daily quests
- Login streaks
- Dice rolls and random encounters
- Theme preferences
This data exists to make the platform function, stay secure, and improve over time—not to spy on you.
3. Location-Based Features
Store Locator
- Zip-code searches
- Optional browser-based location (with your consent)
- Approximate IP-based location for map defaults
Store Data Sources
- Store name, address, phone number, and hours
- Latitude/longitude coordinates
- Google Place IDs
Store data may be imported, submitted, moderated, and scored for quality.
4. How We Use Your Information
We use your information to:
- Run and maintain iRolled20
- Authenticate users
- Enable social features, messaging, listings, events, and gamification
- Improve performance and user experience
- Detect spam, abuse, or fraud
- Meet legal obligations
We do not sell personal information. Ever.
5. Cookies & Local Storage
We use cookies and localStorage for things like:
- Logging you in
- Remembering preferences and themes
- Saving analytics consent
- Tracking gamification progress
- Holding marketplace cart data
You can disable cookies in your browser, though some features may stop working as intended.
6. Third-Party Services
We work with trusted providers to operate the platform:
- Supabase – database, authentication, file storage
- Google – OAuth login, Maps, Places API
- Stripe – payment processing (marketplace)
- Trello – internal feature tracking (admin use)
Each service handles data according to its own privacy policy.
7. Marketplace & Payments (Coming Soon)
When the marketplace is enabled:
- Payments are processed securely by Stripe
- iRolled20 never stores credit card numbers
- Purchase history and downloads are tracked
- Sellers receive payouts through Stripe Connect
Financial data is handled under Stripe’s compliance standards.
8. Analytics & Tracking
- Analytics are internal and admin-only
- Data is never sold or used for advertising
- Purpose: making iRolled20 better, faster, and more reliable
9. Admin & Moderation Access
Authorized admins and moderators may access:
- User-generated content
- Reports and moderation tools
- Aggregated analytics
Access is role-based and tightly controlled.
10. Data Retention
| Data Type | Retention |
|---|
| Active accounts | Until deleted |
| Messages & content | Until deleted |
| Analytics | Aggregated after 30–90 days |
| Deleted accounts | Removed after grace period |
| Backups | Secure and time-limited |
11. Your Privacy Rights (GDPR / CCPA / CPRA)
Depending on where you live, you may:
- Access your personal data
- Correct inaccurate information
- Request deletion
- Object to or restrict processing
- Export your data
- Opt out of analytics (where available)
California residents have additional rights under CCPA/CPRA.
📧 privacy@irolled20.com
12. International Transfers
Your data may be processed in the United States or other regions where our service providers operate, using legally approved transfer mechanisms.
13. Children’s Privacy
iRolled20 is not intended for children under 13 (or under 16 in the EU). We do not knowingly collect data from children.
14. Data Security
We use HTTPS, encrypted connections, hashed passwords, access controls, and secure APIs. No system is flawless, but we take security seriously.
15. Changes to This Policy
If we update this policy, we’ll post the changes here and update the “Last updated” date.
16. Contact
Website: https://www.irolled20.com
Privacy: privacy@irolled20.com
General: info@irolled20.com