Waters Works Technology
HomeAll gamesMonocleMonocle FAQSupportServicesShopWorkAboutAI ConsultingCase studiesContact

Monocle (iOS)

Privacy Policy

Effective date: March 21, 2026

Operator:Waters Works Technology (“we,” “us”)

Contact: privacy@watersworks.studio

App: Monocle (iOS)

This policy describes how we collect, use, share, and retain information when you use Monocle. If you do not agree, please do not use the app.

1. Summary

Monocle is a party game. Some features work entirely on your device. When you use online features (account sign-in, cloud sync, AI deck generation, or purchases validated with our servers), information is processed by us and by service providers listed below.

2. Information we collect

2.1 You provide or generate

  • Account / authentication (optional): If you create or link an account, we process identifiers and, depending on method, email address (e.g. email/password) or Sign in with Apple tokens via our authentication provider (Supabase Auth).
  • Anonymous sessions: The app may sign you in anonymously so optional sync and server features can work without a full account; Supabase stores a pseudonymous user identifier for that session.
  • AI deck prompts and outputs: When you use AI deck generation, your text prompts (and related parameters such as card count) are sent for processing. Generated deck content may be stored on your device and, if you use sync or related features, in our backend.
  • Gameplay and session data: When online features are enabled, we may sync game session summaries, scores, pack ownership, lobby/multiplayer metadata, and related gameplay records to our backend to support sync, history, and app functionality.
  • Support communications: If you email us, we retain those messages as needed to respond.

2.2 Automatically collected

  • Device / technical data: IP address, app version, basic diagnostic and security logs from our servers and providers, and identifiers required for authentication (e.g. session tokens stored securely on device per platform conventions).
  • Purchases: In-app purchases are processed by Apple. We receive transaction-related data (e.g. validated purchase records) to unlock content and sync entitlements where applicable.

2.3 On-device processing (not sent to our servers)

Certain camera, microphone, motion, and haptic features used for optional gameplay modifiers are designed to be processed on device for those modes (e.g. sentiment or motion challenges, local recording for recap where implemented). We do not use these sensor streams for advertising. If a future feature transmits such data, we will update this policy and, where required, the App Privacy label.

3. How we use information

  • Provide and improve Monocle (gameplay, sync, history, store, AI features).
  • Authenticate users and prevent abuse.
  • Validate purchases and restore entitlements.
  • Operate AI features: send prompts to OpenAI (directly from the app and/or via our Supabase backend), apply safety/moderation, and return generated content.
  • Comply with law, enforce terms, and protect rights and security.

4. AI processing and transparency

  • Model provider: Deck generation uses OpenAI services. Your prompts are transmitted to OpenAI (and may transit through our Supabase Edge Functions). OpenAI applies its own content and safety policies; output may be blocked, filtered, or refused.
  • No guaranteed accuracy: AI-generated decks are for entertainment. Content may be incorrect, repetitive, or inappropriate for your group—please use judgment, especially around children or sensitive contexts.
  • Moderation: We may run automated moderation (including OpenAI moderation or similar) on prompts or outputs to reduce abuse.

5. Service providers (subprocessors)

We use vendors that process data on our behalf:

ProviderRoleTypical data
SupabaseDatabase, authentication, realtime, file storage, serverless/API hostingAccount IDs, session tokens, synced gameplay/pack data, prompts/content for server-side AI flows, uploaded assets where applicable
OpenAIAI text generation and moderationPrompts, generated text, technical metadata
AppleApp distribution, Sign in with Apple (if used), StoreKitPurchase and account data per Apple's policies

We may add or change subprocessors with notice as required by law; the effective policy will be updated.

6. Legal bases (EEA/UK/Switzerland, if applicable)

Where GDPR applies, we rely on contract (provide the service), legitimate interests (security, fraud prevention, product improvement), and consent where required (e.g. certain optional communications or non-essential cookies on a website).

7. Retention

We retain information only as long as needed for the purposes above, unless a longer period is required by law. You may request deletion as below. Some backups may persist for a limited time before automatic purge.

8. Your rights and choices

Depending on your region, you may have rights to access, correct, delete, export, or restrict processing of your personal information, and to object to certain processing.

  • In-app account and cloud data deletion: When Supabase cloud features are enabled, you can delete your cloud account and associated server data from Settings → Cloud Sync → Delete cloud account & data. This removes your Supabase auth user and linked rows we store for sync (subject to provider propagation). It does not delete data that exists only on your device unless you clear it separately (e.g. app data or local history in the app). After deletion, the app can create a new anonymous session if you continue playing online.
  • Contact: You may also email privacy@watersworks.studio to request access, correction, or deletion; we may need to verify your request.
  • Apple purchases: Refunds and some purchase history are managed through Apple.
  • California (CPRA): California residents may request disclosure, deletion, and opt-out of sale/sharing. We do not sell personal information in the conventional sense; we use service providers as described above.

9. Children

Monocle is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it.

10. International transfers

If you are outside the United States, your information may be processed in the United States and other countries where our providers operate. We use appropriate safeguards where required (e.g. Standard Contractual Clauses).

11. Security

We use industry-standard measures (encryption in transit, access controls, least-privilege server design). No method is 100% secure.

12. Changes

We may update this policy. We will post the new version and update the effective date. Material changes may require additional notice as required by law.

13. Contact

privacy@watersworks.studio