Log inJoin Free

Privacy Policy

Last updated: April 18, 2026

1. Introduction

The Guide Forge ("Platform", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your rights regarding your data.

By using the Platform, you consent to the data practices described in this policy.

2. Data We Collect

We collect the following categories of personal data:

Account Information

  • Name, username, and email address
  • Password (hashed — we never store plaintext passwords)
  • Profile picture and bio
  • Account role (gamer or creator)
  • Date of account creation

Purchase & Transaction Data

  • Token purchase history and amounts
  • Guide purchase records
  • Subscription history
  • Cashout requests and payout records (creators)
  • Token ledger entries (credits, debits, balances)

Usage & Analytics Data

  • Scroll depth and reading progress on guides (scroll heatmap analytics)
  • Guide view counts and preview session tracking
  • Section completion and guide progress data
  • XP, level, and streak data (gamer and creator tracks)
  • Badge and achievement records
  • Block-level feedback (helpful/unhelpful votes)

Bug Reports & Support Data

  • Bug reports you submit, including the description of the issue, steps to reproduce it, the page URL where the bug occurred, your browser and operating system information, your screen resolution, and any screenshot you choose to attach. This information is used solely to diagnose and fix platform issues.

Platform Usage Events

  • Platform engagement data including guide reading progress, section completion checkmarks, tutorial tour completion steps, and feature interaction events. This data is used to improve the platform experience and is not shared with third parties.

Technical Data

  • IP address and browser user agent (collected by our infrastructure providers and in bug reports)
  • Device type and screen resolution (for responsive rendering)
  • Appearance, theme, and cosmetic preferences

3. How We Use Your Data

We use the data we collect to:

  • Operate the Platform: Authenticate users, process purchases, manage subscriptions, and deliver guide content.
  • Provide analytics: Show creators insights about guide performance, including view counts, drop-off rates, scroll heatmaps, and section feedback.
  • Power the leveling system: Calculate XP, levels, streaks, and badges based on user activity.
  • Send notifications: Email notifications for account activity, purchase confirmations, subscription changes, and platform announcements.
  • Prevent fraud: Detect and prevent fraudulent transactions, token manipulation, and platform abuse through our anomaly detection system.
  • Improve the Platform: Analyze aggregate usage patterns to improve features and user experience.

4. Third-Party Services

We use the following third-party services that may receive your data:

Supabase

Database hosting and authentication. Stores all account data, content, and transaction records. Supabase processes data in accordance with their privacy policy.

Stripe

Payment processing. Receives your name, email, and payment method details when you purchase tokens. Stripe Connect is used for creator payouts. Stripe is PCI-DSS compliant and we never store your full card details on our servers.

Resend

Email delivery. Receives your email address to send transactional emails such as verification emails, purchase receipts, and platform notifications.

Google AdSense

Advertising network (pending approval). Once enabled, AdSense may collect browsing data, IP address, and device information through ads displayed on the Platform. AdSense uses cookies and tracking technologies subject to Google's privacy policy. See Google's privacy policy.

Reddit Pixel & Conversions API

Conversion tracking for Reddit advertising. The Reddit Pixel loads a small browser script that records conversion events (page views, sign-ups, purchases). In addition, the Reddit Conversions API sends hashed identifiers (such as a hashed email) from our servers to attribute conversions. See Reddit's privacy policy.

Anthropic (Claude)

AI services. Guide content and user-submitted text may be processed by Anthropic's Claude models for content moderation, the AI writing assistant, and related features. No personally identifiable information is sent to Anthropic beyond what is contained in the guide content or prompt itself.

Cloudflare R2

Encrypted storage for automated database backups. Backups are retained for 30 days in R2 and then permanently deleted. Backups contain account and content data as it existed at the time of the snapshot.

Discord

OAuth authentication. If you sign in with Discord, we receive your Discord user ID, username, email, and avatar from Discord's API. We do not access your Discord messages or server memberships.

Sentry

Error monitoring and performance tracking. Sentry receives error messages, stack traces, page URLs, anonymized user IDs, and browser and OS information when errors occur. We do not send personally identifiable information such as email addresses or guide content to Sentry. See Sentry's privacy policy.

Vercel

Application hosting and content delivery. All web traffic passes through Vercel's infrastructure as part of normal hosting operations. This includes IP addresses, request headers, and page URLs. See Vercel's privacy policy.

5. Data Retention

We retain your personal data for as long as your account is active and as needed to provide you services. When you delete your account:

  • 48-hour grace period. Account deletion requests are queued for 48 hours. During this window you may sign back in to cancel the deletion and restore your account. After the grace period elapses, deletion is processed automatically by our scheduled job.
  • Account data (name, email, profile) is anonymized or removed once the grace period elapses.
  • Published guide content is removed from the Platform immediately when the account is deleted, though cached copies may persist briefly.
  • Transaction records (purchases, cashouts, token ledger entries) are retained for 7 years for tax, accounting, and legal compliance purposes, but are anonymized so they are no longer linked to your identity.
  • Analytics data (scroll heatmaps, view counts) is anonymized and retained in aggregate form for platform improvement.
  • Database backups are stored encrypted on Cloudflare R2 for 30 days before permanent deletion. Your data may continue to appear in those backups for up to 30 days after your account is deleted, after which backups containing it are overwritten and destroyed.

6. Your Rights

You have the right to:

  • Access: Request a copy of all personal data we hold about you.
  • Export: Request a machine-readable export of your data.
  • Correction: Request correction of inaccurate personal data.
  • Deletion: Request deletion of your account and personal data, subject to the retention periods described above.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Objection: Object to processing of your data for specific purposes.

To exercise any of these rights, contact us at privacy@theguideforge.com. We will respond to all requests within 30 days.

7. Cookies

The Guide Forge uses cookies and similar technologies for the following purposes:

  • Essential cookies: Required for authentication, session management, and security. These cannot be disabled.
  • Preference cookies: Store your theme, appearance, and color configuration settings.
  • Analytics cookies: Help us understand how users interact with the Platform (scroll tracking, page views).
  • Advertising cookies: Once Google AdSense is approved and enabled, AdSense cookies may be set to deliver and measure ads. You may opt out of personalized advertising via Google's Ads Settings or browser-level controls.
  • Reddit Pixel cookies: The Reddit Pixel sets a small number of cookies to deduplicate conversion events and measure the performance of Reddit advertising campaigns.

8. GDPR Rights (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal basis for processing: We process your data based on contractual necessity (to provide the Platform), legitimate interest (analytics, fraud prevention), and consent (advertising cookies, the Reddit Pixel, and marketing emails).
  • Right to portability: You may request your data in a structured, commonly used, machine-readable format.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: You have the right to lodge a complaint with your local data protection authority.
  • Data transfers: Your data may be transferred to and processed in the United States. We rely on standard contractual clauses and our service providers' compliance frameworks to ensure adequate protection.

For GDPR-specific requests, contact our data protection contact at privacy@theguideforge.com.

9. Children's Privacy

The Guide Forge is not directed at children under 13. We do not knowingly collect personal data from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us with personal data, please contact us at privacy@theguideforge.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or through a notice on the Platform. Your continued use of the Platform after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: