Privacy Policy

Last updated: July 15, 2026

This Privacy Policy describes how Enfee (“we”, “us”) collects, uses, stores, and shares information when you use the Enfee website and related services (together, the “Service”). By using the Service, you agree to this policy.

1. Who we are

Enfee is a branching interactive story experience operated by nheek. For privacy questions, email [email protected].

2. Information we collect

  • Account and profile: email address, password (stored in hashed form), and an optional display name when you create an account.
  • Saved stories: when you are signed in, we store your story genre, title, story beat label, conversation history (your replies and NPC dialogue text), pending reply options, and library status (active, archived, or trash) so you can continue later.
  • Guest play on your device: if you play without an account, a draft of your in-progress story may be stored in your browser’s local storage on that device only until you sign up, log in, or clear site data.
  • Content maturity preference: a cookie on your device records whether you chose the 18+ or lighter story mode at the age gate. We do not ask for or store your date of birth.
  • Session and technical data: IP address, browser or app version, session identifiers, authentication tokens (in an httpOnly cookie), database session records, and security logs needed to operate and protect the Service.

When you play a story, your conversation text is sent to our story-generation provider (OpenAI) to produce NPC replies and reply options. We do not use your stories to train our own models.

3. How we use information

We use the information above to:

  • run interactive stories and save your progress when you have an account;
  • authenticate you and keep sessions secure;
  • enforce library actions you take (archive, trash, restore, delete);
  • keep the Service secure, prevent abuse, enforce our Terms, and comply with law;
  • communicate important service notices.

We do not sell your personal information.

4. Legal bases (EEA/UK users)

Where GDPR applies, we rely on contract (providing the Service you asked for), legitimate interests (security, fraud prevention, and service improvement, balanced against your rights), consent (where we ask for it—for example optional account creation after guest play), and legal obligation.

5. Sharing and processors

We may share data with:

  • Infrastructure providers (hosting, databases) that store account and saved-story data;
  • OpenAI to generate story dialogue and reply options from the conversation context you send while playing;
  • Professional advisers or authorities when required by law or to protect rights and safety.

We use contracts or standard safeguards (including appropriate transfer mechanisms where data leaves the EEA/UK) with processors where required.

6. Cookies and local storage

  • Session cookie (enfee_session): keeps you signed in. HttpOnly; required for authenticated features.
  • Age preference cookie (isAdult): remembers your mature vs lighter content choice for about one day.
  • Local storage (enfee_story_draft): holds an in-progress guest story on your device until you save to an account or clear site data.

We do not run third-party advertising or analytics cookies on Enfee today.

7. Retention

We keep account and saved-story data while your account is active. Stories you move to trash remain recoverable until you delete them permanently or we remove them after a reasonable retention window for deleted items. Contact [email protected] to request account deletion.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object, or port your personal data, and to withdraw consent where processing is consent-based.

  • Access / correct: view and update your display name through your account flows; story text is editable by continuing the story.
  • Delete: remove individual stories via trash and permanent delete in your library, or email [email protected] to request full account deletion.

See also our GDPR page. You may lodge a complaint with your local supervisory authority.

9. Children

Enfee is not directed at children under 13. The age gate offers a lighter content mode for younger players, but we do not knowingly collect personal information from anyone under 13. If you believe a child has provided us data, contact [email protected].

10. Security

We use reasonable technical and organizational measures (including hashed passwords, httpOnly session cookies, and access controls) to protect your information. No method of transmission or storage is completely secure.

11. International transfers

If you use Enfee from outside the country where our servers run, your information may be processed in other jurisdictions. Where required, we rely on appropriate safeguards for cross-border transfers.

12. Changes

We may update this policy. We will post the new version and update the date above. Material changes may also be noted in the Service.