Privacy Policy

Last updated: March 2026

Overview

PRISM ("we", "our", or "us") is a tool for Magic: The Gathering players to manage shared cards across multiple Commander decks. This Privacy Policy explains how we collect, use, and protect your information.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address (required for authentication)
  • Password (stored securely using industry-standard hashing)

Usage Data

We collect information about how you use PRISM:

  • Deck names and card lists you create
  • PRISM configurations you save
  • Basic usage logs for debugging purposes

Local Storage

PRISM stores data locally in your browser (localStorage) for offline functionality. This data stays on your device unless you choose to sync it with an account.

How We Use Your Information

We use your information to:

  • Provide and maintain the PRISM service
  • Authenticate your account
  • Sync your deck data across devices
  • Debug and improve the application
  • Send important service-related emails (e.g., password reset)

We do not sell your personal information or share it with third parties for marketing purposes.

Data Storage & Security

Your data is stored securely using Supabase, which provides:

  • Encrypted data transmission (HTTPS/TLS)
  • Row-level security ensuring you can only access your own data
  • Secure password hashing
  • Regular security updates

Your Rights

You have the right to:

  • Access your personal data
  • Export your deck data (JSON/CSV export feature)
  • Delete your account and all associated data
  • Correct inaccurate information

To exercise these rights, contact us at the email below.

Cookies & Tracking

PRISM uses minimal cookies:

  • Authentication cookies - Required to keep you logged in
  • Analytics cookies - Google Analytics sets cookies to help us understand aggregate traffic patterns (pages visited, session duration, referral source). No personally identifiable information is collected or shared.
Analytics data is used only to improve PRISM — for example, to understand which pages are most useful and how users navigate the app. You can opt out via Google's opt-out browser add-on.

Third-Party Services

PRISM uses the following third-party services:

  • Supabase - Database and authentication (Privacy Policy)
  • Scryfall API - Card images and data (Terms)
  • Netlify - Website hosting (Privacy Policy)
  • Google Analytics - Aggregate traffic analytics (Privacy Policy). Data collected includes pages visited, session duration, browser type, and approximate location (country/region). No personally identifiable information is sent to Google.

Children's Privacy

PRISM is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on the site. Your continued use of PRISM after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

prismmtg@gmail.com