Política de Privacidad
Merchant's Bag
1. Who we are
This Privacy Policy describes how Stars Encoding (CNPJ 46.609.057/0001-93), the data controller, processes personal data when you use Merchant's Bag mobile app, website (merchantsbag.com), and related services (collectively, the "Service").
Contact:
Stars Encoding · CNPJ 46.609.057/0001-93
admin@merchantsbag.com ·
support@merchantsbag.com
2. Scope
This policy applies to the Service as it exists today. Some features described on our website (such as paid subscriptions, AI-assisted content generation, or push notifications) may be added in the future. When they are, we will update this policy before or when they become available.
3. Data we collect
3.1 Account and identity data
When you create or use an account, we may collect:
- Email address (email/password, Google, or Apple sign-in)
- Display name (optional; you may set or edit it in the app)
- Authentication provider type (anonymous guest, email, Google, or Apple)
- Firebase user identifier (UID)
- Account creation and last login timestamps
You may use the Service as an anonymous guest. Guest accounts receive a temporary identifier and a default display name. You may later link a guest session to a registered account.
3.2 Device and session data
On login and during use, we may collect:
- Device platform (Android, iOS, or web)
- Operating system version
- Device model or name
- App version
- Language/locale and timezone preferences
3.3 Approximate location (IP-based)
We do not access your device's GPS and we do not request location permissions on your phone or tablet. However, when you sign in or return to the app while authenticated, our backend updates your user profile and may record an approximate location derived from your network IP address at that moment.
This happens entirely on our servers (not on your device). We read the IP address from the connection to our authentication service and look it up in the open-source geoip-lite database. When a reliable match is found, we may store the following in your cloud user profile (Firebase Firestore):
- Country (ISO country code, when available)
- Region or state/province code
- City name
- Approximate latitude and longitude (typically city-level accuracy, not your exact street address)
- Timezone associated with the IP lookup
- Timestamp of when the estimate was captured
- That the source was IP-based (not GPS)
Local or private network addresses (for example, 127.0.0.1 or typical home Wi‑Fi ranges) are not geolocated. If no reliable lookup is possible, we simply do not store a location for that sign-in.
This estimate reflects your last sign-in session and is refreshed when your profile is updated after login — not continuously in the background. We use it to understand general usage by region, detect unusual sign-in patterns, and improve security. We do not use it for advertising or to track your real-time movements.
3.4 Content you create in the app
Depending on how you use the Service, we may store:
- Campaign names, rules system, and descriptions
- City and shop information (names, notes, economy settings)
- Player display names at the table
- Inventory items, quantities, weights, and wallet balances
- Custom items and personal item library entries
- Character sheet fields you enter
- Campaign history and transaction notes
- Invite codes and campaign membership records
Within a campaign, inventory and certain game data are visible to other members of that table. The Game Master (campaign owner) can see member data relevant to running the session.
Content about other people: The free-text fields in the app (campaign and city names, item names and descriptions, notes, character sheet fields, and display names) are written by you. You should not enter another person's personal data, real-world identifying information, or any third-party names, trademarks, or copyrighted text you are not entitled to use. You are responsible for the content you type, including names of third parties. See our Terms of Use for the rules that apply to your content.
3.5 Local storage on your device
The app stores data locally for offline use, including:
- Cached campaign and inventory data
- Authentication session tokens
- App preferences such as language and theme
- Pending campaign invite codes
On our invite web page (/join), your browser may store a pending invite code so you can return after installing the app.
3.6 What we do not collect today
We do not currently collect or use:
- Precise GPS location
- Photos, contacts, calendar, or microphone data
- Payment card or banking details (no in-app billing is active)
- Advertising identifiers or behavioral analytics profiles
- Push notification tokens
4. How we use your data
We use personal data to:
- Provide, operate, and maintain the Service
- Authenticate you and secure API requests (including Firebase App Check)
- Sync your data between your device and cloud storage (registered accounts)
- Enable campaign collaboration (invites, membership, shared inventory)
- Enforce plan limits (free vs. Premium item library quotas)
- Respond to support requests and protect against abuse
- Record approximate region from your IP at sign-in for security and aggregate usage insight (see section 3.3)
- Comply with legal obligations
Under Brazil's Lei Geral de Proteção de Dados (LGPD), our legal bases include: performance of a contract (providing the Service you requested), legitimate interests (security, fraud prevention, product improvement), and consent where required (for example, optional sign-in methods you choose).
5. How we share data
5.1 Within your campaign
Data you add to a campaign may be visible to other players and the Game Master in that campaign, as designed for tabletop play.
5.2 Service providers (processors)
We use third-party services to run the Service, including:
- Google Firebase — authentication, cloud database (Firestore), server functions, and web hosting
- Google Sign-In — optional account sign-in on Android, iOS, and web
- Apple Sign-In — optional account sign-in on iOS and web
- Google Play Integrity / Apple App Attest — app integrity checks via Firebase App Check
- geoip-lite — IP-to-location lookup on our servers
- Google Gemini — optional AI-assisted features (item generation, portraits, shop drafts, character sheet import). Text and images you submit for generation are sent to Google's Gemini API for processing.
- Google Play Store — app distribution (Android)
These providers process data on our behalf under their own terms and privacy policies. Firebase/Google Cloud infrastructure may store or process data outside Brazil.
5.3 What we do not do
We do not sell your personal data and we do not share your data with advertisers. We do not send your in-app text to third-party AI providers unless you use an AI-assisted feature; see section 13 below.
5.4 Legal requirements
We may disclose data if required by law, court order, or government request, or to protect the rights, safety, and security of users and the Service.
6. International transfers
Your data may be processed on servers operated by Google and other providers in countries other than Brazil, including the United States. Where required, we rely on appropriate safeguards permitted under applicable law for such transfers.
7. Retention
We retain personal data for as long as your account is active and as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Campaign and user content remains stored until you or the campaign owner deletes it or requests deletion. Approximate location stored in your user profile (section 3.3) is kept while your account is active and is removed when you delete your account. Server logs containing operational identifiers (such as user IDs) are kept for a limited period for security and troubleshooting.
8. Security
We use industry-standard measures including encrypted connections (HTTPS/TLS), Firebase security rules, authenticated API access, and App Check attestation. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
9. Your rights under LGPD
If you are in Brazil, you have rights under LGPD, including to:
- Confirm whether we process your data
- Access your data
- Correct incomplete, inaccurate, or outdated data
- Anonymize, block, or delete unnecessary or unlawfully processed data
- Port your data to another service, where applicable
- Withdraw consent where processing is based on consent
- Obtain information about entities with whom we have shared data
- Revoke consent and request deletion, subject to legal retention needs
To exercise these rights, contact support@merchantsbag.com. We will respond within the timeframes required by law.
Account deletion: Registered users can delete their account and associated cloud data directly in the app: Settings → About → Delete my account. This permanently removes your profile, item libraries, campaigns you own, and your Firebase Authentication account. Signing out removes local data from your device. You may also email support@merchantsbag.com from the address linked to your account if you need help.
You may also file a complaint with Brazil's National Data Protection Authority (ANPD).
10. Your rights under GDPR (EU/EEA)
If you are in the European Union or European Economic Area (including Germany, France, and Spain), you have rights under the General Data Protection Regulation (GDPR), including to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Request erasure of your data ("right to be forgotten")
- Restrict or object to certain processing
- Data portability, where applicable
- Withdraw consent where processing is based on consent
- Lodge a complaint with your local supervisory authority
To exercise these rights, use in-app account deletion (Settings → About) or contact support@merchantsbag.com. We will respond within the timeframes required by law.
11. Children
The Service is not directed at children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will take steps to delete it.
12. Analytics, ads, and notifications
We do not use third-party advertising networks or behavioral analytics SDKs in the app today. We do not send push notifications today. Server logs may record operational events (such as sync activity and login events) for reliability and security.
13. AI-assisted content generation (Google Gemini)
The Service offers optional AI-assisted features powered by Google Gemini that generate game content such as shop stock, items, portraits, and store or city descriptions. Premium plan users with a registered account may access these features within monthly usage limits.
When you use an AI-assisted feature, the text you provide for that purpose — such as a campaign description, a prompt, or related game context — is sent to an AI/large-language-model service provider so it can generate a result. To protect your privacy:
- Only the input you submit for generation, plus the context needed to produce the result, is sent — not your whole account or other campaigns.
- You should not include other people's personal data or confidential third-party information in prompts.
- AI output is generated automatically, may be inaccurate or repetitive, and should be reviewed before use at your table.
- The AI provider is Google Gemini (Google AI). Data is processed under Google's terms and privacy policy and may be processed outside Brazil and the EU/EEA.
If you do not use AI-assisted features, your in-app text is not sent to Gemini. Use of AI features and ownership of generated content are also covered in our Terms of Use.
14. Other planned features
Our website and app may describe additional future features, including paid subscriptions, push notifications, and PDF export. These are not active in the current release. If we introduce them, we will update this Privacy Policy to describe any new data collection (for example, payment data handled by the relevant app store, or device tokens for notifications).
15. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. For material changes, we may provide additional notice in the app or by email where appropriate.
16. Related documents
See also our Terms of Use.