— Legal · Privacy notice

Privacy notice.

How Retconic collects, uses, and protects your personal data. Last updated June 2026.

6 min read

1. Who we are

This privacy notice applies to retconic.com (the “Site”) and the Retconic workspace, operated by Retconic, a sole trader based at 39 Elm Grove Road, Farnborough, Hampshire, GU14 7RD, United Kingdom. We are the data controller for the personal data you provide through the Site.

Registered with the UK Information Commissioner’s Office under registration number ZC085750.

For any privacy-related question, contact us at brandon@retconic.com.

2. What data we collect

We only collect personal data you give us directly through the Site (not the workspace):

  • Email address — when you subscribe to our newsletter.
  • Name, email, and message content — when you contact us by email.

We do not collect special category data, and we do not knowingly collect data from anyone under 16.

3. The Retconic workspace

The Retconic workspace is local-first. Your project data — game design documents, kanban boards, research notes, and roadmaps — is stored in your browser’s localStorage on your own device. We do not transmit, store, or have access to your project content.

If you choose to enable optional Supabase cloud sync, your data is stored on your own Supabase instance. That storage is governed by Supabase’s privacy policy and your account with them — not by us.

Clearing your browser storage or using a different device will lose your local project data. We recommend using the in-app “Export backup” feature regularly.

4. AI features and OpenRouter

The workspace includes an AI chat feature. When you send a message, the content of that message — along with a summary of your current project state — is forwarded to OpenRouter (openrouter.ai) using an API key you supply in the workspace settings.

Retconic does not log, store, or have access to the content of your AI conversations or the project context sent with them. OpenRouter’s privacy policy and terms govern how they process that data. We recommend reviewing their policies before using the AI features.

You are not required to use the AI features, and no data is sent to OpenRouter if you do not configure an API key.

5. Analytics and cookies

We use Plausible Analytics for privacy-first website analytics. Plausible does not set cookies, does not collect personal data, and does not track you across sites. Aggregate data is held in the EU.

The Site does not set tracking cookies. The only cookies we may set are strictly necessary cookies for things like remembering you have dismissed our cookie banner. See our Cookies notice for details.

6. Lawful basis

We rely on the following lawful bases under Article 6 of the UK GDPR:

  • Consent — for newsletter signup. You can withdraw consent at any time by unsubscribing.
  • Legitimate interests — to respond to messages you send us and to keep the Site secure.

7. How we use your data

  • To send you the newsletter you signed up for.
  • To respond to messages you send us.
  • To keep the Site working, secure, and reasonably free of spam.

We do not sell your data. We do not share it with advertisers. We do not use it to train AI models.

8. Who we share data with

We share data only with service providers who help us run the Site:

  • Email service providers — for sending newsletters (Resend, hosted in the EU).
  • Hosting providers — Vercel, who host the Site and workspace application.

All providers are bound by data-processing agreements. We do not transfer personal data outside the UK or EU without appropriate safeguards.

9. How long we keep data

  • Newsletter subscribers — until you unsubscribe.
  • Contact messages — up to 12 months unless ongoing correspondence requires longer.

10. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct any data that is inaccurate.
  • Ask us to delete your data.
  • Object to or restrict our processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time.
  • Complain to the UK Information Commissioner’s Office (ico.org.uk).

To exercise any of these, email brandon@retconic.com. We’ll respond within one calendar month.

11. Security

We use reasonable technical and organisational measures to protect personal data, including HTTPS across the Site and access controls on internal systems. Because your project data lives in your browser, its security also depends on your device and browser security practices.

12. Changes to this notice

We may update this notice from time to time. The “Last updated” date at the top reflects the most recent version. Material changes will be flagged on the Site or by email if you’ve subscribed.

13. Complaints

If you have a complaint about how we handle your data, please contact us first at brandon@retconic.com. You also have the right to complain to the Information Commissioner’s Office: ico.org.uk, or call 0303 123 1113.