Privacy & Open Source FAQ

Model Choice & AI Infrastructure

Current Model: Mistral Devstral-2

We use Mistral Devstral-2 via Vercel AI Gateway. This is a cost-effective model suitable for MVP testing.

Why This Model?

• Free tier: Available on Vercel AI Gateway free tier
• Fast response times: Optimized for real-time dialogue
• Open-source roadmap: We're committed to migrating to open-weights or self-hosted models

Long-term Vision

Note: Some models used in MVP are proprietary APIs. Our long-term roadmap includes migration to open-weights or self-hosted models to align with open commons principles.

Data Tracking & Privacy

What We Track

• Server logs: Basic request metadata (method, timestamp, message count) for debugging and monitoring
• Shared ideas: If you choose to share an idea or conversation to GitHub, it becomes part of the public repository

What We Do NOT Save

• We do NOT save conversations: Your dialogue with the game master is processed temporarily to generate responses, but we do not store conversations in any database or persistent storage
• We do NOT track conversations: Conversations exist only in your browser session and are not saved by us

AI Provider Tracking

Important: While we do not save your conversations, the AI provider (Mistral via Vercel AI Gateway) may track conversations according to their own privacy policy. We have no control over their data collection practices. For details, see Mistral's Privacy Policy and Vercel's Privacy Policy.

What We Do NOT Track

• No user accounts: No registration, no login, no personal profiles
• No cookies: No tracking cookies, no analytics cookies, no advertising trackers
• No IP logging: IP addresses are not stored or logged
• No third-party analytics: No Google Analytics, no Facebook Pixel, no tracking scripts
• No email collection: The game interface does not collect email addresses

Conversation Handling

We do not save conversations. Conversations exist only in your browser session. Messages are sent to the server for AI processing but are not stored persistently by us. Each conversation is ephemeral and exists only during your active session. When you close your browser, the conversation is gone from our systems.

When Conversations Are Saved

Conversations are only saved when you explicitly choose to share them to GitHub using the "Share to GitHub" feature. This is an opt-in action that you control. Once shared, the conversation becomes part of the public repository at build_game/conversations/.

Server-Side Processing

Messages are processed through Vercel serverless functions. Our server logs may contain:

• Request metadata (timestamp, method)
• Message count and length (for debugging)
• First/last message previews (first 100 characters, for debugging only)

These logs are not publicly accessible and are used only for system monitoring and debugging. They do not contain full conversation content and are automatically rotated by Vercel.

What Is Verifiable on GitHub

Open Source Repository

Our entire codebase is open source and available at github.com/understories/votc.

You Can Verify:

• All client-side code: HTML, CSS, JavaScript - everything runs in your browser
• Serverless function code: All API endpoints are open source and auditable
• No hidden tracking: Review the code yourself - no analytics, no trackers, no data collection
• Data handling logic: See exactly how messages are processed, sanitized, and sent to AI
• Security measures: Input sanitization, role whitelisting, turn limits - all visible in code
• Shared ideas: Ideas shared to GitHub are publicly visible in build_game/ideas/

What's Not in the Repository

• API keys: Stored securely in Vercel environment variables (never in code)
• Internal thoughts: Game design notes are in the repo but don't contain user data
• Server logs: Not committed to the repository

Open Source & Open Commons Best Practices

Our Commitment

Valley of the Commons follows open commons principles:

• Transparency: All code is open source and auditable
• No vendor lock-in: Using open standards and protocols
• Community ownership: Ideas shared become part of the public commons
• Minimal data collection: Only what's necessary for functionality
• User control: You choose what to share, when to share it

Open Source License

The codebase is open source. Check the repository for the specific license terms.

Contributing

Contributions, improvements, and audits are welcome. The repository is public and open for community participation.

Future Improvements

• Migration to self-hosted or open-weights models
• Enhanced privacy controls
• Optional conversation export (user-controlled)
• Local-first architecture where possible

Security Measures

Input Sanitization

• Message content is limited to 500 characters per message
• Only 'user' and 'assistant' roles are allowed (prevents system prompt injection)
• Empty messages are filtered out

Rate Limiting

• Maximum 12 user turns per conversation
• Server-side turn counting (prevents client-side manipulation)

API Security

• API keys stored in environment variables (never exposed to client)
• Serverless functions handle all sensitive operations
• No CORS for game chat (same-origin only)

Your Rights & Control

You Control:

• What you share: Only share ideas you want to make public
• When you share: Sharing is opt-in, not automatic
• Your conversation: Conversations are ephemeral - close the browser to end the session

No Account Required

You can use the game interface without creating an account, providing an email, or any personal information.

Questions or Concerns?

If you have questions about privacy, data handling, or want to report a concern, please open an issue on GitHub or contact the project maintainers.