Privacy Policy

Last Updated: May 20, 2026

Overview

Fantasy World Vision Generator ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise handle your information when you use our website and related services (the "Services").

1. Information We Collect

User Account Information

When you register for an account, we collect:

  • Email Address — Used for account identification and password recovery
  • Password — Hashed and encrypted for security
  • User Name — Your display name for the service

Session Data

We collect and store:

  • Session Cookies — To keep you logged in and identify your requests
  • Traffic Logs — Including IP addresses, timestamps, and routes accessed
  • User Actions — Pages visited, world/burg/state viewed, interact actions

Communication Data

If you use password reset or account confirmation features:

  • Email Content — Reset tokens and confirmation links sent to your email
  • SMTP Logs — Server logs recording email send/receive events

2. How We Use Your Information

  • Account Management — Creating and maintaining your user account
  • Authentication — Logging you in and keeping your session active
  • Password Recovery — Sending password reset emails when requested
  • Email Confirmation — Verifying your email address during registration
  • Service Improvement — Analyzing traffic patterns and user behavior to improve performance
  • Security — Detecting and preventing fraudulent activity
  • Legal Compliance — Meeting regulatory and legal obligations

3. Third-Party Services

External Maps

We integrate with Howling Sails Fantasy World Map (https://worlds.howlingsails.com/) to display interactive world maps. When you access map features, your browser directly communicates with that service, which may collect its own data. Please review their privacy policy.

SMTP Email Provider

Password reset and email confirmation messages are sent via Howling Sails SMTP Server (smtp.howlingsails.com). Your email address is transmitted to this service solely for sending reset tokens and confirmation links. We do not retain copies of emails in other systems.

React Interactive Components

Our interactive story display usesReact.js and related JavaScript libraries. These client-side components process data locally in your browser. No story data is sent to external analytics services.

4. Cookies and Session Storage

  • Session Cookie — Stores your login token; expires when you close your browser
  • CSRF Token — Protects against cross-site request forgery attacks
  • Traffic Session ID — Anonymous identifier for counting unique visitors

You can disable cookies in your browser settings, but this may limit your ability to use the Services.

5. Data Retention

  • User Accounts — Retained as long as your account is active. You may request deletion.
  • Session Data & Traffic Logs — Retained for up to 30 days for security and analytics purposes
  • Email Addresses — Retained for account access; deleted if account is deleted
  • Password Reset Tokens — Expire after 24 hours

6. Data Security

We implement industry-standard security measures to protect your information:

  • Passwords are hashed using werkzeug.security (not stored in plaintext)
  • Tokens are generated using Python's secrets module (cryptographically secure)
  • HTTPS encryption protects data in transit (on production servers)
  • Database access is restricted to authorized systems only

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights and Choices

  • Access — You may request access to your stored personal data
  • Correction — You may update your email address or user name in your account settings
  • Deletion — You may request deletion of your account and associated data
  • Opt-Out — You may unsubscribe from password reset and account confirmation emails (though you will need these for account recovery)

8. Children's Privacy

The Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information and terminate the child's account.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time as we improve our Services or respond to legal requirements. We will notify you of material changes by updating the "Last Updated" date at the top of this page. Continued use of the Services after such modifications constitutes your acceptance of the updated Privacy Policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Email: fantasy_world_visions_generator@howlingsails.com
Web: https://fantasyworlds.cap10.tech