BBB CT
Survive the Scam
CASE FILE · INTERNAL · NOT FOR DISTRIBUTION

How we keep your story.

The privacy policy for Survive the Scam. Last revised May 14, 2026.

Survive the Scam is a non-profit scam-education project produced for the Better Business Bureau, Connecticut. The product is interactive, anonymous, and free. The notes below describe exactly what we know about you when you use it, what we don’t, and why.

What we collect

When you sit down by the fire, your browser generates a random session identifier — a string of letters and numbers, with no connection to your name, email, or any other personal information. That identifier is sent to our server alongside three kinds of events:

  • Scene views. Which episode and which scene you reached, with a timestamp. This lets us understand which beats are hardest to sit through and which decisions are hardest to make.
  • Decisions. Which choice you picked at each decision point, and the risk delta it carried. This lets the product eventually show you comparative analytics — “you picked C; 12% of viewers did” — so you can understand where your instincts land relative to others.
  • Outcomes. Which ending you landed on. The same as above but for the final scene of each episode.

All three event types are stored in a database hosted by Supabase in the United States. Each row contains the session identifier, the episode ID, the node ID, and a timestamp. Nothing else.

What we don’t collect

  • No name. No email. No phone number. No mailing address.
  • No IP address is stored alongside your events.
  • No third-party analytics: no Google Analytics, no Meta Pixel, no LinkedIn Insights, no advertising trackers of any kind.
  • No tracking cookies. The site uses your browser’s sessionStorage and localStorage to remember which cases you’ve closed, your mute preference, and whether you’ve already lit the fire. None of that information leaves your device.
  • No demographic data. No inferred age, gender, income, or location beyond the Connecticut framing already baked into the product.
  • No microphone or camera access. The audio in the product plays one way — out of your speakers.

Why we collect what we collect

There are two reasons, and only two:

  1. To show comparative choice analytics. When you reach an outcome, we want to be able to say “you took the hardest path; 8% of viewers did.” That requires knowing what most viewers do. The aggregate is the lesson.
  2. To tighten BBB Connecticut’s pattern data on real scams. Which scenes make viewers freeze, which decision points produce the most disasters, which scams resonate with which demographics — anonymous patterns feed back into BBB CT’s consumer alerts. Your one anonymous session improves the alert that goes out to the next person.

How long we keep it

Aggregate event data is retained for 24 months and then deleted. Session identifiers cannot be linked to anything outside this product — they exist in this database and nowhere else.

Your rights

  • To know what we collect. That’s this page. Bookmark it. We will revise it in public.
  • To clear your local data. Your browser’s site-data settings will erase everything stored on your device (closed-case flags, mute preference, etc.) without affecting the site.
  • To opt out of analytics entirely. Set your browser’s “Do Not Track” signal. We honor it — when it’s present, we suppress all event logging for that session.
  • No account = nothing to delete server-side. We do not keep a profile on you. There is nothing to delete because there is nothing connecting your session identifier to you.

Third-party services we use

These are the only outside services involved in delivering this product:

  • Vercel — hosts the website. Standard server logs (timestamp, requested URL, browser user-agent) are retained by Vercel per their privacy policy. Vercel does not have access to your individual decisions inside the product.
  • Supabase — stores the anonymous event data described above. US-hosted. Encrypted at rest.
  • Mux — used only for video playback (when streamed video episodes ship). Plays one way; collects no PII from viewers.
  • ElevenLabs & Replicate — used only at content-prep time by the production team. No viewer data is shared with either service. You do not interact with them directly.

Children

This product depicts financial fraud against adults and is not directed at users under 18. We do not knowingly collect data from children. If you are a parent or guardian and believe your child has used the product, contact BBB CT (below) and we will purge any associated session data on request.

Changes to this policy

When we change this page, we will note the revision date at the top. Material changes — anything that affects what we collect or who can see it — will be flagged with a banner at the top of the landing page for seven days.

Contact

Privacy questions belong with BBB Connecticut. They are the sponsoring institution and the keepers of this product’s standards.

Better Business Bureau, Connecticut
Cromwell, CT
860-740-4500
bbb.org/local-bbb/bbb-serving-connecticut ↗

This product is a non-profit consumer-protection collaboration with BBB Connecticut. The stories are dramatized composites of real reported Connecticut scams. The fewer people we know about, the better we can tell them.