← Back

Privacy Policy

Last updated: March 2026

This Privacy Policy explains how Farseek ("we", "us", "our") collects, uses, and protects your personal data when you use our service. We take your privacy seriously and only collect what we need to provide the product.

1. What We Collect

We collect the following information when you use Farseek:

  • Account data: your email address, used for authentication and service communications.
  • Deck data: the decklists, strategies, and notes you create or import.
  • Usage data: AI interaction counts, token usage, card searches, mana credit consumption, and feature interactions — used to provide the service and calculate billing. We do not store the content of your chat messages server-side.
  • Payment data: handled by Stripe. We do not store your card details. We receive limited billing information (plan type, payment status) from Stripe.
  • Technical data: IP address, browser type, device type, and access logs — collected automatically for security and performance monitoring.

2. How We Use Your Data

  • To provide, operate, and improve the Farseek service
  • To authenticate your account and keep it secure
  • To process AI requests on your behalf (your deck and chat messages are sent to our AI provider to generate responses)
  • To calculate and enforce mana credit usage and billing
  • To send transactional emails (account verification, billing receipts)
  • To detect and prevent fraud or abuse

We do not sell your data. We do not use your decklists or chat history to train AI models.

3. AI Processing

When you use AI features, your deck contents and chat messages are transmitted to Anthropic (our AI provider) to generate responses. Anthropic processes this data under their own privacy policy and does not use API data to train their models. We recommend you do not include personal information unrelated to deckbuilding in your chat messages.

4. Data Storage

Your data is stored on Supabase-managed infrastructure in the EU (Stockholm, Sweden). We apply industry-standard security measures including encryption in transit (TLS) and at rest.

5. Third-Party Services

We use the following third-party services to operate Farseek:

  • Supabase — database and authentication
  • Anthropic — AI language model processing
  • Stripe — payment processing
  • Vercel — hosting and edge functions

6. Cookies

We use essential cookies to maintain your session and authentication state. See our Cookie Policy for full details.

7. Data Retention

We retain your account and deck data for as long as your account is active. If you delete your account, your personal data and decklists are permanently deleted within 30 days. Anonymised usage data may be retained for longer for analytics purposes.

8. Your Rights

Under GDPR you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Data portability (export your decklists)
  • Withdraw consent at any time where processing is based on consent
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, contact us at privacy@farseek.io. We will respond within 30 days.

9. Children's Privacy

Farseek is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. GDPR — EEA Users

Data controller: Farseek is the data controller for personal data collected through the service. You can reach us at privacy@farseek.io.

Legal basis for processing:

  • Contract performance — processing your account data, deck data, and mana usage is necessary to provide the service you signed up for.
  • Legitimate interests — processing technical data (IP address, logs) to maintain security and prevent abuse.
  • Legal obligation — retaining billing records as required by applicable law.

International data transfers: Some of our service providers (Anthropic, Vercel) are based in the United States. Where personal data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission to ensure adequate protection.

Supervisory authority: If you are based in the Netherlands and have concerns about how we handle your data, you have the right to lodge a complaint with the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or in-app notice. Continued use of Farseek after changes take effect constitutes acceptance of the revised policy.

12. Contact

Questions or concerns about your privacy? Contact us at privacy@farseek.io.