Privacy Policy.
Last updated: 2026-06-22. Hammerstein.ai is operated by Conflict Simulations LLC.
The short version
Hammerstein.ai does not use cookies. There are no third-party advertising trackers on any page. The Meta Pixel is disabled. Analytics is first-party and cookie-free — page events go to Cloudflare Functions logs; API usage telemetry (endpoint, model, token counts, duration) goes to Cloudflare Analytics Engine. No cross-site tracking. If you have an account, we hold your email address and subscription status. Your session content (board states, queries, orders) is not sold, shared, or used to train models.
Who we are
Hammerstein.ai is operated by Ray Weiss / Conflict Simulations LLC (a United States limited liability company). Contact: rweiss@consimsltd.com.
What we collect
Account data
When you subscribe, your email address is stored by our payment processor (Stripe) and a subscriber token is issued. We hold your email address and subscription status in Cloudflare D1 to validate tokens and run the account portal. We do not store payment card details; Stripe handles all card data under their privacy policy.
Session and campaign data
Wargamer, Kriegsspiel, Chat, and Matrix sessions generate query content (board states, turn questions, orders issued). For free demo users, campaign logs are stored only in your browser's localStorage and are never sent to our servers. For Regular and Lifetime subscribers, campaign logs are synced server-side to Cloudflare D1 to enable cross-device continuity. This data is not used for model training and is not shared with third parties except as described below.
Analytics
We use two first-party, cookie-free analytics mechanisms — no advertising network involvement, no cross-site tracking:
- Cloudflare Functions logs: page views, form interactions, and outcome categories (e.g. turn completed / error) are sent to
/api/eventand written as structured JSON to Cloudflare's server-side log stream. We never log the content of your board state, turn question, or orders. - Cloudflare Analytics Engine: API call metadata only — endpoint, model, token counts, duration, and outcome. No prompt or response content is logged.
Server logs
Cloudflare Pages Functions produce standard server logs (IP address, request path, response code, timestamp). These logs are used for debugging and security purposes and are retained according to Cloudflare's standard log retention schedule.
What we do not collect
- No advertising cookies or cross-site tracking pixels. The Meta Pixel is explicitly disabled on all pages.
- No fingerprinting scripts.
- No analytics that track you across other websites.
How we use your data
- Account email: to issue your subscriber token, send your welcome email, and (if you contact support) to respond to you.
- Campaign data (subscribers): to provide cross-device session continuity.
- Analytics events: to understand where users encounter friction and improve the product.
- Improvement opt-in: if you explicitly enable the "Allow my chat content to help improve Hammerstein" toggle on your account page (off by default), your session content may be reviewed and used for manual prompt tuning. You can withdraw at any time by toggling it off.
Third-party processors
- Stripe — payment processing and billing portal. Governed by Stripe's privacy policy. Stripe receives your email and payment details when you subscribe.
- OpenRouter — AI inference routing for Wargamer, Chat, Kriegsspiel, and Matrix turns. Your query is transmitted to OpenRouter and forwarded to Anthropic Claude Sonnet 4.6. Governed by OpenRouter's privacy policy. We do not pass your account email or subscriber token to OpenRouter.
- Resend — transactional email delivery (welcome email on subscription). Governed by Resend's privacy policy. Receives your email address to send the welcome email.
- Cloudflare — hosting, edge functions, D1 database, KV storage, and analytics. Governed by Cloudflare's privacy policy.
We do not sell your data to any party. We do not share your data with advertising networks.
Data retention
Subscriber account data (email, subscription status) is retained for as long as your subscription is active and for 30 days after cancellation, after which it is deleted on request or purged automatically. Campaign session data stored in Cloudflare D1 is retained for as long as your account is active. You may request deletion at any time (see Your Rights below).
Your rights
You have the right to request access to, correction of, or deletion of any personal data we hold about you. To exercise any of these rights, email rweiss@consimsltd.com with the subject line "Privacy Request" and we will respond within 30 days. If you are located in the European Economic Area, you have additional rights under the GDPR, including the right to lodge a complaint with your local supervisory authority.
Children
Hammerstein.ai is not directed at children under the age of 13 (or under 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at the address above and we will delete it.
Changes to this policy
We may update this policy from time to time. Material changes will be noted with an updated "Last updated" date at the top of this page. Continued use of the service after a material change constitutes acceptance of the revised policy.