Last Updated: 11-11-2025
This Privacy Policy explains how Infinity Fiction Limited collects, uses, stores, and shares personal data when you use Infinity Fiction, Tidefall, our websites, games, apps, subscriptions, AI features, and related services (the Services).
The Services are intended for users aged 18 or over.
Please also read our Terms of Service.
- Who we are
Infinity Fiction Limited is the controller of your personal data.
Contact email: [email protected] - Personal data we collect
Personal data means information that identifies you or can reasonably be linked to you.
We may collect and use the following types of personal data.
2.1 Account Data
This includes:
email address
username, display name, or account ID
encrypted password / login credentials
account creation date
account status
subscription status
settings and preferences
We do not require your real name, postal address, phone number, or contact list for standard account registration.
Payments may be processed by Paddle or another payment provider, who may collect billing and payment data under their own privacy notice.
2.2 Contact and Support Data
This includes:
email address
messages you send to us
support requests
refund requests
complaints or appeals
invoice references
information you provide when reporting bugs, safety issues, payment issues, or account problems
2.3 Payment and Transaction Data
Payments may be handled by Paddle or by another app store, marketplace, or payment provider.
We do not receive or store full payment-card details, bank details, postal addresses, or phone numbers used for billing unless a payment provider separately sends us limited transaction information needed to operate the Services.
We may receive or store:
payment status
subscription plan
purchase history
top-up history
number of credits, prompts or turns, or other paid entitlements purchased and used
invoice reference numbers
refund status
billing country or tax information where provided by the merchant of record/payment provider
fraud, chargeback, or payment-risk information where provided by the merchant of record/payment provider
Payment providers may collect additional billing, tax, identity, or payment information under their own privacy notices.
2.4 Gameplay, AI and Usage Data
We may collect information about how you use the Services, including:
prompts or turns, commands, choices, and other inputs
AI-generated outputs
gameplay activity
characters, saves, progress, inventory, and story state
credits, tokens, or usage balances
features used
pages or screens visited
session length and time spent
crash logs, bugs, and error reports
feedback and survey responses
Please do not submit sensitive personal data through prompts or turns or support messages.
2.5 User Content and Community Data
This includes content you create, upload, submit, share, or make available through the Services, including:
profile information
public display name
game content
text, images, or other uploads
reports made by or about you
If you use Discord or another external community platform, that platform handles your activity under its own privacy policy.
2.6 Technical Data
We may collect technical information including:
IP address
device type, ID or identifiers
browser type and version
operating system
app version
approximate location from IP address
log data
security events
cookie and similar technology data
2.7 Marketing and Communications Data
This includes:
newsletter and marketing preferences
communication preferences
email engagement data, such as opens or link clicks
event, playtest, survey, or waitlist sign-ups
2.8 Safety, Moderation, Fraud, and Security Data
We may collect information needed to keep the Services safe and secure, including:
content reports
moderation decisions
account restrictions or appeals
suspected illegal or harmful activity indicators
anti-cheat, bot, spam, scraping, or abuse signals
payment fraud or chargeback indicators
security logs
information needed to enforce our Terms of Service or comply with law
2.9 Aggregated and Anonymised Data
We may create aggregated or anonymised data that does not identify you.
We may use this data for analytics, product improvement, research, forecasting, safety, reporting, and business planning.
- How we collect personal data
3.1 Information you give us
You may provide personal data when you:
create an account
use the Services
enter prompts or turns or gameplay choices
upload or share content
buy a subscription or top-up
request a refund
contact support
report content or technical issues
join a waitlist, newsletter, survey, playtest, or community channel
change account settings
communicate with us by email, app, or website
We do not require your real name, postal address, phone number, or contact list for standard account registration.
3.2 Information collected automatically
We may automatically collect technical, usage, gameplay, and security information when you use the Services.
This may include information collected through:
server logs
cookies and similar technologies
app telemetry
analytics tools
crash reporting tools
fraud and security systems
AI systems used to operate and improve the Services
We use this information to operate, secure, analyse, and improve the Services.
3.3 Information from third parties
We may receive limited personal data from third parties, including:
Paddle and other payment providers
app stores, marketplaces, and platforms such as Steam
AI technology providers used to deliver the Services
external community platforms, where you choose to communicate with us through them - How we use personal data and our lawful bases
We use personal data to:
create and manage your account
provide the Services, including gameplay, AI features, saved progress, subscriptions, credits, and support
process payments, subscriptions, and refunds
communicate with you about your account, purchases, security, and important updates
send marketing communications where permitted by law
personalise and improve gameplay, features, and user experience
analyse usage and improve the Services
detect fraud, abuse, cheating, bots, and security threats
respond to complaints, disputes, and moderation appeals
comply with legal, tax, accounting, and regulatory obligations
We rely on the following lawful bases under United Kingdom data protection law:
Performance of a contract – to provide the Services, manage your account, process purchases, and provide support.
Legitimate interests – to operate, improve, secure, analyse, and protect the Services, prevent fraud, and manage our business.
Legal obligations – to comply with applicable laws, regulations, tax, accounting, and lawful requests.
Consent – where required for certain marketing communications, cookies, or similar technologies.
Where we rely on legitimate interests, we consider your rights and interests. - AI features, profiling, and automated decisions
The Services use AI to support gameplay, generate text, characters, worlds, story events, personalisation, safety checks, and other features.
We may use your prompts, gameplay choices, account state, and usage history to generate AI outputs and improve your experience.
We may also use automated tools to support Service delivery, fraud prevention, security, moderation, and technical operations.
We do not use solely automated decision-making that has legal or similarly significant effects on users. - AI technology providers
We may use third-party AI technology providers to deliver AI features.
To operate the Services, we may share relevant service information including prompts or turns, gameplay context, account state, safety information, and AI outputs with those providers.
We use these providers to support live Service delivery and related technical operations.
Where providers process personal data on our behalf, we seek to implement appropriate contractual and data protection safeguards. Where a provider acts independently, its own privacy notice may apply. - Marketing
We may send you service messages about your account, subscriptions, payments, security, support, policy changes, and important updates. These are not marketing messages and you may still receive them if you opt out of marketing.
We may send marketing emails, newsletters, playtest updates, promotions, or community announcements where permitted by law.
You can opt out of marketing at any time by using the unsubscribe link in an email or by contacting [email protected].
We do not sell your personal data to third parties for their own direct marketing purposes. - Cookies and similar technologies
We use cookies, local storage, SDKs, and similar technologies to help operate and improve the Services.
These technologies may be used to:
keep you logged in
remember preferences and settings
maintain security and prevent fraud
understand how the Services are used
measure performance and fix issues
improve features and user experience
Some cookies and similar technologies are strictly necessary for the Services to function. Others, such as analytics cookies, may be used only with your consent where required by law.
Cookie preferences may be managed through available consent settings or browser controls. Disabling certain cookies may affect how the Services function. - Sharing personal data
We may share personal data where necessary for the purposes described in this policy with the following categories of recipients:
payment providers and merchants of record, including Paddle, app stores, marketplaces, fraud prevention, chargeback, and invoicing providers
hosting, infrastructure, database, analytics, logging, and technical service providers that help operate the Services
AI technology providers used to deliver AI features and improve service reliability
email, communications, and support providers used to respond to enquiries and provide support
external community platforms, such as Discord, where you choose to use them
professional advisers such as lawyers, accountants, auditors, insurers, and banks
regulators, law enforcement, courts, and public authorities where required or permitted by law
buyers, investors, lenders, advisers, or successor organisations in connection with an investment, merger, acquisition, restructuring, or sale of all or part of our business or assets
We may also use information available through third-party platforms where relevant to support, safety, moderation, disputes, fraud prevention, or improving the Services. - International transfers
Some of our suppliers and service providers, including payment providers, platforms, marketplaces, AI technology providers, and other third parties, may process personal data outside the United Kingdom.
Where personal data is processed internationally, we take steps to ensure appropriate safeguards are in place where required by law. These may include adequacy regulations, approved contractual protections, or other lawful transfer mechanisms recognised under United Kingdom data protection law. - Data security
We use appropriate technical and organisational measures designed to protect personal data against accidental or unlawful loss, misuse, alteration, unauthorised disclosure, or unauthorised access.
These measures may include access controls, authentication, encryption where appropriate, logging, monitoring, backups, supplier controls, and incident response procedures.
No online service is completely secure. You should use a strong password, keep your login details confidential.
We will comply with applicable legal obligations in relation to personal data breaches. - Data retention
We keep personal data only for as long as reasonably necessary for the purposes described in this policy, including to provide the Services, comply with legal obligations, resolve disputes, maintain security, and support legitimate business needs.
Different data types are retained for different periods depending on use and legal requirements. We may retain data longer where reasonably necessary for investigations, fraud prevention, safety, or legal claims.
When no longer needed, we delete, anonymise, or securely restrict further use.
If you request deletion of personal data, this may require closure of your account and loss of access to the Services. - Your legal rights
Under data protection law, you may have rights including:
access to the personal data we hold about you
correction of inaccurate or incomplete personal data
deletion of personal data in certain circumstances
restriction of processing in certain circumstances
objection to certain processing, including direct marketing
data portability in certain circumstances
withdrawal of consent where we rely on consent
review of certain significant automated decisions, where applicable
To exercise your rights, contact [email protected].
We may need to verify your identity before responding. We will respond in accordance with applicable law.
Some rights are subject to legal exceptions, and we may not always be able to comply in full.
We may refuse requests where permitted by law. - Children and age restriction
The Services are intended only for users aged 18 or over.
We do not knowingly allow anyone under 18 to create accounts or use the Services.
If we become aware that someone under 18 has used the Services, we may close the account, restrict access, delete relevant data, and take any other steps required by law. - Third-party links and platforms
The Services may include links to third-party websites, stores, platforms, apps, payment pages, community channels, or integrations.
We do not control third-party services or their privacy practices. When you use a third-party service, its own terms and privacy notice may apply. - Complaints
If you have concerns about how we use personal data, please contact us first at [email protected].
You also have the right to complain to the United Kingdom Information Commissioner’s Office (ICO). - Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in law, technology, our Services, suppliers, or data practices.
If we make material changes, we may notify you by email, through the Services, or on our website. - Contact
For privacy questions, rights requests, complaints, or concerns, contact:
Infinity Fiction Limited
Email: [email protected]
