Privacy Policy

We collect information you provide directly to us, information you submit on behalf of your child, and information generated automatically when you or your child use the Service.

Information you provide directly:

• Account information: name, email address, and Google authentication tokens (when you sign in with Google).
• Child Profile information: child’s name, date of birth, gender, session-length preference, primary interest, and complexity-level preference.
• Subscription information: plan tier and billing status. Payment-instrument details are collected and held by PT Midtrans Payments Indonesia, not by Heurister.
• Communications: messages you send to contact@heurister.com, robert@heurister.com, or via the contact form on /contact.

Information generated automatically when the Service is used:

• Mission gameplay data: scenes presented, choices made, slider positions, written commitments, mission outcomes, and the path taken through each mission.
• Behavioral signals: response times, hesitation patterns, choice patterns, and other timing-based indicators captured during mission play.
• Computed insights: a per-child cognitive profile derived from gameplay across multiple missions, used to generate the parent-facing weekly narrative.
• Account-lifecycle events: signup, login, session start/end, subscription milestones.
• Device and log data: browser type, operating system, IP address (truncated for analytics purposes), access times, and pages viewed.

We use the information we collect to:

• Provide the Service: deliver missions, save progress, generate post-mission insights for parents.
• Personalize: tailor mission selection, difficulty, and session length to the Child Profile preferences you set.
• Process subscriptions: complete payment with Midtrans, manage subscription status, send billing notifications.
• Communicate: respond to your inquiries, send service announcements, send the weekly parent-facing narrative.
• Protect: detect, prevent, and investigate fraud, abuse, security incidents, or violations of our Terms.
• Improve: analyze aggregate, non-identifying patterns to improve the Service and develop new missions.
• Comply: meet legal obligations under Indonesian law, including tax-reporting and consumer-protection requirements.

We do not use your or your child’s personal data for behavioral advertising, profiling for marketing purposes, or any purpose unrelated to operating the Service.

Heurister uses third-party AI inference services (OpenRouter, which routes requests to large language model providers including OpenAI) to help generate post-mission insights, parent-facing weekly narratives, and behavioral dashboards. We disclose this clearly because AI processing of children’s data is a category of activity that UU PDP Art. 16(2) requires us to be transparent about.

What we send to AI inference partners:

• Mission gameplay outcomes and behavioral metrics (response times, choice patterns, hesitation indicators).
• Mission metadata such as story title, difficulty level, and decisions made within a mission.

What we never send: your child’s name, date of birth, parent email, or other direct personal identifiers. For narrative generation, our prompts include an explicit mandatory instruction to neutralize all proper nouns (people, places, organizations) before output — names are replaced with neutral roles such as teacher, parent, classmate, friend, or staff. This is a hard guardrail in our codebase, not a best-effort policy.

Our agreements with AI inference partners (OpenRouter and the underlying providers we use) prohibit the use of our submitted data for training their general-purpose models. We do not consent to such training and we have no commercial arrangement that would benefit from it.

We do not use your child’s gameplay data to train any model of our own that is deployed outside Heurister or shared with third parties.

We do not sell, rent, or trade your personal information to third parties. We may share information only in the limited circumstances described below.

• With your consent: when you explicitly agree to a specific sharing action.
• With service providers: trusted third parties who help us operate the Service (hosting, AI inference, payment processing, email delivery). Each service provider is subject to confidentiality and data-protection obligations under our agreement with them.
• For legal requirements: when required by Indonesian law, court order, or a request from a competent authority.
• For protection: to investigate, prevent, or address fraud, security, or abuse issues, or to enforce our Terms.
• In business transfers: in connection with a merger, acquisition, or sale of assets, in which case the successor entity becomes bound by this Privacy Policy until you receive notice of any change.
• In aggregated, non-identifying form: for research, reporting, and Service-improvement purposes that cannot reasonably be re-linked to an individual.

A core feature of Heurister is the generation of a cognitive profile from your child’s mission gameplay, used to produce the parent-facing weekly narrative. Because this involves automated profiling of a minor, UU PDP Art. 25 requires us to be explicit about the practice and your rights.

What we infer:

• Decision-making style patterns (e.g., reflective vs. quick-decider patterns) observed across missions.
• Cognitive tendencies (e.g., risk preference, attention to constraints, response-time patterns).
• Behavioral signals tied to gameplay (e.g., hesitation before high-stakes choices, consistency of priority across rounds).

What we use the inferences for, and what we do not:

• Uses: producing the weekly narrative for the parent, calibrating mission difficulty, identifying which missions to recommend next.
• Non-uses: behavioral advertising, sale to third parties, sharing with schools or external assessors without your written request, profiling for marketing, training general-purpose AI models.

You may request that the inferred profile be exported, corrected, or deleted at any time (see Section 10). You may opt out of weekly narrative generation while retaining gameplay-only access by writing to robert@heurister.com.

• Encryption of data in transit (TLS) and at rest within our database provider (Supabase, Singapore region).
• Authentication via Google OAuth with short-lived access tokens and rotating refresh tokens.
• Role-based access controls and row-level security policies inside the database.
• Regular security review of dependencies and infrastructure.
• Secure backup and disaster-recovery procedures provided by our cloud infrastructure partners.

No security measure is perfect. In the event of a data breach affecting your personal data or your child’s personal data, we commit to notify you and the relevant supervisory authority within seventy-two (72) hours of becoming aware of the breach, in accordance with UU PDP Art. 46.

Under UU PDP and other applicable laws, you and your child have the following rights with respect to personal data we hold:

• Right of access: request a copy of the personal data we hold about you or your child.
• Right of correction: request correction of inaccurate or incomplete information.
• Right of deletion: request deletion of your account, your child’s Child Profile, and the associated personal data.
• Right of portability: receive your data in a commonly used, machine-readable format.
• Right of restriction: ask us to limit how we process certain categories of your data.
• Right of objection: object to specific processing activities, including automated profiling.
• Right to withdraw consent: withdraw a previously given consent at any time, without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, write to robert@heurister.com with the request and enough information for us to verify your identity. We will respond within thirty (30) days. If we need to extend the response time for complex requests, we will tell you why before the initial thirty-day period ends.

We retain your personal data and your child’s personal data for as long as your account is active or as needed to provide the Service. When you delete your account, we delete the associated personal data within thirty (30) days, except for information we are required to retain under applicable law (for example, tax and accounting records under Indonesian tax law) or for legitimate business purposes (for example, fraud-prevention records).

Aggregated, non-identifying data derived from your gameplay may be retained indefinitely for Service-improvement and research purposes.

We use a small number of strictly necessary cookies to operate the Service. We do not use advertising, marketing, or third-party tracking cookies (no Google Analytics, no Meta Pixel, no Mixpanel, no PostHog).

You can control cookies through your browser settings, though disabling strictly necessary cookies may prevent the Service from functioning correctly.

Your personal data and your child’s personal data are primarily stored in Singapore (Amazon Web Services Asia Pacific Southeast 1 region), through our database provider Supabase. Singapore’s Personal Data Protection Act provides a level of protection generally regarded as equivalent or higher than UU PDP, satisfying UU PDP Art. 56 adequacy considerations for data at rest.

A limited subset of data (mission gameplay outcomes and behavioral metrics, with proper-noun neutralization as described in Section 4) is transmitted to AI inference partners in the United States for the sole purpose of generating insights and narratives. This cross-border processing is conducted under contractual safeguards with our AI inference providers, and is limited to the narrow purposes described in Sections 4 and 7.

We do not transfer your data to any other jurisdiction without a lawful basis under UU PDP.

We rely on a small number of third-party services to operate Heurister. Each one is named here so you know who has what data and why.

• Google (Google OAuth): authenticates your sign-in. Receives the fact that you used Google to sign in to Heurister; Heurister receives from Google your name, email, and OAuth tokens. Google’s privacy practices apply: https://policies.google.com/privacy.
• Supabase (database and authentication infrastructure): stores your account data, Child Profile data, gameplay data, and analytics events in our Singapore-region Supabase project. https://supabase.com/privacy.
• Vercel (web hosting): hosts the Service and serves pages from Vercel’s edge network. https://vercel.com/legal/privacy-policy.
• PT Midtrans Payments Indonesia (payment processing): processes your subscription payments. Receives first name, email, and order amount; returns transaction status. https://midtrans.com/privacy.
• OpenRouter (AI inference router): forwards inference requests to underlying language-model providers. Receives mission gameplay outcomes and behavioral metrics with proper nouns neutralized (see Section 4). https://openrouter.ai/privacy.

We do not use Google Analytics, Meta Pixel, Mixpanel, PostHog, or any other third-party behavioral-tracking or advertising service. We use our own Supabase-stored analytics for account-lifecycle events only (see Section 2).

We may update this Privacy Policy from time to time. For any material change, we will provide at least thirty (30) days advance notice by email to the address on file and by posting a notice in the Service. Your continued use of the Service after the effective date of any updated Privacy Policy constitutes acceptance of the updates.

For privacy questions, data-subject requests, or any concern about how we handle your personal data or your child’s personal data, contact:

• General inquiries: contact@heurister.com
• Privacy and data-subject requests: robert@heurister.com
• Address: Pantai Indah Kapuk II, Tangerang — Banten, Indonesia 15214
• Operator: Heurister, operating within the Republic of Indonesia

This Privacy Policy is published in English and in Bahasa Indonesia. In the event of any inconsistency or conflict between the two versions, the Bahasa Indonesia version shall prevail for all purposes of interpretation and enforcement under Indonesian law, in accordance with Article 31 of Undang-Undang Nomor 24 Tahun 2009 on Flag, Language, State Emblem, and National Anthem.