familiar.systems familiar.systems

Privacy Policy

Content last updated: 10 May 2026

When you and your friends sit down at a table and press record, you are trusting this website and the person who runs it with some of your most intimate moments. This privacy policy explains what we do with your data. This preamble explains why we do it that way, and why we think we're worthy of your trust.

Firstly, by paying us for this service, you are the customer, not the product. There are no ads, no cross-site marketing tracking, and no analytics for anything other than understanding how we can make the service you pay for better. We never sell or give away your data to third parties.

You pay us. We ease your tabletop bookkeeping burden. That's it.

Secondly, we host every service in the EEA, using exclusively EEA-headquartered companies.

Every link in our chain that touches your data - us, our hosting provider, our payment processors, our analytics - operates under the same law, GDPR, with the same regulators and enforcement mechanisms. When we tell you your data is protected, we can point to the specific law that protects it, name the authority that enforces it, and show you the fines that have been levied when companies violated it. The EU and EEA are not perfect, but for matters of privacy and consumer protection, they are unquestionably the best in the world. That's why we feel comfortable asking you to trust us with your table.

The creator of familiar.systems is American. The legal entity that operates it, Grinshpon Consulting ENK (Org. nr. 936 927 742 MVA), is Norwegian, and that's a deliberate choice. This arrangement protects you, your friends, and your family under the umbrella of a government that consistently ranks within the global top 5 on the Freedom in the World Index, the Democracy Index, the Press Freedom Index, and the World Justice Project's Rule of Law Index. The privacy laws that govern us here were written to protect the people whose data is being held.

U.S. law was not. We cannot use U.S. technology if we want to keep our promise to you. If you live outside the U.S., your data would be reachable through the CLOUD Act and FISA Section 702. If you live inside it, your data held by any U.S. company is reachable under the third-party doctrine, through administrative subpoenas issued without judicial review, and through the commercial data that federal agencies routinely purchase from brokers.

We commit to never storing or moving a single byte of your information in or through a jurisdiction whose privacy laws cannot give you what we have promised you. These aren't just some rows in a database or files on a hard drive. They're some of your most intimate moments, and we're holding them. We commit to making sure you never have to think twice about the sanctity of your table.

See also:

1. Introduction

familiar.systems is operated by Grinshpon Consulting ENK (Org. nr. 936 927 742 MVA).

2. Data We Collect

We collect only what you give us:

  • Account information - your email address when you sign up.
  • Campaign content - the notes, characters, locations, items, and other material you create in familiar.systems.
  • Session recordings - audio you upload for transcription.
  • Usage data - basic server logs and product analytics needed to keep the service running and improve it (see Cookies & Analytics below).

3. How We Use Your Data

Your data is used to deliver and improve the service you pay for. That means storing your campaigns, processing your session audio, and running AI features against your content. We do this because it's the service you signed up for. That's our legal basis under GDPR (contract performance).

When something breaks (a transcription goes wrong, an entity extraction misses the mark), we look at what happened so we can fix it. That includes looking at your actual content when needed to diagnose a problem. We also use patterns in corrections and errors to improve how the product works for everyone. Our legal basis for this is legitimate interest: we have a direct interest in making the thing you pay for actually work.

familiar.systems is a paid service. You are the customer, not the product. We do not sell your data, serve ads, build advertising profiles, or share your information with third parties for marketing purposes. The only thing we do is make it easy to run a tabletop game.

4. Audio Data & Speech Recognition

Tabletop RPG sessions present unique challenges for speech recognition. Players frequently code-switch mid-sentence, mixing their native language with English game terms, fantasy names, and system jargon. Multiple people may record the same session simultaneously from different devices. Current speech recognition models do not handle these scenarios well.

To build transcription that actually works for tabletop gaming, we may use audio you upload to improve our speech recognition models. This means training and fine-tuning automatic speech recognition (ASR) models so that familiar.systems gets better at understanding the way people actually play. Our legal basis for this is legitimate interest: better speech recognition directly benefits everyone who uses the service.

To be absolutely clear about what this does and does not include:

  • Audio may be used to improve our speech recognition models only: the models that convert sound into text.
  • Audio is never used to train generative AI models such as large language models (LLMs). Your sessions, characters, and campaign content will never appear in another user's AI output.
  • Audio is never sold, licensed, or shared with third parties.
  • Models trained on your audio are used exclusively within familiar.systems. They are not sold, licensed, or made available to third parties in any form.

Per-campaign choice. When you create a campaign, you must explicitly choose whether its audio may be used to improve our speech recognition models. There is no default. The campaign cannot be created without making this choice, and you can change it at any time in the campaign's settings.

If you start a campaign with training enabled and later switch it off, your audio is removed from our training pool. We will not include it in any future training run. Period.

To be straight about the limit of that commitment: training a speech recognition model from scratch is prohibitively expensive. We fine-tune existing weights to produce new ones, and the weights that exist today were shaped in part by data that may now be opted out. We treat those weights as derivative works - our own transformed output, not your data - and we will continue to use them as starting points for future training. Think of it this way: a teacher who learned from reading your essay still knows what they learned, even after returning the essay. Opt-out guarantees that your audio files will never enter another training pass.

Audio retention

Your audio is kept for as long as your subscription is active and the campaign exists. We keep it because the journal feature uses it: post-session recaps surface major plot moments and memorable lines, and each surfaced moment links back to the audio of when it happened at the table. The feature only works if the audio is still there.

When you delete a campaign, its audio is deleted immediately. There is no trash, no grace window, no recovery.

If your subscription lapses, we hold your data for 90 days. During that window your campaigns and audio remain intact and are restored if you reactivate. After 90 days without an active subscription, the audio is deleted along with the rest of the lapsed account's data.

5. Data Residency & Service Providers

All data is processed and stored on cloud infrastructure hosted exclusively within the EU/EEA. Your data never leaves the EU/EEA.

We use a small number of service providers to run familiar.systems. All of them process data within the EU/EEA. A current list is available at Sub-processors.

6. Cookies & Analytics

We use cookies and lightweight product analytics exclusively to improve the familiar.systems application for customers. For example: if an action you perform fails, we use that information to find and fix the problem. If we notice that reaching a common feature takes three clicks, we use that to simplify the navigation. Our legal basis for this is legitimate interest.

This data is never used for advertising, profiling, or sold to third parties. It exists for one reason: to make the product you pay for work better.

7. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data and receive a copy of it.
  • Correct inaccurate or incomplete data.
  • Delete your data and account.
  • Export your data in a portable format.
  • Object to processing based on legitimate interest. For speech recognition model training, use the per-campaign training setting. For other processing based on legitimate interest, we are a small operation and do not currently offer granular opt-out controls. If the service no longer works for you, you can delete your account and all associated data at any time.

One exception: Norwegian bookkeeping law requires us to retain billing and transaction records for a set period, even after you delete your account. This applies to payment records only, not your campaigns or audio.

To exercise any of these rights, contact us at the address below.

8. Contact

Questions about this policy or your data? Reach us at hello@loreweaver.no.