Privacy Policy

Effective: April 26, 2026 · Last updated: April 26, 2026

This Privacy Policy describes how Larping ("Larping," "we," "us") collects, uses, and shares information when you use our website at larping.ai and our iOS app (together, the "Service"). It applies to anyone who creates an account, browses the catalog, or plays a game on the Service.

If you have a question we don't answer here, email us at [email protected].

The short version

We collect what we need to run the Service: an email address and a name to identify your account, the chat content of the games you play, and a small amount of device and billing data.
Your gameplay — the actions you type and the AI's replies — gets sent to AI service providers to generate responses. These providers act on our instructions and are contractually limited to processing your data for that purpose.
We do not use your gameplay or chat content to train artificial-intelligence or machine-learning models, and we do not sell your personal information to anyone.
We do not allow third parties to track you across other apps or websites for advertising. The iOS app contains no advertising or analytics SDKs.
You can delete your account at any time from inside the app. When you do, we delete your account, your saves, and your chat history from our systems.

The rest of this document is the long version.

1. Who this policy covers

Larping is operated as a sole proprietorship based in British Columbia, Canada. This policy covers the larping.ai website, the Larping iOS app, and any other service that links to it. References to "Larping," "we," "us," or "our" mean the operator of the Service.

It does not cover third-party websites, apps, or services that you reach by following a link from the Service. Those have their own privacy policies, and we encourage you to read them.

2. Information we collect

2.1 Information you provide

When you sign up and use the Service, you give us:

Account identifiers. Your email address and a player name. The player name is what appears in-game and what other players (if any) and the game's narrator use to address you. You can change it at any time. We also generate a public username for leaderboards (e.g., larper-48138) which you can edit.
Optional profile information. A display name and profile photo URL, if your sign-in method provides them.
Gameplay content. The free-form text you type as in-game actions, your selections from suggested actions, the game state your character ends up in, and any other content you submit through the Service. This includes anything you choose to share with the AI narrator inside a session.
Subscription and purchase information. If you subscribe to an optional paid plan, our payment processor handles your card details and shares back the minimum we need to manage your subscription — the plan you bought, period start and end dates, the customer or transaction identifier, and renewal status. We never see or store your full payment card number.
Communications. If you email us for support or report a problem inside the app, we receive the contents of your message along with the email address and account it came from.
Content reports. If you tap "Report" on an assistant message, we receive the message identifier, the session it was in, and any optional notes you add. We use that to investigate the report.

2.2 Information we collect automatically

When you use the Service, we automatically collect:

Authentication tokens. When you sign in, our authentication provider issues short-lived ID tokens and refresh tokens. The iOS app stores these securely in the system Keychain; the web app's browser SDK manages them locally. We do not see or store your password.
Device fingerprint. On first launch, our apps compute a one-way SHA-256 hash of stable device attributes (screen geometry, locale, timezone, hardware model, and similar) and a randomly generated per-install identifier. We never see the underlying inputs — only the hash. We use this hash for fraud and abuse prevention, specifically to deter someone from creating multiple accounts to claim the new-account token bonus.
Truncated IP signal. When you make a request, our edge network reports your IP address. Before storing anything, we truncate the IP (to the first three bytes for IPv4, or the first six bytes for IPv6) and then SHA-256 hash the truncated value. We never persist your raw IP address. The truncated hash is used for the same fraud-prevention purpose as the device fingerprint.
Service operation logs. Server-side logs may include identifiers like your account ID, request IDs, error messages, and the email address that an outbound transactional message was sent to. These are used to operate, debug, and secure the Service.
Token ledger. Each turn the AI takes spends a small amount of your in-app token balance. We keep an append-only ledger of credits and debits (sign-up bonus, gameplay turns, image generations, refunds, subscription grants, and admin adjustments) so we can reconstruct any historical balance.

2.3 Information we do not collect

To be explicit:

No advertising or cross-app tracking SDKs. The iOS app contains no analytics, attribution, or advertising SDKs of any kind. The web app does not load any third-party ad-tech.
No raw IP addresses. We hash a truncated form of the IP, never the full address.
No precise location data. We do not request or use the device location permission.
No microphone, camera, contacts, or photo library. The iOS app does not request these permissions.
No biometric data. We do not collect fingerprints, face data, or any other biometric identifiers.
No tracking of you across other apps or websites. As declared in our iOS Privacy Manifest, our app does not track you within Apple's definition of "tracking."

3. How we use information

We use the information described above to:

Run the Service. Authenticate you, save your sessions, sync them across your devices, generate AI responses to your gameplay, render images of scenes when you ask, and process subscription payments.
Communicate with you. Send you sign-in links, transactional notifications (receipts, account changes, security notices), responses to support messages, and — only with your consent and only until you opt out — occasional announcements about new games and product updates.
Prevent abuse, fraud, and harm. Use the device-fingerprint and truncated-IP hashes to detect coordinated abuse (e.g., one user farming the new-account token bonus across many sign-ups), enforce our terms, and respond to safety reports.
Improve the Service. Diagnose problems, fix bugs, and measure how features perform in aggregate. We do this from server logs and our own database. We do not use your gameplay content to train machine-learning models.
Comply with law. Meet legal obligations such as tax record-keeping for billing, response to lawful requests, and similar regulated purposes.

4. AI processing of your gameplay

This section is important. Please read it.

When you play a game on Larping, the words you type and the AI narrator's replies — together with the system prompt that defines the game's world and the rolling summary of earlier turns — are sent to AI service providers that we use to generate the next reply. We need to send this data for the Service to function: a chat-driven AI game can't run if we can't send the chat to a model.

The AI service providers we use are bound by our agreements with them and by their own privacy commitments to:

Process your data only to generate the response we requested.
Not use your data to train, fine-tune, or improve their general-purpose models.
Retain your data only briefly, for short windows necessary to detect abuse of their platform or to satisfy legal obligations they face. Their retention windows are governed by their own policies and are typically very short.
Apply technical and organizational security measures appropriate to the data.

We may also use AI service providers to:

Generate images when you tap "visualize" on a scene. The image provider receives only a short, crafted image prompt — not the raw narrative.
Summarize long sessions so the chat does not exceed context limits. The summarizer receives the prior summary and a slice of the conversation; its output is stored alongside the session and used to keep future turns informed.

We may change which AI service providers we use over time, including adding, removing, or substituting providers as the underlying technology evolves. We will not change the substance of how your data is treated — the contractual restrictions described above will continue to apply to whoever processes your data on our behalf.

Please be thoughtful about what you share inside a game. Free-form chat invites you to type anything, but we ask you to avoid putting real personal data — about yourself or anyone else — into a session unless it's essential to what you're doing. Once an AI provider has briefly processed a turn, we cannot recall the request from their side. We can and do delete the persisted copy from our systems whenever you delete your account or a session.

5. How we share information

We share information only as described in this section. We do not sell your personal information.

5.1 Service providers acting on our behalf

We share information with categories of third-party service providers who process it solely on our instructions:

Authentication and identity providers that operate the sign-in system (creating, verifying, and revoking your account credentials and sign-in tokens).
Cloud infrastructure providers that host our application servers, databases, caches, and edge network.
AI service providers that generate text and image responses to your gameplay (described in Section 4).
Object storage providers that store images you generate during a session.
Email service providers that deliver sign-in links, billing receipts, and other transactional messages.
Payment processors that handle subscription billing, including the in-app purchase systems operated by mobile platforms (such as Apple's App Store) and online payment platforms used by our website.

Each of these providers is bound by a written agreement that limits their use of your data to providing the service we have engaged them for, requires confidentiality, and obliges them to maintain reasonable security measures. We may add, remove, or substitute providers from time to time as our infrastructure evolves.

5.2 At your direction

If you choose to share something — for example, a sign-up referral or an invitation flow — we will share it consistent with the action you asked us to take.

5.3 Legal, safety, and integrity

We may disclose information when we believe in good faith that disclosure is reasonably necessary to:

Comply with a law, regulation, legal process, or governmental request;
Enforce our Terms of Service or other agreements;
Investigate, prevent, or address fraud, security, or technical issues;
Protect the rights, property, or safety of Larping, our users, or others.

Where permitted, we will attempt to give you notice of a legal request before producing your information.

5.4 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will require the recipient to honor the commitments in this Privacy Policy or notify you and provide an opportunity to delete your data before the transfer takes effect.

5.5 With your consent

We may share information for any other purpose disclosed at the time we collect it and with your consent.

6. How long we keep information

We keep your information for as long as your account is active and for as long as we need it for the purposes described in this policy.

Your account, profile, and gameplay history persist until you delete your account or until you delete an individual session inside the app.
The append-only token ledger is retained for the life of the account so we can reconcile balances and refunds.
Subscription records are retained for as long as the subscription is active and for a reasonable period thereafter to satisfy tax and accounting obligations. Some records are kept by our payment processor independently of our database, and we cannot delete those on your behalf.
Operational logs are kept for short windows (typically days to weeks, depending on the system) for debugging and security, then rotate out automatically.
Email-delivery records are kept by our email service provider according to its retention policy.

When you delete your account, we delete your account record, which cascades to delete your sessions, chat messages, summaries, generated-image rows, device-fingerprint entries, and subscription record from our database. Anonymized aggregates that don't identify you (for example, a count of total turns played per game) may persist for product analytics. Where law requires us to retain something — for example, a tax record — we will retain only what is required and only for as long as required.

7. How to delete your account

You can delete your account at any time:

In the iOS app: open the You tab, tap Delete account, and confirm.
On the web: open Settings inside the app and choose Delete account.
By email: if you cannot access your account, email [email protected] from the address associated with your account and we will process the deletion.

Account deletion is permanent. It cannot be undone.

If you have an active mobile-platform subscription (for example, an Apple in-app subscription), we cannot cancel it on your behalf. You must cancel it yourself in your device's subscription settings. Deleting your Larping account does not automatically cancel a platform-level subscription.

8. Your rights and choices

Depending on where you live, you may have rights over your personal information. We honor these rights for everyone, regardless of jurisdiction, where it is reasonable to do so.

8.1 Universal rights

These are available to all users:

Access. Ask us what personal information we hold about you.
Correction. Update inaccurate or incomplete information. Most fields (player name, public username) are editable directly inside the app.
Deletion. Delete your account and the data associated with it (see Section 7).
Portability. Request a copy of the personal information you've provided in a portable format.
Marketing opt-out. Click the unsubscribe link in any non-essential email from us. You will continue to receive transactional messages (sign-in links, receipts) that are part of operating your account. You cannot opt out of those without closing your account.
Limit use of sensitive data. We do not request or knowingly process sensitive personal information. If you have shared something sensitive in a chat session, you can delete that session or your entire account from inside the app.

To exercise any of these rights, email [email protected]. We will respond within the timeframe required by your local law, and at most within forty-five (45) days.

8.2 Verification

To protect your information, we may ask you to verify ownership of the email address on file before we act on a request. We may decline to act on a request that we cannot reasonably verify.

8.3 Authorized agents

Where local law allows you to use an authorized agent to make a privacy request on your behalf, we will honor a verified request from such an agent. We may ask the agent for proof of authorization and may also ask you to confirm the request directly.

8.4 No retaliation

We will not deny you the Service, charge you a different price, or provide a different level of service because you exercised a privacy right.

9. Region-specific disclosures

This section describes additional rights for users in specific regions. Where a region's law would entitle you to more than the universal rights in Section 8, we apply the higher standard.

9.1 California (CCPA / CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.

Categories of personal information we collect. Over the past twelve months, we have collected the following categories of personal information, as defined by California law:

Category	Examples	Source	Purpose
Identifiers	Email address, account ID, public username, IP-derived hash	You; observed	Operate the Service, security
Customer records	Name, billing identifiers	You; payment processor	Subscription management
Commercial information	Subscription tier, purchase history	You; payment processor	Billing
Internet/network activity	Authentication events, request logs	Observed	Operate the Service, security
Inferences	Token-spend patterns, fraud-risk signals	Derived	Service operation, abuse prevention
Audio, electronic, or visual information	Images you generate during a session	You	Operate the Service

We do not collect government IDs, biometric data, precise geolocation, racial or ethnic origin, religion, union membership, genetic data, health data, sexual-orientation data, immigration status, or other categories of "sensitive personal information" as defined under the CPRA, except in the limited sense that you may voluntarily type something sensitive into a chat session. We do not use anything you type for any purpose other than operating the Service.

Sources of personal information. Directly from you, automatically from your device when you use the Service, and from our payment processor when you make a purchase.

Purposes for collection. Each category above lists the purpose for which it is used. Please also see Sections 3, 4, and 5.

Disclosure of personal information. We disclose categories of personal information to the categories of service providers described in Section 5.1 for the operational purposes described there.

Sale or sharing of personal information. We do not sell personal information for money, and we do not "share" personal information for cross-context behavioral advertising as those terms are defined under California law. We have not done so in the preceding twelve months and have no plans to do so in the future.

Your rights as a California resident. You have the right to:

Know what personal information we have collected about you, including the categories above, the sources, the purposes, and the categories of third parties with whom we share it.
Receive a copy of the specific pieces of personal information we have collected about you.
Correct inaccurate personal information.
Delete personal information we have collected from you, subject to certain exceptions.
Opt out of any "sale" or "sharing" of your personal information (we do not sell or share, but the right is enumerated for completeness).
Limit our use of sensitive personal information (we do not use sensitive personal information in any way that triggers this right).
Be free from retaliation for exercising your rights.

To exercise these rights, email [email protected]. California's "Shine the Light" law (Civil Code § 1798.83) entitles California residents to request disclosure of personal information shared with third parties for those parties' direct-marketing purposes. We do not share personal information with third parties for their direct-marketing purposes.

9.2 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)

If you are in the EEA, the UK, or Switzerland, the General Data Protection Regulation or its UK equivalent applies, and you have the rights described below.

Controller. Larping is the controller of personal information collected through the Service.

Lawful bases. We process personal information on the following lawful bases:

Purpose	Lawful basis
Creating and maintaining your account; running the Service you signed up for	Performance of a contract (Art. 6(1)(b))
Sending sign-in links, receipts, and other transactional messages	Performance of a contract (Art. 6(1)(b))
Processing chat turns through AI service providers to generate responses	Performance of a contract (Art. 6(1)(b))
Fraud, abuse, and security measures	Legitimate interests (Art. 6(1)(f)) — operating a secure service
Service-improvement and bug-fix work derived from server logs and database aggregates	Legitimate interests (Art. 6(1)(f)) — improving the Service we provide to you
Optional product-update emails and announcements	Consent (Art. 6(1)(a)) — you can withdraw at any time
Tax, accounting, and legal record-keeping	Legal obligation (Art. 6(1)(c))

Your rights under the GDPR. Subject to applicable conditions and exceptions, you have the right to:

Access the personal data we hold about you.
Rectify inaccurate or incomplete personal data.
Erase your personal data ("right to be forgotten").
Restrict our processing of your personal data.
Object to processing carried out on the basis of legitimate interests.
Receive your personal data in a portable format (data portability).
Withdraw consent at any time, where consent is the lawful basis (this does not affect the lawfulness of processing carried out before withdrawal).
Lodge a complaint with your local data-protection authority. A list of EU authorities is available at edpb.europa.eu; the UK regulator is the Information Commissioner's Office.

To exercise any of these rights, email [email protected]. We will respond within one (1) month and may extend by up to two (2) additional months for complex requests, in line with Article 12.

International transfers. Personal data is processed in the United States and other countries where our service providers operate. Where data is transferred from the EEA, the UK, or Switzerland to a country that has not been recognized as providing an adequate level of protection, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum, where applicable) with the receiving party.

9.3 Other U.S. states (Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Delaware, Iowa, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, and others as their laws come into force)

If you are a resident of one of these states, you have rights under your state's comprehensive privacy law. These rights are substantively similar to the California rights in Section 9.1 and the universal rights in Section 8.1: you may request access, correction, deletion, and portability of your personal information; opt out of "sale" of personal information (we do not sell) and of "targeted advertising" (we do not engage in targeted advertising); and appeal a denial of a privacy request.

To exercise these rights, email [email protected]. To appeal a denial, reply to our response and include "Appeal" in the subject line.

9.4 Canada — federal (PIPEDA) and British Columbia (PIPA)

We are based in British Columbia and our processing of your personal information is governed primarily by the Personal Information Protection and Electronic Documents Act (PIPEDA) and, for residents of British Columbia, the Personal Information Protection Act (BC PIPA). Where you are a resident of Alberta, Alberta's PIPA applies on a substantially similar basis.

Under these laws you have the right to:

be informed of the existence, use, and disclosure of your personal information;
access the personal information we hold about you and request correction of inaccuracies;
withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice;
challenge our compliance with applicable privacy law by contacting the operator directly or by lodging a complaint with the relevant regulator.

Our Privacy Officer can be reached at [email protected]. We will respond to access and correction requests within thirty (30) days, as PIPEDA and BC PIPA require.

If you are not satisfied with our response, you may file a complaint with:

the Office of the Privacy Commissioner of Canada (PIPEDA),
the Office of the Information and Privacy Commissioner for British Columbia (BC PIPA), or
the Office of the Information and Privacy Commissioner of Alberta (Alberta PIPA), as applicable.

Cross-border transfers from Canada. Some of our service providers — including our cloud infrastructure, AI service providers, and email service provider — operate or store data outside Canada, primarily in the United States and the European Union. While your information is being processed outside Canada, it is subject to the laws of those jurisdictions, including lawful access by foreign authorities. We require these providers by contract to maintain protections substantially similar to those required by Canadian privacy law.

9.5 Quebec (Law 25)

If you are a resident of Quebec, you have rights under the Act respecting the protection of personal information in the private sector ("Law 25"). Our Privacy Officer (also serving as the Person in Charge of the Protection of Personal Information for the purposes of Law 25) can be reached at [email protected]. You may:

request access to and correction of your personal information;
request that personal information about you be communicated in a structured, commonly used technological format (data portability) where Law 25 requires;
request deletion or de-indexing in the circumstances permitted by law;
be informed of decisions made about you exclusively by automated processing (we do not currently make such decisions about you outside of standard service operation, fraud prevention, and content moderation); and
lodge a complaint with the Commission d'accès à l'information du Québec.

A French-language version of this policy is available on request. Pour obtenir une version française de la présente politique, écrivez à [email protected].

10. Minimum age

The Service is intended for users aged sixteen (16) and older. We do not direct the Service to anyone under sixteen (16), and we do not knowingly collect personal information from anyone under sixteen (16). If you believe someone under sixteen (16) has provided personal information to us, please contact [email protected] and we will delete the account and the associated information.

By using the Service, you represent and warrant that you are at least sixteen (16) years old.

11. Security

We protect your information with administrative, technical, and physical safeguards designed to be appropriate to the sensitivity of the data:

Encryption in transit. All connections between our apps, our servers, and our third-party providers use Transport Layer Security (TLS).
Authentication isolation. Your sign-in credentials are managed by a dedicated authentication provider; our application servers never see or store passwords.
Tokenized device identity. Device fingerprints are SHA-256 hashes computed on your device, not raw attributes. IP-derived signals are truncated and hashed before storage.
Access controls. Internal access to user data is restricted to engineers who need it to operate the Service, and access is logged.
Secure storage. On iOS, sensitive items are stored in the system Keychain with the strictest accessibility setting (after first device unlock, this device only, excluded from iCloud backup). On the web, the authentication provider's SDK manages auth state in browser storage scoped to our domain.

No method of transmission or storage is one hundred percent secure, and we cannot guarantee absolute security. If we ever discover a breach affecting your information, we will notify you and any required regulators consistent with applicable law.

12. Cookies and similar technologies

Our website does not set its own first-party cookies. Our authentication provider's SDK manages your sign-in state in your browser's local storage; no cookies are placed for advertising or analytics. The iOS app does not use cookies; it stores authentication tokens in the system Keychain and a small amount of session-state in the operating system's app-private storage.

If we ever begin using cookies or similar technologies for purposes that require consent under your local law, we will update this policy and provide an appropriate consent mechanism.

13. International data transfers

We are based in British Columbia, Canada, and our infrastructure is operated by service providers based primarily in the United States and the European Union, with edge networks and related services that may operate globally. If you are located outside Canada, your information will be transferred to and processed in Canada, the United States, and other countries where laws governing data may differ from the laws where you live. Where transfers are subject to GDPR, UK GDPR, PIPEDA, or comparable laws, we rely on the appropriate safeguards described in Sections 9.2 and 9.4.

14. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Last updated" date at the top of this page; and
Notify you by email or via an in-app notice at least thirty (30) days before the changes take effect, unless the changes are required by law to take effect sooner.

If you continue to use the Service after a change becomes effective, you are agreeing to the updated policy. If you do not agree, please stop using the Service and delete your account.

A history of material changes is available on request.

15. Contact us

For privacy questions, requests, or complaints:

Email: [email protected]
General support: [email protected]

We do our best to respond within five (5) business days, and always within the timeframes required by your local law.

Thanks for taking the time to read this. If anything is unclear, send us an email — a real person will read it and reply.