Privacy Notice
Last updated: February 2026
Introduction
This Privacy Notice for Simplifine Corp. ("Simplifine," "we," "us," or "our") describes how and why we access, collect, store, use, and share ("process") your personal information when you use our services ("Services"), including our website at orcaengine.ai, the Minecraft AI Playground platform, and all related products and tools.
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you have questions, contact us at founders@orcaengine.ai.
1. Information We Collect
1.1 Personal Information You Provide
We collect personal information that you voluntarily provide when you register, use the Services, or contact us. This includes:
| Category | Examples |
|---|---|
| Identifiers | Name, email address, username, account ID |
| Account Credentials | Passwords, security questions |
| Payment Information | Billing address, credit/debit card numbers, transaction history |
| Contact Information | Email address, contact preferences |
| User Content | Prompts, inputs, commands, code, game assets, files, and any other materials you submit to the Services |
| Communications | Messages you send us, feedback, support requests |
| Profile Information | Information from social logins (Google, Discord), profile photos, display names |
1.2 Information Collected Automatically
When you use our Services, we automatically collect certain information, including:
| Category | Examples |
|---|---|
| Device Information | IP address, browser type and version, operating system, device identifiers, hardware model |
| Usage Data | Pages visited, features used, click patterns, session duration, access times, referring URLs |
| AI Interaction Data | Prompts submitted, commands issued, AI-generated outputs, interaction logs, model parameters used |
| Telemetry Data | Error logs, crash reports, performance metrics, system diagnostics |
| Location Data | Approximate location derived from IP address |
| Cookie and Tracking Data | Cookies, web beacons, pixels, and similar technologies (see Section 6) |
1.3 Information from Third Parties
We may collect information about you from:
- Social media platforms (Google, Discord) when you use social login features
- Analytics providers (e.g., Google Analytics) that provide usage statistics
- Payment processors that confirm transaction details
- Public databases and publicly available sources
- Marketing partners that provide lead information
1.4 Inferences and Derived Data
We may generate inferences about you based on your usage patterns, preferences, and interactions with the Services, such as feature preferences, skill level, and usage trends.
2. How We Use Your Information
We process your personal information for the following purposes:
2.1 Service Delivery and Operations
- Facilitate account creation, authentication, and management
- Deliver, operate, and maintain the Services
- Process transactions and manage billing
- Respond to inquiries and provide customer support
- Send administrative communications (service updates, security alerts, policy changes)
2.2 AI Model Training and Improvement
- Train, develop, and fine-tune our AI models using User Content, prompts, inputs, commands, interaction data, and AI-generated outputs
- Create aggregated, anonymized, or de-identified datasets for research and development
- Analyze usage patterns to improve AI output quality and relevance
- Develop new features, products, and services based on usage insights
- Benchmark and evaluate model performance
2.3 Analytics and Optimization
- Analyze usage trends and feature adoption
- Monitor and improve Services performance, security, and reliability
- Conduct A/B testing and product experimentation
- Generate aggregated analytics and business intelligence
2.4 Safety and Security
- Detect, prevent, and respond to fraud, abuse, and security incidents
- Enforce our Terms of Service and acceptable use policies
- Monitor for prohibited content and activities
- Protect the rights, property, and safety of Simplifine and our users
2.5 Legal Compliance
- Comply with applicable laws, regulations, and legal processes
- Respond to lawful requests from government authorities
- Establish, exercise, or defend legal claims
2.6 Marketing and Communications
- Send promotional communications (with your consent where required)
- Personalize your experience and recommend features
- Conduct surveys and collect feedback
3. Legal Bases for Processing
We process your personal information based on the following legal grounds:
| Legal Basis | Applies To |
|---|---|
| Contract Performance | Account management, service delivery, payment processing, customer support |
| Legitimate Interests | AI model training and improvement, analytics, security, fraud prevention, product development |
| Consent | Marketing communications, optional cookies, social login data |
| Legal Obligation | Tax reporting, law enforcement requests, regulatory compliance |
Where we rely on legitimate interests, we have assessed that our interests do not override your fundamental rights and freedoms.
4. When and With Whom We Share Your Information
We may share your personal information in the following circumstances:
4.1 Service Providers and Processors
We share information with third-party vendors who perform services on our behalf, including:
- Cloud hosting providers (e.g., AWS, Google Cloud, Vercel)
- Payment processors (e.g., Stripe)
- Analytics providers (e.g., Google Analytics)
- AI model providers (e.g., Anthropic, OpenAI)
- Email and communication services
- Customer support tools
These providers are contractually obligated to use your information only as directed by us and in accordance with this Privacy Notice.
4.2 AI Model Providers
When you use our Services, your prompts and inputs may be processed by third-party AI model providers. These providers may have their own data practices and retention policies. We recommend reviewing their privacy policies.
4.3 Business Transfers
We may share or transfer your information in connection with any merger, sale of company assets, financing, acquisition, or dissolution of all or a portion of our business.
4.4 Legal Requirements
We may disclose your information if required to do so by law or in response to valid legal process, including subpoenas, court orders, or government requests.
4.5 With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
4.6 Aggregated and De-Identified Data
We may share aggregated or de-identified data that cannot reasonably be used to identify you for any purpose, including research, analytics, and marketing.
5. AI-Specific Data Practices
5.1 AI Training Data
We use the following categories of data to train, improve, and develop our AI models:
- User prompts, inputs, and commands
- AI-generated outputs and interaction logs
- Usage patterns and feature interactions
- Error reports and correction data
- Aggregated behavioral data
5.2 How AI Training Data Is Used
Your data may be used to:
- Improve the accuracy and quality of AI-generated outputs
- Develop new AI capabilities and features
- Reduce harmful, biased, or inaccurate outputs
- Fine-tune models for game development use cases
- Create evaluation and benchmarking datasets
5.3 Opting Out of AI Training
You may opt out of having your User Content used for AI model training by contacting us at founders@orcaengine.ai. Please note:
- Opting out applies to future training only; data already incorporated into models cannot be extracted
- Opting out may limit certain personalized features
- Aggregated, anonymized data may still be used regardless of opt-out status
- Opting out does not affect data processing necessary for service delivery
5.4 Third-Party AI Models
Our Services may use third-party AI models. Data sent to these models is subject to the respective provider's data practices. We select providers that maintain appropriate data protection standards, but we cannot guarantee their compliance.
6. Cookies and Tracking Technologies
6.1 Technologies We Use
We use the following tracking technologies:
- Essential Cookies: Required for the Services to function (authentication, security, preferences)
- Analytics Cookies: Help us understand how you use the Services (page views, session data, feature usage)
- Performance Cookies: Monitor service performance and identify issues
- Marketing Cookies: Used to deliver relevant advertisements (if applicable)
- Web Beacons and Pixels: Track email opens and user interactions
6.2 Managing Cookies
You can control cookies through your browser settings. Note that disabling certain cookies may impair Service functionality. We honor Global Privacy Control (GPC) signals as a valid opt-out mechanism.
6.3 Do Not Track
We do not currently respond to Do Not Track (DNT) browser signals, as no uniform standard has been established. However, we do honor GPC signals as described in Section 11.
7. Data Retention
We retain your personal information as follows:
| Data Category | Retention Period |
|---|---|
| Account information | Duration of account plus 90 days after deletion |
| Payment and transaction data | 7 years (tax and legal requirements) |
| AI interaction data (prompts, outputs) | 3 years, or until opt-out request |
| Usage and analytics data | 2 years |
| Server logs | 12 months |
| Cookie data | Up to 13 months |
| Communications and support tickets | 3 years |
| Aggregated/de-identified data | Indefinitely |
When retention periods expire or we no longer have a legitimate business need, we will delete or anonymize your information. If deletion is not immediately possible (e.g., data in backups), we will securely store and isolate the information until deletion is feasible.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256 or equivalent)
- Access Controls: Role-based access controls, multi-factor authentication for internal systems
- Monitoring: Continuous security monitoring, intrusion detection, and logging
- Vendor Security: Security assessments of third-party service providers
- Incident Response: Documented incident response procedures with notification protocols
While we use commercially reasonable measures to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.
9. International Data Transfers
Our servers are located in the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States.
For transfers from the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements with our service providers
- Other legally recognized transfer mechanisms as applicable
By using the Services, you consent to the transfer of your information to the United States and other jurisdictions where we or our service providers operate.
10. Information About Minors
The Services are not intended for users under 18 years of age. We do not knowingly collect, solicit data from, or market to children under 18. If we learn that we have collected personal information from a child under 18, we will promptly delete that information. If you believe we have collected information from a minor, please contact us at founders@orcaengine.ai.
11. Your Privacy Rights
11.1 Rights for All Users
Depending on your location, you may have the following rights:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Portability: Request your data in a portable, machine-readable format
- Withdrawal of Consent: Withdraw consent for processing based on consent at any time
- Objection: Object to processing based on legitimate interests
To exercise any of these rights, contact us at founders@orcaengine.ai. We will respond within 30 days (or as required by applicable law).
11.2 California Residents (CCPA/CPRA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
Right to Know. You have the right to request that we disclose:
- The categories of personal information we have collected about you
- The categories of sources from which we collected personal information
- Our business or commercial purpose for collecting or selling personal information
- The categories of third parties with whom we share personal information
- The specific pieces of personal information we have collected about you
Right to Delete. You have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
Right to Correct. You have the right to request that we correct inaccurate personal information.
Right to Opt-Out of Sale/Sharing. You have the right to opt out of the "sale" or "sharing" of your personal information. We do not sell personal information for monetary consideration. We may share personal information with analytics and advertising partners, which may constitute "sharing" under the CCPA.
Right to Limit Use of Sensitive Personal Information. If we collect sensitive personal information, you have the right to limit its use to what is necessary to perform the Services.
Right to Non-Discrimination. We will not discriminate against you for exercising your CCPA rights.
Categories of Personal Information Collected (Past 12 Months):
| CCPA Category | Collected | Source | Purpose | Shared With |
|---|---|---|---|---|
| Identifiers (name, email, IP address) | Yes | You, automatic collection | Service delivery, security, analytics | Service providers, analytics providers |
| Customer Records (billing info) | Yes | You | Payment processing | Payment processors |
| Commercial Information (transaction history) | Yes | You, automatic | Billing, analytics | Payment processors, service providers |
| Internet/Network Activity (usage data, logs) | Yes | Automatic collection | Analytics, AI training, security | Analytics providers, AI model providers |
| Geolocation Data (approximate) | Yes | Automatic collection | Service delivery, analytics | Service providers |
| Professional/Employment Information | No | — | — | — |
| Education Information | No | — | — | — |
| Inferences (preferences, behavior) | Yes | Derived | Personalization, AI improvement | Service providers |
| Sensitive Personal Information | No | — | — | — |
Submitting Requests: To exercise your California privacy rights, email us at founders@orcaengine.ai or submit a request through our website. We will verify your identity before processing your request. You may designate an authorized agent to submit requests on your behalf.
GPC Signal: We recognize the Global Privacy Control (GPC) signal as a valid opt-out of the sale/sharing of personal information.
Financial Incentives: We do not offer financial incentives for the collection or sale of personal information.
11.3 European Economic Area, United Kingdom, and Swiss Residents
If you are located in the EEA, UK, or Switzerland, you have additional rights under GDPR or UK GDPR:
- Right to Restrict Processing: Request that we limit how we process your data
- Right to Object to Processing: Object to processing based on legitimate interests or for direct marketing
- Right to Lodge a Complaint: File a complaint with your local data protection authority
- Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing
Data Protection Authority Contacts:
- EEA: Your local supervisory authority (list at edpb.europa.eu)
- UK: Information Commissioner's Office (ico.org.uk)
- Switzerland: Federal Data Protection and Information Commissioner (edoeb.admin.ch)
11.4 Other U.S. State Privacy Rights
Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others) may have similar rights to access, delete, correct, and opt out of certain data processing. Contact us to exercise these rights.
12. Social Logins
Our Services offer the ability to register and log in using third-party social media accounts (such as Google or Discord). When you use social login, we receive certain profile information from your social media provider, which may include your name, email address, profile picture, and friends list.
We use this information only for the purposes described in this Privacy Notice. You can manage the information shared by adjusting your privacy settings with the social media provider.
13. Updates to This Notice
We may update this Privacy Notice from time to time. The updated version will be indicated by the "Last updated" date at the top. If we make material changes, we will notify you by email or prominent notice in the Services at least 30 days before the changes take effect.
We encourage you to review this Privacy Notice periodically. Your continued use of the Services after changes are posted constitutes acceptance of the updated Notice.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Notice or our data practices, please contact us at:
Simplifine Corp.
Email: founders@orcaengine.ai
Website: orcaengine.ai
Location: San Francisco, California
For CCPA-specific inquiries, you may also use the subject line "California Privacy Request" when emailing us.
15. Notice to California Users
Under California Civil Code Section 1798.83, California residents who have an established business relationship with us may request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, contact us at founders@orcaengine.ai.