Nanogram

Privacy Policy

Last updated: May 5, 2026

Overview

Nanogram ("we", "us") is a social platform for short, AI-assisted browser games. This policy explains what information we collect when you use the Nanogram mobile app or website, how we use it, and the choices you have. By using Nanogram you agree to the practices described here.

Information You Provide

  • Account info: username, email, password (stored as a salted hash, never in plain text), date of birth, and optional profile picture.
  • Discord login (optional): if you link Discord we receive your Discord user ID, username, and avatar from Discord's OAuth API.
  • User-generated content: games you publish, comments and replies, likes, shares, saves, and reports you submit.
  • Communications: messages you send to support and content you submit when reporting another user's game or comment.

Information Collected Automatically

  • Device identifier: a random UUID generated on first launch and stored on your device, used to keep view history and basic interaction data even before you sign up.
  • Push notification tokens: Firebase Cloud Messaging (FCM) tokens used to deliver in-app notifications to your device. You can revoke these in your device settings.
  • Usage data: which games you view, how long you watch them, scrolling and tab behavior, deep-link opens.
  • Crash & performance data: stack traces, device model, OS version, and basic performance metrics when the app crashes or misbehaves.
  • Network info: IP address (used for rate limiting and abuse prevention), approximate region inferred from IP, basic request metadata.

How We Use Your Data

  • To create and authenticate your account, deliver verification and password-reset emails, and keep you signed in.
  • To personalize your feed, surface relevant games, and avoid repeatedly showing you content you've already seen.
  • To send notifications (likes, comments, mentions) — you can disable these in Settings.
  • To enforce our age requirement (you must be 13 or older), to moderate content, and to act on user reports.
  • To diagnose crashes, improve reliability, and prevent abuse (rate limiting, anti-bot checks).

Automated Content Rating

We use Google's Gemini AI to assign an ESRB-style age rating to each published game by analyzing its source code and on-screen content. The model receives the game's code and title only — it does not receive your account information. Ratings are used to filter content for younger audiences and to comply with platform policies.

Third-Party Services

Some processing is performed by trusted third-party providers under their own privacy policies:

  • Google Firebase (Crashlytics, Cloud Messaging, App Check, Analytics, Performance Monitoring) — crash and stability data, push delivery, anti-abuse.
  • PostHog — product analytics. Events are tied to a per-install identifier.
  • Discord — only if you choose to sign in or link your Discord account.
  • Resend — transactional email delivery (verification, password reset).
  • Google Gemini — automated age rating of game content (no account info shared).
  • Cloudflare — CDN, DDoS protection, and edge networking.
  • Object storage — game assets (HTML/JS) and uploaded avatars are stored with a cloud object-storage provider; access is gated through signed URLs.

User-Generated Content

Games, comments, profile pictures, and usernames are public to other Nanogram users. Like and share counts are visible. View counts are private to you. By posting content you grant Nanogram a non-exclusive license to host, display, and distribute it within the service. You can delete your own content at any time; deleted content may persist temporarily in backups before being purged.

Tracking Transparency

On iOS we ask for your permission before any cross-app tracking. If you decline, we still collect the in-app analytics described above (which are tied to a per-install identifier) but do not share advertising identifiers with third parties.

Children

Nanogram is not intended for children under 13. We require all users to confirm a date of birth at sign-up and refuse accounts that do not meet the minimum age. If you believe an under-13 has signed up, please email us so we can remove the account.

Your Choices

  • Access & correct: change your username, password, email, avatar, or notification preferences in Settings.
  • Delete your account: use the in-app deletion flow or visit /delete-account. Account data, your published games, and your interactions are removed.
  • Push notifications: toggle them off per category in Settings, or revoke permission in your device settings.
  • Tracking: on iOS you can change the App Tracking Transparency choice for Nanogram in iOS Settings → Privacy & Security → Tracking.

Data Retention

Account data is kept for as long as your account exists. After deletion, personal data is removed within 30 days, except for entries we are legally required to keep (e.g. abuse reports). Anonymous usage logs and crash data are retained for up to 90 days.

Security

Passwords are stored as salted hashes. Traffic between the app and our servers is encrypted in transit (HTTPS). We use Firebase App Check and rate limiting to deter abuse. No system is perfectly secure — please use a unique password and contact us right away if you suspect your account has been compromised.

International Transfers

Nanogram is operated from the United States and the European Union. By using the service you understand that your data may be transferred to and processed in countries with different data-protection laws than your own.

Changes to This Policy

We may update this policy as the product evolves. Material changes will be communicated in-app or by email; the "Last updated" date at the top of this page always reflects the most recent revision.

Contact

Questions or requests? Reach out at boris@nanogram.app.