Payphone Tag is a small game run by Alex Allchin (al3x.au). This page describes what the site and its Android app collect and why.

This policy applies equally to payphonetag.com and the Payphone Tag Android app. The app is a thin wrapper around the website and uses the same backend, so every data practice below applies in both places.

What we collect

• Callsign, emoji, and 5-digit PIN — generated by us when you register. The PIN is your account credential. We store it unhashed because it functions as a throwaway game code rather than a reusable password. Do not reuse a PIN you use anywhere else.
• Your IP address — used for rate limiting registration, PIN entry, and push subscriptions. Stored hashed in memory only (never written to disk) and discarded on server restart.
• Payphone caller ID — when you dial one of the phone numbers listed on the site, our telephony provider (CrazyTel) receives the payphone's Australian phone number and passes it to our Asterisk PBX so we can attribute the call to the correct payphone. We store the caller ID alongside your capture to enforce gameplay rules (e.g. preventing spoofed calls). Because each payphone has a fixed real-world location, this doubles as an approximate-location record of where you were when you dialled — tied to the payphone's location, not GPS-precise.
• Capture history — every successful capture is logged with the phone, timestamp, and player. Visible on public leaderboards and activity feeds.
• Web Push subscription — if you tap "Enable Notifications," your browser gives us a push endpoint and encryption keys. We use these only to send game alerts (someone stole your phone, a streak milestone, etc.). Disable at any time in the identity panel.
• Optional browser geolocation — if you tap "Find nearest" features, your browser asks your permission and sends your coordinates to the map in your own browser. We do not receive or store these coordinates on the server.
• Privacy-friendly analytics — we run a self-hosted Umami instance to count page views and track which features are used. Umami is cookieless, does not use any tracking identifiers, and does not collect personal data. Traffic is aggregated (page, referrer, country, browser family) and never tied to your player account.

What we don't collect

• No real names, email addresses, or phone numbers (other than the payphone's own number).
• No ad tracking, no third-party advertising, no cross-site trackers.
• No access to your contacts, camera, microphone, files, or any other device data.

Who sees your data

• Other players see your callsign, emoji, captures, and ranking on public leaderboards, maps, and activity feeds. You can request a name/emoji change or account deletion via the contact below.
• The admin (Alex) can see your capture history, call log, and reports via an admin dashboard protected by a bearer token.
• Nobody else. Your data is not sold, shared, or exposed to advertisers.

Where your data lives

All game data is stored in a SQLite database on a server in Oracle Cloud (Sydney region). Encrypted backups are uploaded daily to Oracle Object Storage.

Payphone Tag's servers are located in Australia. If you access the site or app from outside Australia, your data is transferred to and processed in Australia.

How to delete your data

See the data deletion page for the full step-by-step and timeline. The short version:

• On explicit request (email [email protected]): we scrub your PIN, callsign, emoji, colour, and profile slug from the database, delete your push subscriptions and badges, and return your callsign/emoji to the pool. Capture log rows stay in the database attached to the now-anonymous record so the game's historical state doesn't break — they contain no personal information themselves. Actioned within 7 days.
• Automatically, for throwaway signups: accounts that register but never capture a payphone are auto-purged after 3 days. Active players (with at least one capture) are retained indefinitely unless you request deletion.

Children

Payphone Tag is not directed at children under 13, and we do not knowingly collect data from children. The game involves travelling to public payphones, which is not an activity aimed at that age group. If you believe a child under 13 has registered, email the address above and we'll remove the account.

Changes to this policy

Last updated: 22 April 2026.

Material changes are announced on the site and logged below.

• 22 April 2026 — Initial version.

Contact

Questions or requests: [email protected] or the feedback site.

← BACK TO GAME