Last updated: April 5, 2026
When you sign in with Google, we store your name, email, and profile picture. That is your account. We also store whatever projects and story graphs you create while using Scyn.
We use Sentry to monitor errors and performance so we can fix problems quickly. We use PostHog to track anonymous product usage so we know which features matter. We do not sell your information to anyone.
To run the app. Your account info lets us log you in and show you your projects. Your story data exists so you can edit it. Nothing else happens with it.
If you are in the EU, UK, or EEA, we process your data under these legal bases:
We do not rely on consent as a legal basis for core functionality. If we ever introduce optional features that require consent (such as marketing emails), we will ask for it separately.
Scyn uses a single HTTP-only authentication cookie to keep you logged in. This cookie is set with SameSite=Strict, which means it is only sent to scyn.app and never to third-party sites. It contains a session token, not personal information.
PostHog sets a first-party analytics cookie to distinguish unique visitors. This cookie does not contain your name, email, or any account information. Sentry does not set cookies.
We do not use advertising cookies, tracking pixels, or any third-party marketing cookies.
Everything sits in a PostgreSQL database. Authentication uses HTTP-only cookies with a strict same-site policy, so your session token never touches JavaScript or leaves the origin.
Google handles sign-in via OAuth. We receive your name, email, and profile picture. We do not receive or store your Google password.
Sentry (sentry.io) receives error reports and performance data when something breaks. This includes browser type, OS, and stack traces. It does not include your story content.
PostHog (posthog.com) receives anonymous usage events like page views and feature clicks. We use this to figure out which parts of the app people actually use. PostHog does not receive your story content either.
No third-party service has access to what you write in your projects.
Your account and project data stay as long as your account exists. Error logs in Sentry are retained for 90 days. PostHog analytics data is retained for 12 months. If you delete your account, we remove your data from our database within 30 days. Backups that contain your data rotate out within 90 days after that.
If you are in the EU, UK, or EEA, you have rights under GDPR. If you are in California, you have rights under CCPA. In plain terms, you can:
Email support@scyn.app for any of these. We will respond within 30 days.
Delete individual projects from the dashboard whenever you want. If you want your entire account removed, email support@scyn.app and we will wipe everything within 30 days. That includes your account info, all projects, and all story data. Once it is gone, we cannot get it back.
Our database and servers are hosted in the United States. If you are located outside the US, your data is transferred to and processed in the US. For EU/UK users, this transfer is necessary for contract performance (providing you the service you signed up for).
Scyn is not directed at anyone under 13. We do not knowingly collect personal information from children. If you believe a child has created an account, email support@scyn.app and we will delete it.
If we change this policy in a way that affects your rights, we will notify you by email before the changes take effect. Minor wording updates that do not change your rights may happen without notice. The “last updated” date at the top of the page always reflects the most recent version.
For privacy questions, data requests, or if you want to report a concern: support@scyn.app.