Aegis DM Toolkit ("we", "our", or "us") is committed to protecting your privacy. This policy explains how we handle your information when you use our TTRPG tools and related services.
1. Information We Collect (Cloud vs. Local)
Account Data: We collect your email address via Firebase to manage your account and subscription.
Text Data (Cloud): We securely store your written text—such as campaign notes, character sheets, and statblocks—in our cloud database so you can access them across devices.
Media Data (Local-First with Session Sharing): Your original, full-resolution media files (battlemaps, token art, soundboard audio) are stored locally on your device's browser (via IndexedDB). When you use real-time multiplayer features (VTT, TV Display, Player Companion), the Service creates temporary, compressed, lower-resolution copies of your images and transmits them through our cloud database so that session participants can view the active game board. These compressed copies are session data only — they are overwritten each time you load new content, are not indexed or searchable, and are only accessible to users with your session link.
Payment Data: Subscription payments are processed securely by Stripe. We never see or store your full credit card information.
Affiliate Data: If you click an Amazon affiliate link on our site, Amazon may use cookies to track the referral for commission purposes.
2. Analytics & Cookies
We use Google Analytics to collect anonymous usage data such as page views, feature usage, browser type, and general location (country/region). This helps us understand how the toolkit is used so we can improve it.
Consent Required: Analytics cookies are only set after you click "Accept" on our cookie consent banner. If you decline, no analytics data is collected.
What We Track: Page views, tab navigation, TTRPG system selection, and general engagement metrics. We do not track keystrokes, form inputs, or personal content.
What We Don't Track: We do not use Google AdSense, behavioral advertising cookies, or retargeting pixels. We do not sell your personal information to third parties.
Opting Out: You can withdraw consent at any time by clearing your browser's local storage for this site, which will re-display the consent banner on your next visit. You can also use the Google Analytics Opt-Out Browser Add-on.
Other cookies used by the site:
Local Storage: We use your browser's local storage (not cookies) to save your preferences, workspace layout, and session state. This data never leaves your device.
Firebase Authentication: Firebase sets session cookies to keep you logged in.
3. How We Share Your Information
We only share data with essential service providers necessary to run the site:
Firebase (Google): For secure database hosting and authentication.
Google Analytics (Google): For anonymous usage analytics (only with your consent).
Google reCAPTCHA: We use reCAPTCHA to protect the Service from fraud and abuse. This service may collect hardware and software information to perform bot-detection checks.
Stripe: For secure payment processing.
Amazon Associates: For processing referral links to TTRPG gear.
4. Data Security & Retention
We use industry-standard encryption to protect your account. We retain your cloud text data as long as your account is active. If you wish to delete your account, you can do so in your settings, and your personal data will be removed from our active database within 30 days. Because your media files are stored locally on your device, you maintain complete control over their deletion at all times.
5. Your Rights
Regardless of where you live, you have the right to:
Access the personal data we hold about you.
Correct any inaccurate information.
Delete your account and associated data.
Withdraw consent for analytics tracking at any time.
Opt out of any data collection that is not essential to the service.
For EU/UK residents (GDPR): You have additional rights including data portability and the right to lodge a complaint with your local data protection authority.
For California residents (CCPA): You have the right to know what personal information is collected, request its deletion, and opt out of any sale of personal information. We do not sell personal information.
To exercise any of these rights, contact us at the email below.
6. Children's Privacy
The Service is not intended for children under 13. We do not knowingly collect information from children under 13. If we learn we have done so, we will delete it immediately.
7. Session Data & Compressed Media
When a DM shares a map or prop with players during a live session, a compressed, lower-resolution copy of the image is temporarily stored in our cloud database (Firebase Firestore) as encoded session data. This data:
Is only accessible to authenticated users with the session link.
Is overwritten each time new content is loaded (maps are replaced, not accumulated).
Is not indexed by search engines, not publicly browsable, and not used for any purpose other than real-time session delivery.
Is stored as base64-encoded text within the session document, not as standalone files on a file server.
We do not review, moderate, or monitor the content of session media. We do not sell, license, or redistribute session data.
8. DMCA & Copyright Requests
If you believe that content transmitted through the Service infringes your copyright, you may submit a DMCA takedown notice to aegisdmtoolkit@gmail.com. Your notice must identify the copyrighted work, the infringing material, and your contact information. Upon receiving a valid notice, we will promptly remove or disable access to the identified content. For locally stored media that never reaches our servers, you must contact the user directly or the platform hosting any stream (e.g., Discord, Twitch, YouTube).
9. Contact Us
If you have questions about this Privacy Policy, please contact us at:
Email: aegisdmtoolkit@gmail.com
We use cookies and Google Analytics to understand how visitors use the Aegis DM Toolkit. No personal data is sold. See our Privacy Policy.