Noise
Privacy Policy
Last updated: April 7, 2026
This Privacy Policy explains how personal data is processed when using Noise at noize.fun.
1. Controller
Jason Herrmann
Erwin-Baelz-Strasse 61
74321 Bietigheim-Bissingen
Germany
Email: jason2002hg@gmail.com
2. Data We Process
When using Noise, the following data may in particular be processed:
- technical access data such as IP address, time, requested URL, status codes, and technical request data to the extent they arise in server or proxy operation,
- lobby and game data such as lobby code, player ID, player name, host role, ready state, settings, activity history, game phase, and lobby membership,
- audio and content data such as text input, voice recordings, uploaded audio file names, and game-related artifacts,
- session data such as the technically necessary
noise_sessioncookie and server-signed session information, - security and abuse-prevention data such as rate-limit counters, Redis keys, connection data, and presence information,
- convenience data stored locally in the browser such as the last player name used and the last selected icon in
localStorage.
3. Purposes and Legal Bases
We process personal data for the following purposes:
- to provide the game, lobby features, audio transmission, and ongoing gameplay, Article 6(1)(b) GDPR,
- for IT security, error analysis, abuse prevention, rate limiting, and service stability, Article 6(1)(f) GDPR,
- to compile anonymised aggregate usage statistics (monthly active users) using a HyperLogLog data structure in Redis, from which no individual player can be identified or reconstructed, Article 6(1)(f) GDPR,
- to comply with legal obligations where statutory retention or documentation duties apply, Article 6(1)(c) GDPR,
- to process contact requests, Article 6(1)(b) or (f) GDPR depending on the nature of the request.
4. Cookies and Local Storage
Based on the current implementation, Noise only uses technically necessary storage mechanisms. These include in particular the noise_session session cookie for authenticated lobby actions and local browser storage for convenience features such as player name and icon selection.
Based on the current technical implementation, no analytics, advertising, or profiling cookies are used, and no external tracking services such as Google Analytics, Meta Pixel, PostHog, Plausible, or similar tools are integrated.
5. Recipients and Technical Service Providers
Data is processed within the technical infrastructure used to operate Noise. This may include, in particular, the web server, backend server, Redis database for lobby and timer states, and any hosting or infrastructure providers involved. Data is only shared where necessary to operate the service or where there is a legal obligation to do so.
6. Storage Period
We store personal data only as long as necessary for the respective purposes.
- Session cookies may remain valid for up to 14 days according to the current server configuration, but are deleted when a user actively leaves a lobby.
- Lobby data is stored server-side in Redis and, according to the current configuration, is removed after no later than three days of inactivity unless deleted earlier.
- Audio files are generally stored only for gameplay and are deleted when a lobby is closed, during certain resets, when the lobby becomes empty, or at the latest after the end-screen timeout.
- Convenience data stored in the browser remains until deleted by the user or overwritten.
- Server and security logs are retained only as long as necessary for operation, security, and error analysis.
- Anonymised usage statistics (monthly active user counts stored in HyperLogLog) are retained for up to 90 days and then automatically deleted.
7. Provision of Data
The provision of essential game and session data is required to use Noise. Without this data, lobbies, game phases, audio transmission, and security functions cannot be provided properly.
8. Your Rights
Subject to the legal requirements, you have in particular the right to access, rectification, erasure, restriction of processing, data portability, and to object to certain types of processing. Where processing is based on consent, you may withdraw that consent with effect for the future.
You also have the right to lodge a complaint with a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement.
9. No Automated Decision-Making
Based on the current state of the service, no automated decision-making, including profiling within the meaning of Article 22 GDPR, takes place.
10. Contact for Privacy Questions
You can send privacy-related inquiries to jason2002hg@gmail.com.
Note: If analytics, payment, login, or other third-party services are added in the future, this Privacy Policy must be updated accordingly before they are used.