Privacy Policy

1. Who We Are

MobiVTT (“MobiVTT”, “we”, “our”, “us”) is a global subscription-based web service providing a digital character-sheet interface for tabletop role-playing games. We are committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights. Our service is hosted at mobivtt.com (the “Service”) and is available to users worldwide. Contact: For any privacy-related questions, you can reach us at [email protected].

2. Information We Collect

We keep data collection to a minimum. You do not need to create an account or profile to use MobiVTT. We do not collect any personal content you input into your game. The limited data we handle includes:

  • Subscription & Payment Information: If you choose a paid subscription, you will provide payment details (such as name, email, billing address, and credit card information) directly to our payment processor, Stripe, during checkout. We do not store your payment details on our servers. Stripe returns to us a non-identifying customer or subscription ID and the subscription status (e.g. active, canceled) so we can activate your premium access.
  • Access Code Data: Upon successful subscription payment, our system generates an access code associated with your subscription tier and expiration date. We store this code and its status to authenticate you and unlock premium features on the Service. No personal identity information is tied to the code in our system.
  • Analytics Data: We use Google Analytics 4 (GA4) to help us understand how the Service is used. GA4 may automatically collect information about your device, browser, general location (e.g. country), and usage of our site (such as pages visited and actions taken). This analytics data is aggregated and does not directly identify you by name. (See more under Cookies & Tracking below.)
  • Technical Log Data: When you use MobiVTT, our servers and hosting provider (Cloudflare) automatically record certain technical information for security and debugging. This includes your IP address, browser type (user-agent), date and time of access, and any error messages. We use this data to monitor for malicious activity and to maintain the reliability of the Service.

No Account Data: We do not create user accounts or store any profile information or passwords. There are also no contact forms or user-generated content features on our site, so we never collect things like messages, posts, or uploaded media from you.

3. Cookies & Tracking Technologies

MobiVTT uses only a few cookies and similar technologies, and we do so primarily to ensure the Service works properly. We do not use any cookies for social media or unnecessary tracking. The types of cookies/trackers we use are:

  • Essential Cookies: These are necessary for the Service to function. For example, when you go through the Stripe checkout, Stripe may set certain cookies (e.g. cookies starting with __stripe) to remember your session and ensure a secure payment process. MobiVTT also uses a session cookie (e.g. mvt_session) to link your browser with your access code during a session. These cookies are short-term and are required for features like payment and login to work; they are not used for advertising or analytics. By law (e.g. EU ePrivacy), strictly necessary cookies do not require user consent.
  • Analytics Cookies: With your consent (where required), we use Google Analytics cookies (such as _ga cookies) to collect usage statistics. These cookies help us count visits, see traffic sources, and understand how users interact with our site so we can improve it. The information collected is aggregated by Google and presented to us in analytics dashboards. You can opt-out of analytics cookies by refusing them in the cookie consent banner or by using browser settings/add-ons to block Google Analytics.
  • Advertising Cookies (Possible Future Use): We do not currently use any advertising or targeting cookies. However, in the future, we may incorporate advertising services (for example, Google Ads) to promote our Service or to display ads. If we do so, those services might use cookies or similar trackers to show relevant ads or measure ad performance. We will update this Policy and ask for appropriate consent if and when we introduce advertising cookies.

You can manage your cookie preferences at any time via our site’s cookie consent tool or your browser settings. Disabling certain cookies (like the essential ones) may affect the functionality of the Service (for example, you wouldn’t be able to complete a subscription checkout if Stripe cookies are blocked).

4. How We Use Your Information

We use the limited information we collect for the following purposes:

  • To Provide the Service: We process subscription payments and verify your subscription status (via Stripe) in order to give you access to premium features. Your access code and subscription data are used to authenticate you and enable your paid features across your devices.
  • To Operate and Improve the Service: Technical logs and Google Analytics data are used to maintain performance, fix bugs, and understand usage patterns. This helps us improve MobiVTT’s functionality and user experience over time.
  • To Communicate with You: If you are a subscriber, we may use the email you provided during checkout to send you the access code and important information about your subscription (for example, payment confirmations, renewal notices, or critical updates to the Service or policies). We will not send marketing emails or newsletters unless you have explicitly opted in to such communications.
  • To Ensure Security and Prevent Fraud: IP addresses and other log data may be used to detect and prevent fraudulent or malicious activity on our platform. For example, we might use this data to block suspicious login attempts or to debug access issues.
  • To Comply with Legal Obligations: In rare cases, we may need to use or disclose certain data if required to do so by law or to respond to lawful requests by public authorities (e.g. court orders or government regulations).

We do not sell your personal data to third parties, and we do not use your data for any purposes other than those described above.

5. Sharing of Data with Third Parties

We value your privacy and only share your data with a few trusted third-party service providers as necessary to run MobiVTT:

  • Stripe, Inc.: Our payment processor. When you subscribe, the checkout form is provided by Stripe. Stripe handles your payment details securely and is PCI-DSS compliant. We share with Stripe the information needed to process the payment, and Stripe in turn provides us with the subscription ID/status (but not your full card number or full billing details). See Stripe’s own Privacy Policy for details on their data practices.
  • Google LLC (Analytics and Ads): We use Google Analytics 4 to gather anonymized usage data (as described above). Google may process certain data (like your IP address, device information, and cookie identifiers) for analytics on our behalf. In the future, if we use Google Ads services, Google may also process data for advertising and conversion tracking. Any data Google collects on our site is governed by Google’s Privacy Policy. You can learn more about how Google uses data on their site.
  • Cloudflare, Inc.: Our website is hosted on Cloudflare Pages and uses Cloudflare’s content delivery network (CDN) and security services. This means when you access MobiVTT, your requests pass through Cloudflare’s servers. Cloudflare may temporarily log your IP address and other technical data to provide its services (e.g. to mitigate DDoS attacks and speed up content delivery). Cloudflare is a reputable provider that employs strong security measures. See Cloudflare’s Privacy Policy for more information.

Aside from the partners above, we do not share your personal information with any other third parties. In particular, we do not rent or sell your information to data brokers or marketers. If we ever engage a new service provider that will handle your personal data, we will update this Privacy Policy accordingly.

6. International Data Transfers

MobiVTT is a global service, and the third-party services we use (Stripe, Google, Cloudflare) are based in various countries (including the United States). Consequently, the personal data that we collect may be transferred to and processed in countries other than your own. For example, if you are located in the European Union or United Kingdom, your payment and analytics data may be processed on servers in the United States. We are committed to ensuring that appropriate safeguards are in place for such cross-border data transfers. When we transfer personal data out of the European Economic Area (EEA) or other regions with data transfer restrictions, we rely on legal mechanisms such as the European Commission’s Standard Contractual Clauses or other equivalent measures to ensure your data is protected. Stripe, Google, and Cloudflare all participate in or comply with frameworks that ensure adequate data protection, such as the EU–US Data Privacy Framework, or use Standard Contractual Clauses where applicable. By using our Service, you understand that your information may be transferred to our servers and those of our service providers in different jurisdictions. Regardless of where your data is processed, we will take steps to protect it in line with this Privacy Policy.

7. Data Security

We take the security of your data seriously and implement industry-standard practices to protect it. These measures include:

  • Encryption: All communications with the MobiVTT website are encrypted via HTTPS (TLS encryption). This means any data transmitted between your device and our servers (such as during checkout or while using the Service) is protected from eavesdropping.
  • Secure Hosting: Our Service is hosted on Cloudflare’s secure infrastructure. Cloudflare provides built-in security features like DDoS protection and a Web Application Firewall to help guard against attacks.
  • Access Controls: The internal systems that handle subscription data and access codes are restricted to authorized personnel only. We employ measures such as multi-factor authentication and key-based access to prevent unauthorized access to our servers.
  • Data Minimization: As described above, we minimize the personal data we store. Less stored data means less risk of sensitive information being exposed in the unlikely event of a breach.

While we strive to protect your information, no website or internet transmission is completely secure. Therefore, we cannot guarantee absolute security. However, we will promptly notify you of any data breach that affects your personal data, as required by applicable law.

8. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal data. We honor individuals’ rights as required by applicable laws:

  • Access and Correction: You have the right to request a copy of the personal information we hold about you and to request corrections of any inaccuracies. Since we hold very minimal data, in many cases this might just be your Stripe customer ID and subscription status.
  • Deletion: You can request that we delete personal information we have collected from you. For example, if you cancel your subscription, you may ask us to erase any associated data (bearing in mind we mostly hold non-identifying records). Note that we might need to retain some information for legal or internal business purposes (e.g. payment records required for accounting), but we will comply with deletion requests to the fullest extent possible.
  • Objection or Restriction: You have the right to object to or ask us to limit our processing of your data in certain cases. For instance, you can ask us to stop using your data for analytics by withdrawing consent for analytics cookies (see Cookies section).
  • Data Portability: Where applicable, you may request a copy of the data you have provided to us in a machine-readable format. Given our service does not collect profile data, this will likely be limited to any info you gave during payment (which is mostly held by Stripe).
  • California Residents: If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) or other state laws. Given that we do not sell personal information or collect much personal data, most CCPA requirements (like the right to opt-out of sale) are not applicable. However, you can still request access or deletion as noted above.

To exercise any of your rights or to make any privacy-related request, please contact us at [email protected]. We may need to verify your identity before fulfilling certain requests (for example, by confirming you have access to the email associated with your subscription). We will respond to your request as soon as possible and in any event within the timeframe required by law (for example, within 30 days for GDPR-related requests). There is no fee for making such requests, though repeated or excessive requests may incur a reasonable fee as permitted by law. You also have the right to lodge a complaint with a data protection authority if you believe we have infringed your privacy rights. We encourage you to contact us first so we can address your concerns directly.

9. Children’s Privacy

MobiVTT is not intended for children under the age of 13. We do not knowingly collect personal information from anyone under 13 years old. If you are under 13, please do not use the Service or provide any information to us. If we become aware that we have inadvertently collected personal data from a child under 13 (or under the applicable age of consent in your region), we will take steps to delete that information as soon as possible. If you are a parent or guardian and you believe your child under 13 has provided personal information to us, please contact us at [email protected] so that we can investigate and delete any such data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will revise the “Last Updated” date at the top of this Policy. If any material changes are made, we will provide a prominent notice, such as a banner on our website or a notification upon login. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of MobiVTT after any changes to this Policy will signify your acceptance of the updated terms, to the extent permitted by law. If you do not agree with any changes, you should stop using the Service and, if applicable, cancel your subscription.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

We will be happy to answer your questions and address any issues to the best of our ability. Your privacy is important to us, and we welcome your feedback.