Privacy Policy — MAK Cards Online

About the Service

MAK Cards Online is a web platform for working with metaphorical associative cards in individual and group formats. The service is available through two global mirrors:

app.makcards.online — primary mirror
board.journalingapp.app — alternative mirror

Sessions created on one mirror are not accessible from the other mirror.

This policy describes what data we collect, how we use it, and how we protect it.

Our Principles

Minimal data collection. We collect only what is necessary to operate the service.
Privacy by default. Work without registration, private notes visible only to you.
Temporary storage. Sessions and messages are stored for a limited time and automatically deleted.
Transparency. We openly explain how the platform works and what happens to your data.

What Data We Process

Device Identification

Cryptographic keys: On first visit, your browser generates a key pair (public and private) using the ED25519 algorithm. The private key stays in your browser and is never sent to the server.
Device identifier: The server issues a random ID to authenticate requests.
Public key fingerprint: Used to verify request authenticity.

Session Data

Session code: 6-digit code for participant connections.
Canvas state: Position and state of cards, selected deck and room.
Participants list: Names (chosen by users or random) and connection status.
Chat history: Last 100 messages in the session.

Notes

Private notes: Stored only in your browser, never synced with the server.
Public and anonymous notes: Synced with the server and visible to other session participants.

Account Data (When Authenticated)

You can optionally sign in via Google OAuth or Yandex OAuth to create a persistent account and link multiple devices.

When you authenticate, we collect and store:

Email address from OAuth provider
Display name from OAuth provider
OAuth provider type (Google or Yandex) and external ID
Avatar URL (if provided by OAuth)
Account creation date
Linked devices: List of your devices (device IDs and last seen timestamp)
Premium subscription status and expiration date (if active)
Achievement badges (Team/MOD, PRO, Contributor - if granted)
Promo code activation history
Notification history (last 50 notifications, stored for 30 days)
Pearl balance (in-platform virtual currency)
Gifts received counter
Inventory of collectible items purchased or received as gifts

OAuth tokens are encrypted and stored securely. We never receive or store your OAuth password.

Technical Data

IP address and User-Agent: Used for abuse protection and rate limiting.
WebSocket connection metadata: Timestamps, connection status.

Premium Subscriptions and Achievements

Premium status: Whether you have an active Premium subscription and its expiration date.
Achievement badges: Team (Moderator), PRO (Verified Professional), or Contributor status.
Grant history: When Premium or achievements were granted and through what method (promo code, manual grant).

Premium can be activated via promo codes or purchased with Pearls (in-platform currency).

Promo Codes

Activation history: Which promo codes you activated, when, and what benefits were granted.
Code details: For audit purposes, we store code type (Premium days, achievements) and creator.

Pearl Transactions

Transaction log: All Pearl balance changes are recorded in an immutable audit log (purchases, spending, rewards, refunds).
Transaction details: Amount, type (purchase, spend, reward, refund), description, and timestamp.
Order history: Pearl Shop purchase orders with status and package details.

Inventory and Collectible Items

Item inventory: List of collectible items you own, with quantities and gifted counts.
Gift history: Records of items gifted to session hosts.

Persistent Sessions

Saved session state: For Premium/PRO users who save sessions, we store the full canvas state (cards, notes, game pieces, collectible items) in PostgreSQL.
Session metadata: Room, deck, and configuration at time of save.

Leaderboard

Public display: Your display name, masked email, avatar (if visible), achievement badges, and Premium status may appear on the public leaderboard page.
Metrics: Gifts received count, decks created count, rooms created count, accepted invites count.

Notifications

In-app notifications: We store your last 50 notifications for 30 days.
Notification types: Promo code activations, Premium grants, achievement awards, system announcements.
Read status: Whether you've read each notification.

User-Generated Content

When you create custom decks or rooms using the editors, we store:

Uploaded images: card images, deck covers, group back images, room backgrounds, and tile patterns.
Word card text: text entries you add as word-only cards.
Metadata: deck and room names, descriptions, language versions, and configuration settings (dimensions, colors, slot positions).
Submission status: draft, private, submitted, approved, or rejected status and moderation history.

Moderation Data

Users with the "Team" achievement have access to moderation tools. We log:

Moderator actions: Promo code creation, notification sending, user lookups.
Action timestamps and affected users.
Audit trail: All moderator actions are logged for accountability.

Intellectual Property Claims Data

When processing copyright claims, we collect and store:

Formal Copyright Notices: Complainant's name, email, address, phone number; description of the copyrighted work; URL of the infringing content; legal statements; power of attorney (for RF claims)
Counter-notifications: User's name, email, address, phone number; justification; legal statements
Statements of Reasons: Moderator decisions, justifications, dates, and redress options
User Reports: Reporter's name/email and description of suspected infringement
Copyright strike history: Record of provisional and final strikes linked to your account
Rights confirmation artifacts: Timestamped records of your rights confirmations when publishing or enabling content for sessions, including IP address and user agent for evidentiary purposes

We DO NOT collect:

Browsing history and data from other sites
Content of cards you select (processed only on the client)
Content of your private notes
Payment card details (processed by third-party payment providers, not stored on our servers)

How We Use Data

Service operation: Synchronizing canvas state between participants in real-time via WebSocket.
Session management: Creating, connecting, and disconnecting participants.
Chat: Sending and receiving messages between session participants.
Authentication: Linking devices to your account, managing OAuth sessions.
Premium and achievements: Managing subscription status, displaying badges.
Notifications: Delivering in-app notifications about important events.
Promo codes: Validating and activating promotional offers.
Moderation: Enabling Team members to manage promo codes, send notifications, and review user-submitted decks and rooms.
Pearl economy: Processing Pearl purchases, tracking balances, and managing virtual item transactions.
Session persistence: Saving and restoring session states for Premium/PRO users.
Leaderboard: Displaying aggregated user statistics on the public leaderboard page.
Abuse protection: Rate limiting, blocking malicious devices.
Technical support: Troubleshooting and service improvement.
Copyright claim processing: Handling formal copyright notices, counter-notifications, and appeals.
Statements of Reasons: Creating and delivering legally required explanations of content restriction decisions (DSA Art. 17).
Data exchange in copyright proceedings: Sharing relevant complainant data with content owners during takedown, and user data with complainants during counter-notification (DMCA §512(g)(2)(B)).
Repeat infringer tracking: Maintaining a record of copyright strikes for our repeat infringer policy.

We DO NOT use data for:

Advertising or targeting
Training AI models
Selling to third parties
Spam or unsolicited marketing

Legal Basis for IP Claims Data (GDPR)

For users in the European Union, we process intellectual property claims data under the following legal bases:

Formal Copyright Notices: Legal obligation (DMCA §512, DSA Art. 16, 149-FZ Art. 15.7)
Counter-notifications: Legal obligation (DMCA §512(g))
Statements of Reasons: Legal obligation (DSA Art. 17)
Copyright strike history: Legitimate interests (platform safety, repeat infringer policy)
Rights confirmation artifacts: Legitimate interests (evidence for legal defence)
User Reports: Legitimate interests (platform safety)

Access Control for IP Claims Data

Full formal notices (including complainant PII): Team moderators and administrators only
Notice summary (without complainant PII): Content author (in takedown notification)
Counter-notifications: Team moderators and the original complainant (when forwarded)
Statements of Reasons: Content author and Team moderators
Strike history: Account owner (their own strikes) and Team moderators

Data Retention

Sessions: Automatically deleted after 24 hours of inactivity.
Chat history: Stored in Redis until session deletion (max 100 messages).
Public and anonymous notes: Deleted with the session.
Private notes: Stored only in your browser.
Devices (anonymous): Stored until you clear browser data.
Accounts (authenticated): Stored until you request deletion or account is inactive for 2+ years.
Premium subscriptions: Active subscription data + 1 year after expiration (for potential billing inquiries).
Achievements: Stored permanently unless revoked by administrators.
Promo code activations: Stored permanently for audit and anti-fraud purposes.
Notifications: Last 50 notifications, deleted after 30 days or when you delete them.
Moderator action logs: Stored permanently for accountability and audit.
Pearl transaction log: Stored permanently for financial audit and dispute resolution.
Inventory data: Stored until account deletion.
Persistent sessions: Stored until user removes them or account deletion. Unlimited retention while active.
User-generated content (decks, rooms): Stored until you delete it or account deletion. Content removed by moderation is retained for the dispute resolution period (see Copyright Policy).
Technical logs: Stored for up to 30 days for diagnostics.
Formal Copyright Notices: 3 years (limitation periods, legal compliance).
Counter-notifications: 3 years (limitation periods, legal compliance).
Statements of Reasons: 3 years (DSA Art. 17, audit trail).
Copyright strikes (final): Until expiry (12 months) plus 1 year (repeat infringer policy).
Copyright strikes (reversed): 12 months (audit trail).
Rights confirmation artifacts: Lifetime of the content plus 3 years (evidence for legal defence).
Content hash blocklist: Indefinitely (re-upload prevention).
User Reports: 1 year (moderation queue).

Data Sharing

We do not sell or share your data with third parties for advertising or marketing.

We use trusted infrastructure providers:

Hosting: VPS servers to host the platform.
CDN: Cloudflare for content delivery acceleration.
OAuth providers: Google OAuth and Yandex OAuth for optional authentication.
Payment processors: Third-party payment providers for Pearl Shop purchases (fiat payments when available).

All providers operate under privacy and data protection agreements.

Moderator access: Users with Team achievement can view limited profile data (email, Premium status, achievements) for moderation purposes only. Moderators cannot access session content or private notes.

Security

HTTPS/WSS encryption: All connections are protected with TLS.
Cryptographic request signing: Protection against forgery and replay attacks (nonce).
Rate limiting: Protection against DDoS and abuse.
Automatic deletion: Sessions and messages are deleted after retention period.
Private notes: Never leave your browser.
IP claims data: All personally identifiable information in copyright notices and counter-notifications is encrypted at rest. Access to full notice data is restricted to Team moderators and administrators. Export or download of PII from the moderation interface is prohibited. All access to notice data is logged for audit purposes.

Your Rights and Choices

Work without registration: You can use the service anonymously.
View your data: When authenticated, view your profile, Premium status, achievements, and notification history.
Manage notifications: View and delete notifications in your profile.
Disconnect OAuth: Unlink your Google or Yandex account (keeps device access but removes account sync).
Delete browser data: Clear localStorage and cookies in your browser to remove device keys.
Account deletion: Email us at support@journalingapp.app to delete your account and all associated data (Premium, achievements, promo history).
Data access and export: Request a copy of your data, including Premium history and promo code activations.
Leave session: Close the tab or leave the session — your private data stays in the browser.

Cookies and Local Storage

We do not use cookies for tracking or advertising.

We use browser localStorage to store:

Your device's cryptographic keys
Interface settings (language, panel sizes)
Your private notes

This data stays only in your browser and can be cleared in browser settings.

Children

The service is intended for users aged 13 and older. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us for removal.

International Data Transfers

We host the service in two regions:

Global service: app.makcards.online and board.journalingapp.app (using Cloudflare CDN)
Russian server: hosted in Russia for local compliance

Data is processed in accordance with applicable data protection laws.

Changes to This Policy

We may update this Privacy Policy as the service evolves. We will post changes on this page and update the "Last updated" date.

For material changes, we will notify you through the platform interface.

Contact

If you have questions about this Privacy Policy or want to exercise your rights, contact us:

Email: support@journalingapp.app