Privacy
Scentle is an anonymous daily fragrance puzzle. No account, no email, no marketing trackers. This page is the full list of what gets stored and how to delete it.
What we store
- An anonymous player ID. A random UUID generated in your browser the first time you play. Lives in your browser and is sent with each request so the site knows your puzzle progress. Not linked to your identity in any way.
- Your guesses per puzzle. The fragrance you picked, the date, and whether you won. Keyed only to the player ID above, so it's anonymous unless you tell someone "that's me".
- Referrer + UTM parameters for the first visit that arrives with one, to know which channels (Reddit, Twitter, etc.) bring people in. One row per player.
- Share events. When you tap the share button after a game, we log that you shared (not what you shared).
- Error reports. If something throws an exception in your browser or on the server, the error is sent to a third-party error-tracking service. Configured to not capture IPs, headers, cookies, or any text you type. The anonymous player ID is attached so we can correlate multiple errors from the same browser.
What we don't store
- No email, name, or contact info from players. (The site has an admin login for me. That's the only auth surface and it never applies to players.)
- No persisted IP addresses. We do read your IP transiently to enforce rate limits (so a bot can't spam guesses), but it's never written to the database, never tied to your player ID, and not aggregated for any analytics purpose. Cloud-provider access logs retain it for < 30 days as a standard side effect of running on the internet.
- No cross-site tracking. No third-party advertising cookies. No Google Analytics. No Meta pixel.
- No fingerprinting beyond what your browser sends in normal HTTP headers.
Cookies
| Name | Purpose | Lifetime |
|---|---|---|
player_id | Anonymous play state, required for the game to work | 1 year |
utm_logged | Prevents double-logging your first visit's referrer | 1 year |
Both are first-party + functional. None are used for advertising, analytics profiling, or cross-site tracking, so no cookie banner.
Where data lives (data processors)
- Database & authentication provider. Stores game progress and the admin login. EU region.
- Cloud hosting provider (EU region). Runs this site.
- Caching & rate-limiting service. Short-lived cache + abuse protection.
- Error-tracking service. Receives anonymized error reports for debugging.
Specific vendor names are intentionally omitted; we may swap any of these for an equivalent provider without amending this page. If you'd like the current list of named sub-processors for a specific purpose (e.g., a DPA review), email the address below and I'll send it.
Lawful basis
For each category we process under a specific lawful basis under GDPR Art. 6:
- Anonymous player ID, guesses, share events. Art. 6(1)(b), processing necessary for the service. The puzzle cannot work without remembering which guesses you made.
- Referrer / UTM, error reports, rate-limit IP usage. Art. 6(1)(f), legitimate interest in keeping the site functional, debuggable, and protected from abuse. We've minimized what's collected (no IPs persisted, no PII in error reports, anonymous identifiers throughout) so the impact on you is low.
- Admin login. Art. 6(1)(b), necessary for me to operate the site. Doesn't apply to players.
International transfers
Some sub-processors above (notably the error-tracking service) are operated by companies headquartered outside the EU/EEA, and may process data in the United States. Where this happens, transfers are covered by the European Commission's Standard Contractual Clauses (SCCs) under GDPR Art. 46(2)(c), which the providers incorporate into their data-processing agreements by default. No transfer relies on consent or on legitimate-interest balancing alone.
Data retention
Game-progress rows live indefinitely so trophy replays of past puzzles keep working. Error reports rotate out after 30 days. Server access logs expire after 30 days. There's no offline backup of any of this.
Your rights: delete my data
Under GDPR Art. 15–17 you can ask for a copy of your data, request corrections, or have it deleted. Since everything is keyed to the anonymous player ID stored in your browser, you can wipe it all yourself in one click:
What this does: deletes every row tied to your player ID across our database, clears your cookies, and wipes the related browser storage. After this, visiting the site again creates a fresh anonymous ID. There's no way to link the two.
Beyond deletion, you also have the right to access a copy of your data, correct anything that's wrong, restrict or object to processing, and (where applicable) receive your data in a portable format. Email the address below for any of these.
Right to complain
If you believe we're handling your data unlawfully, you have the right under GDPR Art. 77 to lodge a complaint with a supervisory authority. You can complain in any EU/EEA member state. For users in Germany the relevant authority is the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI) or your respective Landesdatenschutzbehörde. Other EU users can find their national DPA via the European Data Protection Board.
Updates
If this changes, the new version replaces this page. Last updated: 2026-05-06.
Contact
Email hello@kribl.io for anything privacy-related, including data export requests.