Privacy Policy

Please read this page in conjunction with our terms and conditions.


  • A valid email address is required to sign up for an account.
  • We use your email address to send you important information about 21st Night and your account, such as a reset link when you forget your password.
  • We will not share this email with third parties.

User Data

  • Error log data (including the images and texts for cards) is stored on Firebase, and is only accessed by 21st Night in order to provide the service.
  • Payment information is stored by Stripe, our payment provider.


  • 21st Night uses an internet technology called “cookies” to keep you logged in to the website.
  • The cookies allow us to associate the actions you take with the correct account.
  • The logout option on 21st Night will allow you to remove your login cookie.
  • 21st Night uses Google Analytics for usage statistics, which stores some tracking cookies on your computer.


  • Email-related operations log your email address.
  • We store this information for security purposes (such as blocking malicious access attempts), for diagnosing problems, for analysing usage of the service, and for providing support.
  • Logs are removed upon request.

Third Party Sharing

  • The cards and associated media files you add are private by default. You may share them if you wish, and if you are legally permitted to do so.
  • 21st Night makes use of third party data centers and cloud services in order to store and process your data.
  • We may share your data with law enforcement authorities when required to do so by law.
  • As decks are contributed by other 21st Night users, they may contain links to third party servers not under our control.

Data Retention

  • We will retain your user data while you continue to use the service. As mentioned in our terms and conditions, account data may expire if the account has not been used in 6 months or more.
  • If you delete your account, we will delete your user data.
  • Some of your user data may remain in backups and logs when your account is deleted. This data will automatically expire within a month.
  • If an email we sent to you previously bounced or was marked as spam, we will retain a record of this so we can avoid sending to that address again.
  • We will retain information when legally required to do so.

Keeping Data Safe

  • We endeavour to keep your data safe by following best practices such as encrypting your data in transit, keeping machines up to date, and maintaining backups.
  • No system can ever be completely secure, so we strongly recommend you store a local copy of your user data.
  • Please ensure you use a secure password, and don’t use the same password on multiple sites.

Lawful Basis

Data processing laws require us to state the lawful basis we use for processing your data.

  • Data you provide to us such as your email address and card information is necessary for providing the service to you (servicing a contract).
  • Access logs are used for diagnostic and analytical purposes, and for detecting misuse of the service (servicing a contract, and legitimate interests).


If significant changes to this policy are made, we will notify you via a message when visiting the website or via email.


In the event of a company acquisition, restructure, or bankruptcy, we may transfer your data to a different legal entity. The new legal entity shall respect your privacy in the same way, and notify you if they wish to use your data in a way not described here.


If you have any questions about this privacy policy, please contact us on our support email.