Privacy Policy

The short version: No accounts required to play. Consent preferences are private and never shared. All game data - player names, preferences, spin history, event-mode slot data, post-session surveys - is automatically and permanently deleted from the server when the game ends (couch-mode: up to 24 hours after creation; event-mode: up to 30 days for staged events). Nothing is kept.

Account Optional

Sin the Bottle works without an account for basic features. Optional accounts unlock additional features like saved data and personalized results.

What We Store

When you use Sin the Bottle, we store:

Player Name - The display name you enter when joining a game (couch mode) or the name the moderator put in your roster slot (event mode, via apply.sinthebottle.com)Stored on our server. Kept temporarily. Legal basis: contract (needed to run the service).
Consent Preferences - Your private activity preferences for other players. Never shared with the host or other attendees.Stored on our server. Kept temporarily. Legal basis: contract (needed to run the service).
Event Mode Identity - For event-mode sessions staged from apply.sinthebottle.com: your number, pronouns, intentions (visible to attendees on the printed card and in-app), traffic light state, and consent-quiz acknowledgement. Deleted with the game.Stored on our server. Kept temporarily. Legal basis: contract (needed to run the service).
Join Token - Per-slot opaque URL token that binds your phone to your slot in event mode. Rotated on reprint/revoke. Deleted with the game (typically within 24h after the event ends).Stored on our server. Kept temporarily. Legal basis: contract (needed to run the service).
Post Session Survey - Anonymous 1-5 rating plus two short text answers submitted at end of an event-mode session. Host sees aggregate + text without name attribution. Deleted with the game.Stored on our server. Kept temporarily. Legal basis: consent (you opted in).
Red Light Incidents - When you tap red in an event-mode session, an incident row is recorded so the host can follow up if you ask for a debrief. You can opt out under 'If you need to stop' in your consent panel (the 'Record it' toggle); turning it off means no record at all. When a row exists, rows are automatically deleted 90 days after creation, or when the game itself is deleted (whichever comes first).Stored on our server. Kept: 90 days, then automatic daily sweep. Legal basis: consent (you opted in).
Incident Preferences - Two private toggles per event-mode session: whether to offer a debrief prompt after you tap red, and whether to log the red at all. Defaults are both on; your changes stick for the duration of the game and are deleted with it.Stored on our server. Kept temporarily. Legal basis: contract (needed to run the service).
Activity Presets - Saved activity list presets for reuse across games (hosts only, requires account)Stored on our server. Kept: permanent. Legal basis: contract (needed to run the service).
Feedback - Optional feedback messages and ratings you submitStored on our server. Kept: permanent. Legal basis: consent (you opted in). You choose whether to provide this.

How Consent Privacy Works

Your consent preferences are completely private. Other players never see who you have or haven't consented to. The game only reveals that mutual consent exists when the bottle lands on a pair - and that only happens when both players have already agreed.

Health metrics (like 'you have matches with X players') use aggregate counts only and never reveal specific names or preferences.

Data Cleanup

All game data is temporary. When the game ends - either by the host closing it or by the server cleanup timer expiring - everything is permanently deleted: player names, consent preferences, spin history, and all associated data.

The server cleanup timer is set by the host when creating the game (default 6 hours, maximum 24 hours). This is not a game timer - the game runs as long as people are playing. The timer just controls when the server removes the data if the host forgets to close it.

The only data that persists beyond a game session is activity presets (for hosts with accounts) and optional feedback submissions.

Local Storage

Some data is stored locally in your browser and never sent to our servers. localStorage persists across reloads and tabs until you clear it:

sessions - Your game sessions (game codes, player IDs, tokens) so you can rejoin games after closing the tab
name/bottle preferences - Your last used name and bottle choice, pre-filled when joining new games

You can clear this data anytime through your browser settings.

Cookies

We do not use cookies for tracking. We use localStorage to save preferences and sessionStorage during the sign-in process.

Analytics

We collect basic anonymous statistics to understand usage patterns. This data cannot be traced back to you.

Third Parties

We do not sell or share your data with third parties.

Your Rights

You can:

Access your data (view within the app)
Correct your data (update profile in settings)
Delete your data (from within the app)
Withdraw consent (sign out and stop using the service)

Contact

Questions about privacy? Contact us through the app.

Last updated: April 2026 (red-light incident logging added)

Back to Sin the Bottle