Last updated: December 26, 2025

1. Introduction

Surrealdente ("we," "us," or "our") is committed to protecting the privacy of users of RPGLMS, our gamified learning management system. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile applications, web application, and related services (collectively, the "Service").

By using RPGLMS, you consent to the data practices described in this policy. If you do not agree with our policies, please do not use our Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name or display name
  • Email address
  • Profile picture (optional)
  • Authentication credentials (stored securely via third-party providers)
  • Account type (student, teacher, administrator)

2.2 Educational Data

To provide our educational services, we collect:

  • Campaign and course content you create
  • Quiz responses and assessment results
  • Progress tracking data (XP, achievements, completion rates)
  • Classroom and party membership information
  • AI-generated content and prompts

2.3 Usage Data

We automatically collect:

  • Device information (type, operating system, unique identifiers)
  • App usage patterns and feature interactions
  • Log data (access times, pages viewed, app crashes)
  • IP address and general location (country/region level)

2.4 Payment Information

We do not directly store payment card information. Subscription payments are processed by:

  • Apple App Store - for iOS app purchases
  • Google Play Store - for Android app purchases
  • RevenueCat - for cross-platform subscription management

These providers handle payment processing according to their own privacy policies. We receive only subscription status and transaction identifiers.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process your account registration and manage subscriptions
  • Enable educational features (campaigns, quizzes, progress tracking)
  • Facilitate classroom collaboration and party management
  • Generate AI-powered content based on your prompts
  • Send important service notifications and updates
  • Provide customer support
  • Analyze usage to improve our Service
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Third-Party Services

We share information with the following third-party service providers:

4.1 Authentication Providers

  • Google Sign-In: For account authentication
  • Apple Sign-In: For account authentication on iOS

4.2 Payment and Subscription

  • RevenueCat: Subscription management and analytics
  • Apple/Google: In-app purchase processing

4.3 AI Services

We use AI service providers to power content generation features. When you use AI features, your prompts and generated content may be processed by these providers. We do not share personal identifying information with AI providers beyond what is necessary for the service.

4.4 Infrastructure

  • Cloud hosting providers: For data storage and processing
  • Analytics services: For usage analysis (anonymized)

5. Children's Privacy (COPPA Compliance)

RPGLMS is designed for educational use and may be used by children under 13 in supervised classroom settings. We take children's privacy seriously:

5.1 Educational Context

  • Students under 13 may only use RPGLMS under the supervision of a teacher, parent, or guardian who creates and manages their account.
  • Teachers and school administrators act as the authorized agent for obtaining parental consent in educational settings, in accordance with COPPA's school consent exception.
  • We collect only information necessary to provide the educational service.

5.2 Parental Rights

Parents and guardians have the right to:

  • Review their child's personal information
  • Request deletion of their child's data
  • Refuse further collection of their child's information
  • Contact us at support@rpglms.com regarding their child's account

5.3 Data Minimization for Children

For student accounts, we collect minimal personal information necessary for the educational service. We do not serve targeted advertising to any users, including children.

6. Data Retention

  • Active Accounts: We retain your data while your account is active and as needed to provide services.
  • Cancelled Subscriptions: After cancellation, we retain data for 90 days to allow account reactivation, then delete non-essential data.
  • Deleted Accounts: Upon account deletion request, we remove personal data within 30 days, except where retention is required by law.
  • Educational Records: Aggregate, anonymized educational data may be retained for research and improvement purposes.

7. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of sensitive data at rest
  • Secure authentication through established providers
  • Regular security assessments and updates
  • Access controls and authentication for our systems
  • Employee training on data protection

While we strive to protect your information, no method of transmission or storage is 100% secure. Please use strong passwords and protect your account credentials.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information (subject to legal retention requirements).
  • Data Portability: Request your data in a portable format.
  • Withdraw Consent: Withdraw consent for optional data processing activities.
  • Object: Object to certain types of data processing.

To exercise these rights, contact us at support@rpglms.com. We will respond to requests within 30 days.

9. Cookies and Tracking

Our web application uses cookies and similar technologies for:

  • Essential Cookies: Required for authentication and basic functionality.
  • Analytics Cookies: Help us understand how users interact with our Service (can be disabled).

We do not use cookies for advertising or behavioral tracking. You can manage cookie preferences through your browser settings.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date at the top of this page
  • Sending email notification for significant changes

Your continued use of the Service after changes indicates acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: support@rpglms.com
  • Company: Surrealdente

For privacy-specific inquiries, please include "Privacy" in your email subject line.

Gamemaster Gus takes your privacy seriously on every quest!