MONSTERGAMING
Privacy Policy
Last updated: April 11, 2026
The short version: We collect what we need to run the service. We anonymize interactions to improve the AI. We never sell your data. You can delete your account and data at any time.
1. What We Collect
When you use Monster Gaming, we collect:
- Account information: Name, email, company (optional), engine preference
- Usage data: API requests, token counts, timestamps, response latencies
- Interaction data: Prompts and responses sent through the API (anonymized for training)
- Payment data: Processed by Stripe. We never see or store your full card number.
2. What We Do NOT Collect
- Your game source code (unless you send it via the API)
- Personal browsing history
- Location data beyond country (derived from IP for rate limiting)
- Data from other applications on your device
3. How We Use Your Data
- Service delivery: Authenticate requests, enforce rate limits, route to AI providers
- Training improvement: Anonymized interaction data improves the AI for the game development community. You consent to this at signup. You can opt out via the portal data sharing settings.
- Billing: Track usage for metered billing on paid plans
- Communication: Service updates, security notices, billing alerts. No marketing spam.
4. Data Sharing
We share data only with:
- AI providers: Your prompts are forwarded to upstream AI providers (Anthropic, Google, etc.) to generate responses. These providers have their own privacy policies.
- Stripe: Payment processing only
- Cloudflare: CDN and DDoS protection
We do not sell data to advertisers, data brokers, or any third party.
5. Data Retention
- Account data: Retained while your account is active + 30 days after deletion
- Usage logs: Retained for 90 days, then aggregated and anonymized
- Training data: Anonymized interaction data is retained indefinitely to improve models
- Billing records: Retained for 7 years per tax requirements
6. Your Rights
- Access: View your data through the developer portal
- Export: Download your usage history and account data
- Delete: Request account deletion — we'll remove all personal data within 30 days
- Opt out: Disable training data sharing through portal settings (may limit some features)
7. Security
API keys are hashed with SHA-256 before storage. All traffic is encrypted via TLS 1.3. We use Cloudflare's edge network for DDoS protection and rate limiting. Access to production systems is restricted to authorized personnel.
8. Children
Monster Gaming is not intended for users under 16. We do not knowingly collect data from children.
9. Changes
We'll notify you of material changes via email at least 30 days in advance.
Contact
Privacy questions? Email privacy@monstergaming.ai