Privacy & Data Policy
Last Revised: June 3, 2025
At Debattle.ai, your data sovereignty is a fundamental tenet of our service design. This Privacy & Data Policy (“Policy”) outlines the scope, boundaries, and framework under which data is processed, stored, and transmitted — with full alignment to applicable jurisdictional regulations including but not limited to the European Union’s General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the California Consumer Privacy Act (CCPA), and relevant global data governance standards.
This document is structured to inform users, regulators, and auditors of our data-neutral architecture and data-handling protocols.
🔐 1. Data Collection, Processing, and Transmission Framework
- 1.1 Debattle.ai does not collect, store, process, or disseminate any personally identifiable information (PII), nor do we utilize any persistent identifiers (e.g., cookies, UUIDs, device fingerprints) that could lead to user re-identification or profiling.
- 1.2 During gameplay interactions, the user’s spoken input is converted to text locally, and the resulting textual content is anonymously transmitted to a third-party AI inference engine (OpenAI API) for analysis and response generation.
- 1.3 No metadata, IP address logs, device identifiers, geolocation coordinates, session IDs, or browser fingerprints are recorded, stored, or associated with user activity.
🗃️ 2. Local Storage Utilization
-
2.1 In accordance with the principles of data minimization and session continuity, Debattle.ai uses the browser’s
native
localStorage
API to temporarily store a list of hashed question identifiers that have been used during the user’s session to prevent repetition. -
2.2 This data:
- Is strictly non-personal in nature,
- Is stored exclusively on the client-side,
- Is not accessible or transmitted to any external server, database, or third party,
- Can be purged at any time by the user by clearing their browser’s local storage.
🌍 3. Regulatory Alignment and Compliance
Debattle.ai maintains a zero-retention, zero-collection stance with respect to personal data, and adheres to the data protection by design and by default principles outlined in GDPR Article 25. In doing so, we proactively avoid the need for complex consent management and cookie banners.
Furthermore, while our current deployment operates independently of major digital platforms, our architecture is structured with forward-looking compliance in mind — including but not limited to provisions introduced by the EU Digital Markets Act (DMA) regarding platform neutrality, data access, and user autonomy.
📧 4. Contact
If you have questions, legal inquiries, or require clarification regarding this policy or our data handling practices, please contact us at debattle.ai (at) gmail.com.