Back

Privacy Policy

Last updated: March 2026

What we collect

We collect your email address when you sign in via magic link. When you play trivia games, we store your display name, game scores, answer history, streak data, and leaderboard rankings associated with your account. Guest players who join via QR code without signing in have session data stored temporarily.

How we use your data

Your data is used exclusively to operate the AI Trivia Arena service — to run trivia games, maintain leaderboards, track your stats and streaks, and manage your subscription. We do not sell your data to third parties. We do not use your content for advertising.

AI-generated questions

Trivia questions are generated by AI (Claude by Anthropic) and stored in our database. Your answers and gameplay data are not sent to any AI provider. AI is used only for question generation, not for processing user data.

Authentication

We use passwordless magic links via Resend. Your email is used only for authentication and transactional communication (sign-in links, billing receipts). We do not send marketing email without your explicit consent.

Payments

All payments are processed by Stripe. We never store your full card number or payment credentials. Stripe's privacy policy governs how they handle your payment data.

Venue play

When you play at a venue (e.g., via a QR code at a bar or restaurant), your scores appear on that venue's leaderboard. Venue operators can see aggregated stats (total players, top scores) but cannot access your email or personal information.

Data retention

We retain your account data for as long as your account is active. Leaderboard scores are retained indefinitely to maintain historical rankings. You may request deletion of your account and all associated data by emailing CEO@epicai.ai. We will process deletion requests within 14 business days.

Cookies

We use a single httpOnly session cookie for authentication. This cookie is strictly necessary for the service to function and cannot be disabled. We do not use tracking or advertising cookies.

Security

Session tokens are stored as hashed values. All traffic is served over HTTPS. We apply industry-standard security headers including CSP, HSTS, and X-Frame-Options. We do not store passwords.

Contact

For privacy questions or data deletion requests, email CEO@epicai.ai.