Privacy Policy
What we collect, why, and who touches it — in plain language.
Who we are
BountySmith is a pilot marketplace for Roblox asset work — VFX, modeling, animation, UI, icon/logo, sound, and building (no programming or scripting work). Studios post funded bounties, admin-verified creators deliver work through a vault, and final files stay locked until the studio approves and payment is released.
BountySmith is operated by [BountySmith legal entity — TODO]. It is not affiliated with Roblox Corporation. The platform is for adults only: you must be at least 18 to create an account, and you confirm this at signup.
Information we collect
Account
- Name, email address, and your role (creator or studio).
- Your password — stored only as a scrypt hash. We never store or see it in plaintext.
Profiles
- Creator profiles: display name, Roblox username, Discord handle, bio, work category, rates, and availability.
- What's public vs. private:your Roblox username (shown as @username) is your primary public identity, and your display name and Discord handle (if set) are also public on your profile — so keep the display name privacy-safe (e.g. "Maya R."), not a legal name. Your email address, account credentials, and payment/payout details are never shown publicly; payment identity lives with Stripe, not on your profile.
- Studio profiles: studio/game name, Roblox game or group URLs, genre, team size, hiring history, and ownership proof.
- Portfolio proof: the category-specific technical evidence you submit for verification.
Files and marketplace activity
- Files you upload, stored in Cloudflare R2.
- The content of bounties, applications, submissions, reviews, and disputes.
Administration
- Admin notes, verification decisions, and audit logs of admin actions.
Payments
- Payment status and Stripe identifiers (checkout, payment-intent, transfer, and refund IDs), plus webhook event records.
- Card numbers and bank details never touch BountySmith. Creators enter payout bank details directly with Stripe during Stripe Express onboarding — we never receive them.
Security data
- Rate-limit counters and session records, which include your IP address and browser user agent.
How we use your information
- Running the marketplace — accounts, profiles, bounties, applications, the deliverable vault, and notifications about your work.
- Verification — reviewing creator portfolios and studio ownership proof before granting verified status.
- Payments — tracking funding, held payments, releases, and refunds via Stripe.
- Disputes and audit — resolving disputes and keeping audit records of admin decisions.
- Security — rate limiting, session management, and abuse prevention.
How we share information
We do not sell your data. We share it only with the service providers below, so the platform can function, and where the law requires it. Parts of your profile and marketplace activity (bounties, applications, reviews) are visible to other users as part of how a marketplace works.
Service providers
- Vercel — hosting.
- Neon — Postgres database.
- Cloudflare R2 — file storage.
- Stripe — payments (test mode only during the pilot; no real money moves).
- Cloudflare Turnstile — optional bot checks on signup, login, and password reset.
- Resend — optional email delivery. When it is not configured, password reset and verification links appear in server logs instead (“manual delivery mode”) and no email provider receives your address.
Authentication runs on Better Auth, a self-hosted library — not a third-party identity service. Your auth data stays in BountySmith’s own database.
Cookies and analytics
BountySmith uses essential cookies only — the Better Auth session cookie that keeps you signed in. There are no advertising cookies, no tracking pixels, no third-party analytics services, and no cross-site tracking. We don’t sell or share your data.
We keep first-party, privacy-conscious product analytics to understand how the pilot is used — for example, how many people view a page, start signup, post a bounty, or complete a hire. These are aggregate event counts stored in our own database and visible only to our administrators. Each record holds only the event name, a coarse role (visitor, creator, studio, or admin), and a timestamp. We do not attach your name, email, IP address, browser fingerprint, or any identifier to these events, and they are never used to profile or target you. No data leaves BountySmith. Because nothing here identifies you, there is no separate consent banner beyond the essential session cookie.
Retention and deletion
During the pilot, we keep your data while your account exists. To request deletion or ask questions about your data, contact 2017harrisonwells@gmail.com. Demo databases are periodically wiped and re-seeded during the pilot.
Security
We take reasonable measures: hashed passwords, database-backed revocable sessions, server-side authorization on every action, private file storage with signed URLs and locked finals, security headers, and rate limiting. No system is perfectly secure, and we don’t claim ours is — for example, uploads are not yet virus scanned. The full, honest detail lives in the repository’s SECURITY.md.
Children and minors
BountySmith is 18+ only and not directed at children. We do not knowingly collect data from anyone under 13. If you believe a minor has provided us data, contact 2017harrisonwells@gmail.com and we will delete it.
Your choices and contact
You can view and edit your profile information in the app. For access, correction, or deletion requests — or any privacy question — contact 2017harrisonwells@gmail.com. See also the contact page.
Regional rights
California and EU/UK residents may have additional rights — [to be completed with counsel — TODO].
Changes to this policy
We may update this policy as the pilot evolves. The “last updated” date at the top reflects the current revision, and the policy version you accepted is recorded with your account. Material changes will be flagged before any production launch.