Privacy and Security by Design

At Tessel, your table — session audio, secret notes, NPC sheets, plans that only the master knows — is treated as it is: private. Security is not a feature we add later; it's how the platform was designed. Here is, in detail, what we do with your data.

Encryption in Transit

All traffic between you and Tessel travels over TLS/HTTPS. Audio, notes, and any data in transit are encrypted on the way — nothing from your session travels in plain text.

Encryption at Rest

Audio and media are stored in private Cloudflare R2 buckets; structured data (notes, campaigns, metadata) in Postgres managed by Supabase. Both are encrypted at rest by the providers' infrastructure.

Database-Level Isolation

Data from one campaign does not leak into another, nor between users. This is ensured by Row-Level Security (RLS): every read and write is filtered by your authenticated identity, directly in the database — it's not an application check that can be forgotten. The master's private notes are only accessible to you.

Role-Based Access

Within a campaign, access is scoped by roles (master, editor, moderator). The master decides who sees what — secrets remain secrets until you decide otherwise.

AI and Your Data

Tessel's AI transcribes your sessions and organizes the campaign's memory for you. Your content is never used to train our models. To transcribe audio and generate text, we use specialized AI providers, which process the content only to deliver the result you requested — under terms that do not use your data for training. Cached transcriptions are automatically deleted after 72 hours.

You Own Your Data

Your campaign is yours — and you can take it with you or delete it whenever you want. In compliance with LGPD and GDPR, these two rights are available directly in your account settings, without needing to open a ticket.

Data Export (Portability)

At any time, in Settings → Privacy, you can request "Download My Data". Tessel compiles a package with your campaigns, notes, transcriptions, and metadata in two formats: JSON (structured, for migrating to another tool) and Markdown (readable, for you to open and read). The generation is asynchronous — you don't get stuck waiting on the screen — and the result arrives via a temporary download link, which expires after some time. The package includes only what you legitimately can see: the export respects exactly the same RLS boundary of the platform, so other members' private notes never enter your file.

Account Deletion (Right to be Forgotten)

Also in Settings → Privacy, you can request permanent account deletion. To protect against accidental or malicious deletions, there is a 30-day grace period, during which the decision is fully reversible — just cancel it. At the end of the period, your personal data is deleted and the audio and files from your account are removed from storage. Shared campaign content is handled with care: instead of destroying your companions' table, your authorship is anonymized; and if you were the owner of a campaign that other players depend on, ownership is transferred to another member, so the story continues without you.

Payments

Payments are processed by Stripe, a leader in the industry. Tessel never stores or has access to your card data.

The Foundation

Tessel runs on Cloudflare and Supabase — platforms with industrial-level security and compliance. Instead of reinventing cryptography, we build on foundations tested at scale, and add on top the isolation and access control specific to your table.

Talk to Us About Security

We maintain a dedicated security contact channel for responsible reporting of vulnerabilities. If you are a researcher or user and have found something concerning, talk directly to our team: we analyze each report and handle disclosure responsibly, without exposing other users until the fix is live.