Privacy Policy
Last Updated: February 2026
Summary
We collect minimal data necessary to provide our AI services. Your data is encrypted, never sold, and you can delete it at any time. We comply with GDPR and CCPA regulations.
1. Data Controller Information
ai.makgamer.asia ("we", "us", "our") operates the AI platform at https://ai.makgamer.asia. For privacy concerns, please contact:
- Discord: @m.a.kofficial or @m.a.kgamer
- Discord Server: https://discord.gg/6AG26JGvJA
- Response Time: Within 72 business hours
2. Information We Collect
We collect minimal data necessary for service operation:
- Authentication Data: User ID, username, avatar, email from Discord, Google, or Twitter
- Profile Data: Bio, display name, profile picture, privacy settings
- Chat Data: Conversation history (encrypted, 30-day default retention)
- Generated Content: AI images you create (stored until deletion)
- Preferences: Theme settings, notification preferences
- Analytics: Aggregated usage data via Google Analytics (no personal identifiers)
3. How We Use Your Information
Your data is used solely to provide and improve our services:
- Authentication and account management
- Personalizing your AI companion experience
- Storing and displaying your generated content
- Processing referral rewards and premium subscriptions
- Sending service-related notifications
- Improving service quality and features
- Preventing abuse and maintaining security
4. Data Storage & Security
We implement enterprise-grade security measures:
- MongoDB Atlas with encryption-at-rest (AES-256)
- TLS 1.3+ encryption for all data in transit
- JWT authentication with short-lived tokens
- Secure, HttpOnly cookies for session management
- Regular security audits and penetration testing
- VPC peering and network isolation
- Automated backup with point-in-time recovery
5. Third-Party Services
We integrate with GDPR-compliant third-party services:
- Discord/Google/Twitter: Authentication providers
- MongoDB Atlas: Database services — Privacy Policy
- Vercel: Hosting platform (ISO 27001 certified)
- xAI: Chat AI services — Privacy Policy
- OpenAI: DALL-E image generation — Privacy Policy
- Google Cloud: Gemini AI services — Privacy Policy
- Patreon: Payment processing for premium — Privacy Policy
6. AI Data Processing
When you use our AI features, your data is processed as follows:
- Chat inputs are encrypted in transit via TLS 1.3
- AI providers process inputs ephemerally (no long-term storage by providers)
- Generated images are stored on our servers, not with AI providers
- No personal data is shared with AI providers beyond session context
- You control what content is shared publicly via gallery settings
7. Your Rights (GDPR/CCPA)
You have the following rights regarding your data:
- Right to Access: Request a copy of all stored data
- Right to Erasure: Request complete deletion of your account and data
- Right to Rectification: Correct inaccurate information
- Right to Portability: Receive data in a structured format (JSON)
- Right to Object: Opt out of certain data processing
- Right to Withdraw Consent: Revoke permissions at any time
8. Data Retention
We retain your data according to these policies:
- Account data: Until you delete your account
- Chat history: 30 days by default (configurable in settings)
- Generated images: Until manually deleted
- Session data: 7 days after logout
- Analytics data: 26 months (aggregated, no personal identifiers)
9. Cookies & Tracking
We use cookies for essential functions only:
- Session Cookie: Maintains login state (Secure, HttpOnly)
- Theme Cookie: Remembers dark/light mode preference
- Analytics: Google Analytics (anonymized IP, no cross-site tracking)
- No advertising or remarketing cookies are used
- You can disable cookies in your browser settings
10. Children's Privacy
Our service is not intended for children under 13:
- We do not knowingly collect data from children under 13
- Users must confirm they are 13+ during registration
- Accounts found to belong to minors will be terminated
- Parents may contact us to request data deletion
11. International Transfers
Your data may be transferred internationally:
- Our servers are located in the United States
- Data transfers comply with GDPR Standard Contractual Clauses
- Third-party providers maintain equivalent privacy standards
12. Policy Updates
We may update this policy periodically:
- Last Updated: February 2026
- Significant changes will be notified via Discord and email
- Continued use implies acceptance of the updated policy
- Previous versions are available upon request