EMPIRECORE
FAQTERMSUPGRADE
LEGAL DOCUMENTATION

PRIVACY POLICY

Last updated: March 21, 2026
01 — OVERVIEW

EmpireCore is committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we use it. We collect only what is necessary to operate the Service.

We do not sell your personal data. We do not share your personal data with advertisers. We do not use your data for any purpose other than operating EmpireCore.

02 — DATA WE COLLECT

Account Data: When you sign in with Google, we receive your email address and name from Google OAuth. This is used solely to create and identify your account.

Usage Data: We record which daily reports you unlock and when. This is stored in our database to prevent double-charging on page refresh and to maintain your unlock history.

Token Transactions: We maintain a log of token purchases and usage for billing accuracy and dispute resolution.

Payment Data: Payment processing is handled entirely by Stripe. We do not store your card number, CVV, or any raw payment data. We only receive a confirmation from Stripe that a payment was completed.

03 — HOW WE USE YOUR DATA

— To authenticate your identity and maintain your session

— To track your token balance and unlock history

— To process payments and credit tokens to your account

— To prevent fraud and unauthorized account access

— To improve the Service based on aggregate (non-personal) usage patterns

04 — DATA STORAGE

Your account data is stored in Supabase, a PostgreSQL database with enterprise-grade security. Data is encrypted at rest and in transit. Supabase is SOC 2 compliant.

We do not store data on your device beyond what is necessary for your authentication session (a secure cookie managed by Supabase Auth).

05 — THIRD PARTY SERVICES

Google OAuth: Used for authentication only. We request only your email and basic profile. We do not access your Google Drive, Gmail, contacts, or any other Google services.

Stripe: Used for payment processing. Subject to Stripe's own privacy policy at stripe.com/privacy.

Supabase: Database and authentication infrastructure. Subject to Supabase's privacy policy at supabase.com/privacy.

06 — YOUR RIGHTS

You may request deletion of your account and all associated data at any time. Upon deletion, your email, token history, and unlock records will be permanently removed from our systems within 30 days.

You may request a copy of all data we hold about you by contacting us through the platform.

07 — COOKIES

We use a single session cookie to maintain your authenticated state. This cookie is essential for the Service to function and cannot be disabled while using EmpireCore. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

08 — CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify users of significant changes via the platform. Continued use of the Service after changes constitutes acceptance.

09 — CONTACT

For privacy-related requests or questions, contact us through the platform at empirecore.xyz.