We collect almost nothing.
Last updated: January 2026
The whole point of GamifiedDeals is dopamine, not data. Below is exactly what we collect, why, and what we will never do with it.
1. What we collect
Only what makes the games work: your email (via Clerk), your username and avatar (from Clerk), gameplay events (which campaign you played and what you won), the reward codes in your wallet, and your XP/level/streak. We do not collect your address, phone, or payment data — we don't process payments.
2. How we use it
We use your data to (a) run your account, (b) award XP and badges, (c) deliver reward codes, (d) show merchants aggregated, anonymized engagement stats (no individual identification), and (e) communicate with you about wins and product updates.
3. What we never do
We never sell individual personal data. We never share your identity with merchants. We never use your data to train third-party AI models. We never enable behavioral retargeting outside of GamifiedDeals.
4. Cross-merchant identity
Your profile (XP, level, badges, username, avatar) is visible to any GamifiedDeals merchant whose game you play, and appears on public leaderboards. Your email is never shared with merchants. You can change your displayed username at any time in your profile.
5. Third parties we trust
Clerk (authentication), Supabase (database, hosted on AWS), Resend (transactional email), AWS S3 + CloudFront (asset delivery). Each is bound by their own enterprise privacy commitments. We pass them only the minimum data required to do their job.
6. Cookies & local storage
We use first-party storage for your Clerk session and for the “last route visited” experience. We do not run third-party advertising or analytics cookies. No Facebook Pixel, no Google Ads tag.
7. Your rights
You can export, correct, or delete your data at any time. Email privacy@gamifieddeals.com — we honor requests within 30 days. EU and California residents have additional GDPR / CCPA rights, also honored.
8. Data retention
Active accounts: data is retained while your account is open. Deleted accounts: all personal data is purged within 30 days; aggregated, anonymized gameplay stats may be retained for product analytics.
9. Security
Data in transit is TLS 1.2+. Data at rest is encrypted by Supabase / AWS. Authentication is handled by Clerk with industry-standard session security. Reward codes are stored encrypted at rest.
10. Changes
We'll update this page when policies change. Material changes will be emailed to active users at least 14 days before they take effect.
11. Affiliate program data
If you opt in to our affiliate program: we store your payout preference (PayPal email or Stripe Connect account id), the affiliate links you generate, the clicks on those links (with IP and user-agent for fraud review), and the conversions you earn. We share your PayPal email / Stripe account id only with PayPal / Stripe to deliver your earnings. We do NOT share affiliate identities with merchants in your network. Tax reporting (1099-K in the US for earnings > $600/yr) is handled directly with the IRS and a copy is emailed to you.
12. Blog & analytics
Our blog posts use no third-party trackers. Aggregate post views are counted server-side without identifying individual readers. Comments are not enabled.
Questions? privacy@gamifieddeals.com