Privacy Policy

Fragments (“Fragments,” “we,” “us,” or “our”) is a collaborative storytelling game delivered as a mobile application and described on this website at fragmentsgame.com. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Fragments mobile app (the “App”) or visit our website (together, the “Service”).

For privacy questions or requests, contact us at support@fragmentsgame.com or through our contact page.

Fragments lets groups build stories together in local pass-the-phone mode and, when you choose, in online multiplayer rooms. The website is for information, support, and legal notices only; gameplay happens in the App.

• Local play stores most game data on your device. You can disable saving finished stories to on-device history in the App.
• Online play (optional) uses cloud services for accounts, rooms, friends, notifications, and related features.
• AI features (optional) generate opening scenarios and optional spoken narration. Processing is described below.

Information you provide.

• Account and profile (online play). If you sign in, we collect information needed to operate your account, such as your email address (for passwordless email codes or to link Apple/Google sign-in), a public username, an optional nickname, and an optional profile photo you upload.
• Guest play. You may join some online rooms as a guest without a full account. A guest identifier and display name are stored locally on your device and associated with your participation in rooms and push notifications, if enabled.
• Story and game content. Player names, story text, reactions, room settings, invites, and related gameplay data are collected when you use online features or share a finished local story with friends. Local-only games remain on your device unless you use online or sharing features.
• Support messages. If you contact us through the website or email, we receive the information you send (such as your name, email address, and message content).
• Safety and moderation. If you report a player or content in the App, we store the report (including the subject and reason you provide) on our servers for review by the Fragments team. If you block a user, we store your block list as part of your account data.

Information collected automatically.

• Device and app data. Such as device type, operating system, app version, and general usage needed to run the App, enforce minimum version requirements, and deliver notifications.
• Push notification tokens. If you allow notifications, we store an Expo push token linked to your account or guest identifier so we can notify you about online turns and related events.
• Analytics. When enabled in our builds, we use PostHog (US-hosted) to collect anonymous product analytics, such as screens visited, feature usage events (for example, starting a local or online game), and app lifecycle events. Our analytics implementation is designed not to attach your Supabase account identity to PostHog. PostHog may also record session replays with text inputs and images masked by default.
• On-device storage. Preferences, onboarding state, cached prompts, guest profile data, and optional game history are stored using your device's local storage (AsyncStorage).

Information we do not collect for advertising. The App does not include third-party advertising SDKs, and we do not sell your personal information. The App does not offer in-app purchases or subscriptions at this time.

We use information to:

• Provide local and online gameplay, including rooms, turns, friends, and invites
• Authenticate you and maintain your profile
• Generate AI opening scenarios and optional narration when those features are enabled
• Deliver push notifications for online play
• Share local stories with friends you select, subject to expiry rules described below
• Operate the website and respond to support requests
• Measure reliability and improve the App through analytics
• Protect the Service, enforce our terms, and comply with law

When AI features are configured on our servers, story-related processing works as follows:

• Opening prompts. The App may request AI-generated scenario text based on theme metadata (for example, genre labels). Daily prompts are generated on our servers once per day and read by all users.
• Narration. If you choose to hear a story read aloud, the full story text you finished (opening plus contributions, including player labels) is sent to our servers and then to OpenAI's text-to-speech service to produce audio. Audio is returned to your device for playback and is not intended for public distribution by us.

If AI services are unavailable, the App falls back to built-in prompts and narration may be unavailable.

We do not sell your personal information. We share information only as needed to operate the Service, including with:

• Supabase — authentication, database, file storage (profile photos), realtime features, and serverless functions that power online play and AI proxy endpoints
• OpenAI — generating prompts and speech audio when you use those features
• PostHog — anonymous analytics and optional session replay, as described above
• Expo / Apple / Google — push delivery infrastructure; sign-in with Apple or Google when you choose those options (subject to their policies)
• Form providers — if we configure a hosted contact form (for example, Formspree), messages you submit on the contact page are processed by that provider
• Other players — usernames are searchable for friend features; story text and display names are visible to participants in your games and, when you share, to friends you select

We may also disclose information if required by law, to protect rights and safety, or in connection with a merger or acquisition, with appropriate protections.

We keep information only as long as needed for the purposes above, including:

• On-device history — until you delete it in the App or uninstall the App
• Online rooms — typically up to about seven days after activity, after which rooms may be pruned
• Shared local stories — about twenty-four hours for recipients unless they save the story to their on-device history
• Account data — while your account is active and for a reasonable period afterward for backups, security, and legal compliance. If you delete your account in the App (Profile Settings), we permanently remove your authentication record, profile, friends, and associated online data, except where we must retain information for legal compliance or brief backups
• Analytics — according to PostHog's retention settings for our project

Depending on where you live, you may have rights to access, correct, delete, or export personal information, object to certain processing, or withdraw consent where processing is consent-based.

• Turn off game history saving, clear on-device history, and manage notification permissions in your device settings
• Sign out of your account in the App
• Remove your profile photo in account settings
• Delete your online account in the App under Profile Settings → Delete account. This permanently removes your authentication record, profile, friends, and associated online data from our systems (no email required)
• Report players or content and block users in the App (Settings → Safety & reporting, or from player menus). Reports are stored for review by the Fragments team; your block list is managed in the App and removes friendships and prevents friend requests from blocked users
• Decline analytics by using builds or configurations where analytics is not enabled (analytics requires a configured key in the App build)

To request access to or correction of online account data, or for help with deletion in edge cases or data questions, email support@fragmentsgame.com from the address associated with your account. We may need to verify your request. If you are in the European Economic Area, UK, or certain US states, you may have additional rights under applicable law; we will honor those as required.

Fragments is not directed at children under 13, and we do not knowingly collect personal information from children under 13 without appropriate parental consent. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

We use reasonable technical and organizational measures designed to protect information, including access controls on cloud data and server-side storage of sensitive API keys. No method of transmission or storage is completely secure.

We and our service providers may process information in the United States and other countries where they operate. If you use the Service from outside the United States, your information may be transferred to jurisdictions that may have different data protection laws than your own.

The Service may link to app stores or third-party sites. Their privacy practices are governed by their own policies, not this one.

We may update this Privacy Policy from time to time. The “Last updated” date at the top shows when it was last revised. Material changes may be communicated in the App or on this page. Continued use after an update means you accept the revised policy, to the extent permitted by law.

Please also read our Terms of Service, which govern your use of Fragments.