Privacy Policy

The short version

• No accounts, no email, no password — nothing identifying you personally.
• Your chat content stays in your browser. It never leaves your device unless you choose to share an export.
• We compute a non-reversible device fingerprint to enforce the 3-exports-per-day limit. That's it.
• We log anonymous product events (e.g. "export started") so we can fix bugs and tune the funnel.
• We use Google Analytics for aggregate pageview / traffic metrics, plus Cloudflare's built-in server-side request logs for security and capacity monitoring.
• We show ads via Adsterra on some pages — never inside the editor.

What we collect

Device fingerprint hash.When you export an MP4, your browser computes a fingerprint (a hash derived from your browser's rendering characteristics) using the open-source ThumbmarkJS library. We store this hash + today's date in our quota database. We never store the fingerprint alongside any identifying information (IP, name, email — we don't have those). The hash is automatically deleted after 30 days.

Analytics events. We log when key actions happen — for example: paste_imported, export_started, export_completed, template_opened, cap_hit. Each event includes the page path, the platform skin selected (e.g. WhatsApp), and the truncated fingerprint hash. No event includes the content of your chat or any personal data. Events are stored in Cloudflare Analytics Engine for 90 days, then automatically purged.

Standard request metadata.Like every website, Cloudflare (our hosting provider) logs IP addresses and user-agent strings for security purposes. We don't access these logs unless investigating abuse. Cloudflare deletes them after a few days.

What we don't collect

• Your name, email, phone number, or any account credentials.
• The text of your chat conversations. They live in your browser's IndexedDB only.
• The exported MP4 files. They download directly to your device.
• Images you upload as message attachments — they're embedded as data URLs in your local scene, never transmitted to us.
• Any custom tracking pixels, browser fingerprints (beyond the export-quota hash above), or cross-site identifiers from our own server-side code.

Cookies

DramaTexts itself sets a single cookie, only on the /admin/* routes, used for the administrator login. Public pages set no DramaTexts cookies. Cloudflare may set its own security cookies (e.g. __cf_bm) to detect bot traffic — these are required for the site to function and are outside our control.

Google Analytics sets cookies (typically _ga and _ga_*) to count unique visitors and measure how people move through the site. These are first-party cookies — they expire after about 2 years. We've enabled IP anonymization, so Google doesn't see your full IP address. You can opt out using the official Google Analytics opt-out browser add-on or any standard adblocker.

Our ad partner (Adsterra) may set cookies to measure ad impressions and clicks. See the Third-party services section below.

Third-party services

Cloudflarehosts the site (Workers + D1 + Analytics Engine) and logs server-side request metadata (IP, user-agent, timing) for security and capacity monitoring. Cloudflare's privacy policy applies to anything they log on our behalf: cloudflare.com/privacypolicy.

Google Analytics (GA4) measures aggregate pageviews, traffic sources, and product funnels on all public pages (not on /admin/*). IP addresses are anonymized server-side by Google before processing. Data Google sees includes the URL of the page you visit, your approximate location (country / region), browser, OS, referrer, and the cookie identifiers above. See: policies.google.com/privacy.

Adsterra serves ads on the homepage, template gallery, template detail pages, and the cap-reached page (never in the editor). Adsterra may set cookies and use third-party trackers to deliver and measure ads. See: adsterra.com/privacy-policy. We have no control over the specific ads shown or the tracking Adsterra performs.

ThumbmarkJS is an open-source library that runs entirely in your browser to compute the device fingerprint hash. It does not call any external service.

Your rights

Because we don't collect personal data, most data-protection requests don't apply. You can:

• Reset your quotaby clearing your browser's site data — the new fingerprint will get a fresh 3-exports-per-day budget.
• Erase local data by clearing IndexedDB for dramatexts.com. This removes your in-progress scene.
• Block ads using any standard ad blocker — the editor itself is ad-free and works fully without ads.

If you live in the EU/UK and want us to delete any data we hold, contact us at the email below. Note that the data we hold is a fingerprint hash with no name attached, so we'd typically need the hash itself to find your record.

Children

DramaTexts isn't designed for users under 13. We don't knowingly collect data from children. If you're a parent or guardian and believe your child has used the service, contact us and we'll help remove any traces — though as noted above, there's typically no personally identifying record to remove.

Changes to this policy

If we change this policy materially, we'll update the "Last updated" date at the top. Since we don't have your email, we can't notify you directly — please check back periodically if it matters to you.

Contact

Questions, deletion requests, or anything else: admin@dramatexts.com.