Brundle

Privacy Policy

Privacy Policy

Last updated: March 27, 2026

Brundle is a daily and weekly image-guessing puzzle game operated by WesternBTC. This policy describes what data is collected, where it is stored, and how it is used. We have designed Brundle to collect as little personal information as possible — you can play the daily puzzle entirely without an account.

1. Data We Collect

Anonymous visitors

When you play without an account, we assign a random anonymous visitor ID (UUID v4) that is stored in your browser's localStorage under the key brundle-visitor-id. This ID has no connection to any personal identity. It is used solely to distinguish unique players in aggregate analytics.

Your guesses, the round you are on, and whether you have completed today's puzzle are also stored in localStorage so the game can resume if you close your browser. This data never leaves your device except as part of analytics events described below.

A short-lived session cookie named brundle-session (HttpOnly, 24-hour expiry) is set to enforce daily round progression server-side. It contains only the current date, round number, and a completion flag — no personal information.

Logged-in players (Nostr accounts)

If you sign in with a Nostr identity, your hex-encoded public key (pubkey) is stored in our Redis database to track your weekly game progress and guess balance. We never receive or store your Nostr private key. Signing happens entirely in your browser or remote signer.

Weekly game records (guesses, round, result) are kept for up to 14 days after the week ends, then automatically deleted from Redis. Guess balance and membership status are stored indefinitely until you stop using the service.

Payments

Payments for guesses and membership are processed via BTCPay Server, a self-hosted Bitcoin Lightning payment processor. Brundle receives only a confirmation of payment and the invoice metadata you provided at checkout (your Nostr pubkey, invoice type). No card numbers, bank details, or personal financial information are collected or retained by Brundle. Lightning payments are final and cannot be reversed.

2. Analytics — Public Nostr Events

Brundle publishes analytics data as kind 9041 Nostr events broadcast to public Nostr relays. This means analytics data is permanently public and queryable by anyone with access to those relays. If you are signed in, events are published directly from your own Nostr key. If you are not signed in, events are published by the Brundle server key on your behalf.

Analytics events may contain the following fields depending on event type:

  • Event type (e.g. daily_guess, weekly_guess, guess_payment, onboarding_complete)
  • Puzzle number, puzzle category, week ID, round number
  • The text of your guess
  • Guess result (correct / close / wrong) and similarity score
  • Your anonymous visitor ID (UUID — not linked to any identity)
  • Your Nostr pubkey (if you are logged in — present on all guess and onboarding events)
  • Sign-in method (nip-07, nip-46, nsec, or unknown)
  • Membership status (true/false)
  • HTTP User-Agent string from your browser
  • Timestamp

Because Nostr is a decentralised protocol, we cannot delete or edit events once they have been broadcast. If you have concerns about this, play without logging in to avoid linking your pubkey to guess data.

3. Third-Party Services

BTCPay ServerSelf-hosted Lightning payment processor. Handles invoice creation and settlement. Subject to BTCPay's own data handling.
Nostr relaysPublic decentralised message relays. Analytics events and weekly game results are published here and are permanently public.
Blossom media serverSelf-hosted media hosting at blossom.westernbtc.com. Used by members to upload profile pictures. Subject to WesternBTC's hosting policies.
WesternBTC relayrelay.westernbtc.com — private relay used by members to post game results and receive notifications.

4. Data We Do Not Collect

  • Email addresses
  • Real names or postal addresses
  • IP addresses (not persistently stored — present in HTTP requests but not logged or retained)
  • Device identifiers beyond the browser User-Agent string
  • Tracking cookies or cross-site identifiers

5. Data Retention

Session cookie24 hours, then automatically expires.
localStorage (your device)Persists until you clear your browser storage or uninstall the app.
Redis — weekly game recordsDeleted 14 days after the week ends.
Redis — guess balance & membershipRetained indefinitely while your account is active.
Nostr analytics eventsPermanent — cannot be deleted once broadcast to relays.

6. Your Rights

You may request deletion of your guess balance, membership record, and weekly game history from our Redis database by contacting us. Because Nostr events are permanently broadcast to decentralised relays, we cannot delete analytics events after publication.

You can stop analytics from being linked to your Nostr pubkey at any time by playing without logging in. Your anonymous visitor ID can be cleared by deleting brundle-visitor-id from your browser's localStorage.

7. Children

Brundle is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided information to Brundle, contact us and we will delete it.

8. Changes to This Policy

We may update this policy as the service evolves. Material changes will be noted with an updated date at the top of this page. Continued use of Brundle after changes constitutes acceptance of the updated policy.

9. Contact

Questions about this policy can be directed to the WesternBTC team via Nostr or through the WesternBTC website.

Terms of UseBack to Brundle