Privacy Policy

LudoKit (by Butterscotch Shenanigans) is a privacy-conscious project. We know that you're trusting us with your personal information as well as potentially-secret data from your games, and we'll do our best to warrant that trust.

Privacy Principles

We operate LudoKit ("the Service") under the following Privacy Principles:

  • Transparency. We'll do our best to tell you what data we're collecting and what we're using it for.
  • Minimal Data. We'll only obtain and store data when such data is needed for us to provide services to you.
  • Minimal Access. The LudoKit team will be able to access your data, but we'll only do so when necessary to operate LudoKit or to provide support to you. Similarly, we'll only use external data processors that abide by the same principle.
  • Private Ownership. Your data isn't our data. The service we provide to you is giving you a place to store certain kinds of data along with features to make that data useful for you. We won't sell your data, and will only share it under narrow circumstances.

Changes

We'll need to periodically update this Privacy Policy to accommodate changes to LudoKit and changes to legal frameworks related to privacy.

  • Version 0.1.0 (Sept 10, 2025). Initial draft.

Children Under 13 to 16

LudoKit is offered and made available only to users meeting the minimum legal age to provide their own consent (e.g., at least 13 years of age in the US and at least 13 to 16 years of age in the EU, depending on the country). If you do not meet the minimum legal age please discontinue using the Service immediately, or if for any reason you do not agree with all of the terms and conditions contained in this Agreement please discontinue using the Service immediately.

By using or attempting to use the Service, you certify that you are at least the minimum age and meet any other eligibility requirements of the Service. If you are found to be under the minimum age, your account may be terminated without notice. Please contact us at privacy@ludokit.com if you believe your child has information stored on our Services.

Deletion and Retention

Data that has been deleted, either by you or by our automated systems, will be fully purged from all of our systems (including our backups) within 90 days of the original deletion request.

Why don't we delete that data instantly?

  • LudoKit stores important data on your behalf. In some cases it makes sense to give you a grace period to recover something you've deleted before we permanently, irrecoverably, delete it.
  • LudoKit stores data that its users depend on, and backups are an essential way to ensure we don't lose that data if something bad happens. Backups need to exist long enough that we have time to realize that something has gone wrong and then go through a recovery process. But removing specific data from backups isn't practical due to how they are managed and stored.
  • LudoKit stores technical logs and audit trails related to access and usage of its services. We need these for security, billing, to understand how LudoKit is being used, to provide support, and to help track down service outages and other issues. Like with backups, removing specific data from logs often isn't practical.

Throughout this document, when we refer to data being "deleted" we mean that it will be fully removed from our system, and any of our external Data Processor's systems, within our 90 day retention window.

Data Processors

We rely on trusted external parties to process and store data, as well as to perform certain operations like sending emails. These services only use your data on behalf of LudoKit, have limited ability to see such data without our permission, and are bound by their own strict privacy policies.

We select external parties who we believe are also respectful of your data as they process it on our behalf, however we cannot make any guarantees about what these external parties are doing.

These external parties include:

  • Fly.io hosts our main application servers. As such they have access to network data going into and out of LudoKit servers. This data is encrypted using TLS, so they have limited access to the contents of this data (in particular they can access your I.P. Address).
  • MongoDB Atlas hosts most of the text data that you store in LudoKit.
  • Cloudflare hosts certain kinds of data that you upload to LudoKit, including images and other files, and may perform some other tasks on LudoKit's behalf.
  • Sparkpost (now a part of Bird.com) sends emails on our behalf, including any emails sent by LudoKit to any of your addresses. Sparkpost also sends certain kinds of data back to LudoKit, such as notifications that messages sent to your email address were marked as spam, or bounced, or ran into other kinds of errors. We may also enable click- or open-tracking in the emails we send through Sparkpost, which we will only use (1) in the aggregate to allow us to discover issues, and (2) to automate tasks on your behalf (such as auto-removal from our newsletter for recipients who do not open it).
  • Google Workspace provides email and other services to LudoKit staff, so if you send an email to a LudoKit address it will ultimately be stored and managed there.

Your Data and what we do with it

We do not sell your Data

We use your data to provide services to you, and we will not sell it to anyone.

We only share your Data when we must

We only share your data with external parties under two scenarios:

  1. With trusted Data Processors when we need them to store or perform a task on your data on LudoKit's behalf.
  2. With governmental agencies when required by law.

We only view your Data when we must

All Data managed by LudoKit is technically viewable by LudoKit staff. That is necessary for us to provide support to you, for us to evaluate security issues and Code of Conduct violations, and for us to diagnose general issues with LudoKit.

We make the following commitments:

  • LudoKit will use strict access controls for staff, so that any given staff member will only have access to specific Data if that access is necessary for their role.
  • LudoKit will keep audit traces of staff access.
  • LudoKit staff will only be allowed to access LudoKit Data after they have signed internal Non-Disclosure agreements committing them to keeping anything they see secret.

Site Visitation Logs

When you visit LudoKit.com, your browser makes requests for pages, images, and other data from our servers. We log some data from those requests for security, billing, and to understand how our site and services are being used.

These logs may include your I.P. address, LudoKit User ID, timestamps, language preferences, high-level information about your operating system and browser, and some information about what you requested from LudoKit's servers.

We retain these logs for a maximum of 90 days.

Cookies

We store some information in your browser via Cookies and related technologies, to send to the LudoKit servers.

  • Your Session Token.. This is used to authenticate you when you are logged into LudoKit.
  • Policy and Site Version. We keep track of the most recent version of LudoKit and our various Policies (including this one) that you've seen, so that we can inform you when they have been updated.
  • Local Preferences. Most of your LudoKit preferences are stored remotely so that they can be accessed no matter where you are using LudoKit, but some settings options might be specific to each browser.

LudoKit Newsletter

You may sign up for the LudoKit newsletter to get announcements, previews of upcoming features, and other news.

Newsletter data is managed separately from account data and includes the email address you subscribed with plus logs about which newsletters were sent to you and if you opened them.

You can unsubscribe from the newsletter at any time, which will trigger deletion of your email address and any other newsletter-related data we've stored for you.

We may automatically unsubscribe your address if it looks like you are not opening the emails we send to you, if you mark them as spam, if you block us as a sender, or if we have deliverability problems to your address.

Note that unsubscribing from the newsletter has no impact on your LudoKit account if you have one, even if you used the same email to sign up for both.

Invitee Data

When a LudoKit users sends an Invite to a non-user, they'll do so by providing us with the Invitee's email address. We store that email address for up to 14 days, during which the Invitee can accept that Invite. After that we delete all records of that Invite.

Member Data

When you create a LudoKit account you'll be providing us with the following personal data:

  • LudoKit ID. This is a random identifier created by LudoKit when you create your account. We use this throughout LudoKit to associate data with your account.
  • Name. This could be your real name or an alias, we don't care! We'll use this when sending you any emails from LudoKit, to address you in support contexts, and we'll show this to your Organization teammates in LudoKit.
  • Email. We use email as our primary means of communicating with you about your account, and as the tool you use to prove your ownership of an account.
  • Avatar. You can optionally upload an avatar image, which will be visible throughout LudoKit.
  • Preferences. You'll be able to set a variety of preferences in your account related to how you appear in LudoKit, and how LudoKit looks and functions for you.
  • Organization Memberships. As you create and join Organizations in LudoKit, we'll keep track of those memberships and any per-Organization permissions, preferences, and settings.

Organization Data

Organizations are autonomous entities in LudoKit. Therefore, we consider a given Organization's Data to be collectively owned by all current Admins of that Organization.

Organization Admins are responsible for all Organization-related Data submitted to LudoKit, including by all non-Admin Members. All Organization Data is explicitly provided by its Admins and other Members, so we will not list it all out here.

Organization Data is private by default to non-Members. LudoKit provides role-based access to Organization Data, which can be used by Organization Admins and Managers to determine which Organization Members have the ability to see and/or update which Data.

Deleting your Data

You can delete your LudoKit account at any time by signing into LudoKit.com and scrolling to the bottom of your [/account](account details page). To prevent Organizations from becoming unreachable, before you can delete your account you'll first be asked to either delete or add Admins to any Organizations of which you are the sole Admin.

When you delete your account, the following happens:

  • Your Member Data (name, email, avatar, etc) are deleted.
  • Your associated Organization Memberships are deleted.
  • Your LudoKit User ID is added to a list of "deleted accounts" (since it is a random ID it is not personally identifiable), along with one-way hashes of your email addresses. These email hashes make it impossible for someone to determine your email address given the hash, but possible for us to restore your account if you decide to do so in the future.

However, there may be data related to things you were doing in your Organizations that will not be deleted, since that data is owned by the Organization. This includes audit logs, comments you've left, and the like. Basically any data your Organization will still need access to.

While such Data will not be deleted, it will have been anonymized to us (LudoKit) because they'll only be associated with the random User ID you were originally given. It will also have been partially anonymized to your Organizations: wherever your Name would have been shown to your Organization teammates they'll see something like "Deleted Account" and a generic avatar instead.

Deleting Organization Data

Organization Admins can delete Game Data and even the entire Organization. LudoKit might include safety mechanisms to help prevent accidental deletion (or deletion by a rogue Admin), such as requiring confirmation from multiple Admins or other two-factor approaches.

Audit trails and billing information related to an Organization may remain accessible to LudoKit staff during the retention window to ensure any security or billing issues can be resolved.

Downloading your Data

You can download your LudoKit Member Data at any time by signing into LudoKit.com and scrolling to the bottom of your [/account](account details page). This download includes all of the information we have about you, but does not include Organization Data.

Organization Data is complex. Ultimately it is all available and downloadable for Organization Admins, but not as a one-click option.

Updating your Data

You can update any Member Data that you have explicitly provided to us, such as your email addresses, name, avatar, and preferences, by logging into LudoKit.com and going to your [/account](account details page).

For security reasons, we cannot update this data for you nor bypass the requirement that you first be able to log into your own account.

Organization Admins can update any Organization and Game data.

Contact

We've made every effort to be transparent and responsible, and to provide self-service mechanisms for you to manage your Data.

However, privacy is a complicated topic with lots of nuances, so if you need to reach out to us about something not covered in this document, to dispute something, or with questions, you can contact our Data Protection Officer at privacy@ludokit.com.