Privacy Policy

Effective date: February 12, 2026
Service: FromTheThink (“we”, “us”) and the Timeline game at timeline.fromthethink.com (the “Service”).

1) What this policy covers

This policy explains what data we collect when you use the Service, why we collect it, and your choices.

2) Data we collect

A) Data stored in your browser (localStorage)

  • Client session ID (timeline_clientSessionId): a pseudonymous random ID used to link gameplay events on the same device/browser.
  • Game state (timeline_gameState): your in-progress puzzle state for the day.

B) Data stored on our servers

We store pseudonymous gameplay and usage data such as:

  • Game sessions: client session ID, game number/date, timestamps (started/completed), score, completion status
  • Guesses: round number, guessed values, error/score info, timing data
  • Device/browser info: user agent string (browser/OS/device)

C) Analytics (PostHog)

We use PostHog to understand usage and improve the Service. PostHog may receive:

  • Event data (e.g., game_started, guess_submitted, game_completed, results_shared) and related properties (game number, round, scores, timing)
  • Device/browser metadata (e.g., browser and OS)

UK/EU/EEA: we run PostHog in cookieless mode (no PostHog cookies/localStorage identifiers).
Everywhere else: PostHog may use cookies/localStorage identifiers for analytics.

D) What we do not collect

  • No accounts, names, email addresses, phone numbers, or payment information.
  • No session replay recordings.
  • We do not intentionally collect precise location.

E) IP addresses

We do not store IP addresses in our database. IP addresses may be processed transiently (e.g., by our hosting provider or for abuse prevention/rate limiting) but are not retained by us as a gameplay identifier.

3) How we use data

We use the data to:

  • Operate the Service (run the game, save/score sessions, show results)
  • Understand usage and improve the game (analytics, debugging, performance)
  • Prevent abuse and keep the Service secure

4) How we share data

We share data with service providers that help us run the Service, including:

  • Hosting/infrastructure providers (to deliver the website/API)
  • PostHog (analytics)

These providers process data on our behalf.

5) Cookies and similar technologies

  • UK/EU/EEA: PostHog analytics is cookieless (no PostHog cookies/localStorage IDs).
  • Other regions: PostHog may use cookies/localStorage for analytics.
  • If your browser offers “Do Not Track” (DNT), we honor it for analytics where supported.

6) Data retention

We retain gameplay and analytics data for as long as needed to operate, secure, maintain, and improve the Service and to analyze long-term gameplay trends. We periodically review the data we retain and will delete or anonymize data when it is no longer needed for these purposes. Where feasible, we retain older data in aggregated or de-identified form.

7) Your choices and rights

A) Access / export / deletion

You can request access to, export of, or deletion of data associated with your client session ID.

How to find your session ID: Open your browser developer tools → Application/Storage → Local Storage → timeline_clientSessionId.

How to request: email us at fromthethink@icloud.com with your session ID and what you want (export or deletion). We aim to respond within 30 days.

B) UK/EU/EEA rights

If you are in the UK/EU/EEA, you may have additional rights (including access, deletion, correction, objection, and portability). You can exercise these by contacting us at fromthethink@icloud.com.

C) California Notice at Collection

  • Categories collected: identifiers (pseudonymous session/analytics identifiers), internet/network activity (usage events), gameplay data (guesses/scores/timing), and device/browser information.
  • Purposes: operate the Service, analytics/improvement, security/abuse prevention.
  • Retention: We retain data as described in Section 6.
  • Sale/Share: as described in this policy.

8) Security

We use reasonable safeguards designed to protect data. No method of transmission or storage is 100% secure.

9) Children

The Service is not intended for children under 13, and we do not knowingly collect data from children under 13. If you believe a child provided data, contact us and we will delete it.

10) Changes to this policy

We may update this policy from time to time. We will post the updated version and update the effective date above.

11) Contact

Questions or requests: fromthethink@icloud.com