WHAT WE COLLECT
AND WHY
No ad trackers, no data brokers, no selling your prompts. Here's exactly what Retrogaze stores, who it passes through on the way, and how to make it all go away.
THE SHORT VERSION
This Privacy Policy explains what Conflict Simulations LLC ("Retrogaze," "we," "us") collects when you use retrogazeai.com and the Retrogaze app (the "Service"), why we collect it, who else sees it, and what rights you have over it. It applies whether or not you have an account — you can generate sprites without signing up, and we collect less about you if you do.
Retrogaze doesn't run any third-party advertising or ad-tracking pixels (no Google Analytics, no Meta Pixel, no ad networks). The usage analytics we do run are first-party — our own server records events, nothing is sold or shared with data brokers, and no cross-site tracking cookies are set.
DATA WE ACTUALLY STORE
| Category | What it is | Why |
|---|---|---|
| Account info | Email address, hashed password (or nothing, if you sign in via Google/GitHub OAuth), account creation date. | Authentication, so you can log back in and access your history/settings. |
| Generation history | Your text descriptions, selected console/asset type/palette options, and the generated PNG images, stored per-account in private cloud storage. | So you can revisit, re-download, or build on past generations. Only visible to you (private storage bucket, access via short-lived signed URLs). |
| Reference images (if you upload one) | Held in a temporary server-side file only for the duration of that single generation request, then discarded. Not separately saved to your history. | Passed to fal.ai to guide image-to-pixel conversion for that one request. |
| Usage/product analytics | A randomly-generated session ID (stored in your browser's sessionStorage, not a persistent cookie), page views, button clicks, generation start/success/error events, and coarse device info (browser user-agent string, viewport width, whether you're on mobile). Linked to your account ID only if you're logged in when the event fires. | Understanding which features get used, catching broken flows. First-party only — never shared with ad networks or analytics resellers. |
| Payment/subscription status | Your subscription tier, LemonSqueezy customer ID and subscription ID, renewal date, and billing status (active/past-due/cancelled). We do not store your card number — LemonSqueezy handles that directly. | So the app knows what tier you're on and can enforce the right generation limits. |
| API keys (if you create any) | A hashed record of each key you generate for MCP/API access, plus the key's name and creation date. The full key value is shown to you once and not retrievable afterward. | Authenticating API/MCP requests back to your account. |
| Waitlist email (if you join it, without an account) | Just the email address you submit. | Notifying you about access/launch updates. Not linked to any other data unless you later create an account with the same address. |
| Support/feedback messages | Whatever you submit through the in-app feedback form (category + message text), tied to your account if you were logged in. | Fixing bugs, prioritizing features. |
| Error reports | If an unexpected server error occurs, a crash report may be sent to Sentry (error-monitoring), with API keys and Anthropic-format credentials automatically redacted before it leaves our server. Only active when error monitoring is configured on the deployment. | Diagnosing and fixing bugs quickly. |
We don't use your generation prompts or images to train any AI model, ours or anyone else's. We don't sell personal data, full stop.
THIRD-PARTY SERVICES WE RELY ON
Retrogaze is built on top of a small number of infrastructure providers. Each one only sees the data it needs to do its specific job:
- fal.ai — image generation Your text description, generation parameters, and reference image (if you provide one) are sent to fal.ai to produce the draft image. This is the core of how the product works — it can't function without this step. See fal.ai's own privacy policy for how they handle what's sent to them.
- Supabase — accounts, database, storage Hosts authentication, the database (profiles, generation records, subscription status, API keys), and the private storage bucket holding your generated images. See Supabase's privacy policy.
- LemonSqueezy — payments Acts as merchant of record for all paid subscriptions — handles your payment method, billing address, tax collection, and the customer billing portal directly. We receive back only your subscription tier, status, and LemonSqueezy's internal customer/subscription IDs via webhook. See LemonSqueezy's privacy policy.
- Google / GitHub — optional sign-in If you choose to sign in with Google or GitHub instead of an email/password, the OAuth flow is handled by Supabase Auth on our behalf; we receive your email address and provider account ID, nothing else from those accounts.
- Sentry — error monitoring (optional) If enabled on a given deployment, unhandled server errors are reported to Sentry for debugging, with a scrubbing step that strips API keys and credential-shaped strings before the report leaves our server.
- Email delivery (transactional only) Password resets and confirmation emails are sent via a transactional email provider from [email protected]. These are account-necessary emails, not marketing.
We don't run any advertising, marketing-analytics, or data-broker integrations (no Google Analytics, no Meta/TikTok pixels, no Mixpanel/Amplitude/Segment). If that ever changes, this page will say so before it happens, not after.
WHAT'S ACTUALLY STORED IN YOUR BROWSER
Retrogaze doesn't set third-party advertising or tracking cookies. What the app does store locally in your browser:
- Supabase auth session — keeps you logged in between visits.
- A session ID in
sessionStorage(cleared when you close the tab) — ties analytics events together for a single visit without persisting across sessions. - Saved prompt templates in
localStorage— if you save a prompt template for reuse, it's stored locally in your browser, not synced to our servers unless a future feature explicitly says so.
None of this is used for cross-site tracking or ad targeting — it's purely functional storage for making the app work.
RETENTION
Account data, generation history, and stored images are kept for as long as your account exists. Waitlist emails and feedback submissions are kept until you ask us to remove them or until they're no longer operationally useful. Payment/subscription records may be retained longer than an active account where required for accounting or tax purposes, consistent with LemonSqueezy's own retention obligations as merchant of record.
ACCESS, EXPORT, AND DELETION
You can view and download your own generation history at any time from your account. If you'd like a full export of your account data beyond what's already visible in-app, ask via the feedback form and we'll provide it.
Account deletion is self-serve and immediate. From account settings, you can permanently delete your account. When you do, here's exactly what happens, in order:
- If you solely own an organization that has other members, deletion is blocked until you transfer ownership — so we don't orphan people who share access with you.
- Every image you've generated is permanently removed from storage first.
- Your account, profile, generation history, usage records, settings, and API keys are then permanently deleted in one step. This cascades automatically and cannot be undone — there is no recovery window, no soft-delete, no "restore my account" option.
This satisfies GDPR's "right to erasure" (Article 17) and equivalent rights under other privacy laws (like the CCPA's right to delete), without needing to file a separate request — the button does what it says. If you're outside the EU/UK/California and your local law gives you a right to access, correct, or delete your personal data, we'll honor the same request the same way; reach us via the in-app feedback form.
Note that data already sent to fal.ai or LemonSqueezy as part of normal operation (e.g. billing records LemonSqueezy retains as merchant of record) is governed by their own retention policies — deleting your Retrogaze account removes everything on our side, but doesn't reach into a third party's own required records.
NOT DIRECTED AT CHILDREN UNDER 13
Retrogaze is not directed at children under 13, and we don't knowingly collect personal information from them. If you believe a child under 13 has created an account, contact us and we'll delete it.
CHANGES TO THIS POLICY & CONTACT
We may update this Privacy Policy as the product changes — new features sometimes mean new data. We'll update the date below when we do, and for anything material we'll try to flag it in the changelog too.
Questions about this policy, or a data access/export/deletion request beyond the self-serve options above, can go through the in-app feedback form, or to [email protected].
Last updated: 2026-07-05