Privacy Policy

Overview

DnD TrueSight is a tabletop display tool for Dungeons & Dragons sessions. This policy describes what data we collect, how it is used, and how it is stored.

Data We Collect

• Account credentials — DM usernames and hashed passwords, used to authenticate access to the DM panel.
• Character data — character names, class, level, HP values, and portraits submitted via the Character Library. This data is used solely to power the display screen during sessions.
• D&D Beyond HP data — if the browser extension is used, current HP values are read from the D&D Beyond character page and synced to the app. No account credentials or payment information from D&D Beyond are ever accessed.
• Contact messages — name (optional), email address, and message body submitted via the contact form.

How We Use Your Data

Data is used exclusively to operate the application. Character data and HP values are displayed on the in-session display screen. Contact messages are reviewed by the site administrators to respond to your inquiry. We do not sell, share, or use any data for advertising purposes.

Data Storage

All data is stored in a MongoDB database hosted on MongoDB Atlas. The application is hosted on Railway. Portrait images are stored on Cloudinary. Data is retained for as long as the associated account or session is active; temporary DM sessions and their associated data are automatically deleted on expiry.

Third-Party Services

• MongoDB Atlas — database hosting
• Cloudinary — image storage and delivery
• Railway — application hosting
• D&D Beyond — character HP data (extension only, read-only)

Cookies & Local Storage

The app uses a session cookie for DM authentication (via NextAuth). The browser extension uses chrome.storage.local to persist the server URL and extension key on the player's device. No tracking cookies are used.

Contact

Questions about this privacy policy can be directed to us through the contact form.