background

Privacy Policy

Last updated: May 16, 2026

Infinite Verses (“we,” “us,” or “our”) operates the platform at infiniteverses.one. This policy explains what information we collect, how we use it, and your rights regarding your data. We believe in straightforward language — no legalese walls.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address (or GitHub account if you use OAuth sign-in)
  • Birth month and year (used solely for age verification — we never collect your exact birthday)
  • Password (stored securely hashed, never in plaintext)

Identity & Profile Information

You may create one or more Identities (personas) on the platform. For each Identity you choose to provide:

  • Display name and avatar
  • Bio, tags, and interests
  • Privacy preferences (you control the visibility of each Identity)

Content You Create

Posts, comments, messages, media uploads, community contributions, marketplace listings, event details, and any other content you submit to the platform.

Location Data

If you create marketplace offerings or events with a physical location, you provide that location voluntarily. We do not track your device location passively or in the background.

Technical Information

  • IP address (used only for rate limiting and abuse prevention)
  • Browser type and session cookies (see our Cookie Policy)

2. End-to-End Encryption (E2EE)

Certain content on Infinite Verses is protected by end-to-end encryption. When you use E2EE features (encrypted posts, direct messages, or group threads), your content is encrypted on your device before it reaches our servers.

We cannot read, access, or decrypt E2EE-protected content. Only you and your intended recipients hold the keys.

This means we cannot comply with requests (including legal requests) to produce the plaintext of encrypted content — because we technically cannot access it. Your encryption keys are generated and stored on your devices.

3. How We Use Your Information

  • To operate and maintain your account and Identities
  • To deliver the services you use: posts, communities, marketplace, events, chat, and wallet features
  • To enforce age-based access controls and content restrictions
  • To process transactions through our payment provider
  • To prevent abuse, enforce rate limits, and maintain platform safety
  • To send essential account notifications (password resets, security alerts)

We do not use your data for advertising. We do not sell your data to third parties. We do not use third-party analytics or tracking services.

4. AI Features

Infinite Verses offers AI-powered features (such as content translation agents). These features are:

  • Opt-in only — AI features are never enabled by default. You or your community must explicitly activate them.
  • Contained within the service — AI agents operate only within Infinite Verses. Your data is not sent to external AI training pipelines.
  • Community-governed — Communities can set their own AI usage policies for their spaces.

5. Children's Privacy & Parental Controls

We take the privacy of minors seriously and comply with the Children's Online Privacy Protection Act (COPPA).

  • Users under 13 may only join under direct parent or guardian supervision.
  • Minor accounts operate under restricted privacy: they can only share protected-privacy content with parent-approved family members.
  • We do not knowingly collect personal information from children without verified parental consent.
  • Parents may review, modify, or delete their child's information at any time by contacting us.

Age Verification & Adult Content

Certain content and communities are restricted to verified adults. We use identity verification to gate access to age-restricted material. This verification confirms you meet the age threshold without unnecessarily retaining identity documents beyond what is needed for verification.

6. Payments & Financial Data

Payments on Infinite Verses (subscriptions, marketplace purchases, token transactions) are processed by Stripe, our third-party payment provider.

We never store your credit card numbers, bank account details, or full payment credentials on our servers. Stripe handles all sensitive financial data directly. We only store transaction references (amount, date, status) to display your history and manage your wallet balance.

For more on how Stripe handles your data, see Stripe's Privacy Policy.

7. Media Uploads

Images and videos you upload are stored via Cloudinary, a cloud media service. Media is associated with your Identity and subject to the same privacy controls you set on the content it belongs to. We do not use your media for purposes unrelated to delivering the service.

8. Data Sharing

We share your information only in these limited circumstances:

  • With other users — as determined by the privacy settings you choose on your content and Identities
  • Service providers — Stripe (payments), Cloudinary (media hosting), and infrastructure providers necessary to operate the platform, each bound by their own privacy obligations
  • Legal requirements — if required by law, court order, or to protect the safety of our users (noting that E2EE content is technically inaccessible to us)

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

9. Your Rights

All Users

  • Access the personal information we hold about you
  • Correct inaccurate information on your account
  • Delete your account and associated data
  • Export your data in a portable format
  • Withdraw consent for optional data processing at any time

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights:

  • Right to Know— request what personal information we've collected about you and how it's been used
  • Right to Delete — request deletion of your personal information
  • Right to Opt-Out of Sale — we do not sell personal information, so there is nothing to opt out of. We will never sell your data.
  • Right to Non-Discrimination — we will not treat you differently for exercising your privacy rights

To exercise any of these rights, contact us at the address below.

10. Data Retention

We retain your data for as long as your account is active. If you delete your account:

  • Your personal profile information is removed promptly
  • Content you authored in community spaces may be retained in anonymized form to preserve conversation continuity, unless you request full deletion
  • Transaction records may be retained as required for financial record-keeping obligations
  • E2EE content cannot be decrypted after key deletion — it becomes permanently inaccessible

11. Security

We use industry-standard security measures to protect your data, including:

  • Encrypted connections (HTTPS) for all traffic
  • Hashed passwords (never stored in plaintext)
  • End-to-end encryption for supported content types
  • Rate limiting and abuse detection
  • Two-factor authentication available for all accounts

No system is perfectly secure. If we discover a breach affecting your data, we will notify affected users promptly.

12. Changes to This Policy

We may update this policy as our platform evolves. When we make material changes, we will notify users through the platform and update the date at the top of this page. Your continued use after changes constitutes acceptance of the updated policy.

13. Contact

If you have questions about this privacy policy, want to exercise your data rights, or have concerns about how your information is handled:

This policy is effective as of May 16, 2026.