Privacy Policy

Last updated: July 1, 2026

Overview

playlogd.gg ("we," "our," or "us") operates as a game diary and review tracker. This Privacy Policy explains how we collect, use, and protect your personal data.

1. What We Collect

Required for signup & login:

  • Email address (used only for authentication)
  • OAuth provider info (if using Google/Discord login)

Profile data (optional):

  • Username (public, visible to others)
  • Display name (public profile)
  • Bio (public profile)
  • Avatar image (public profile)

Game activity (your logs):

  • Game entries, reviews, ratings, play dates, status (played/playing/backlog/radar)
  • Tags and notes you add
  • Platforms you own
  • Spoiler markers

Optional features:

  • Steam ID (only when you import your Steam library)
  • Price alerts (games you're monitoring)
  • Lists and recommendations you create

Technical data:

  • IP address (for rate limiting and abuse prevention)
  • Browser/device info (automatically via HTTP headers)
  • Cookies for session management

2. Where We Store It

All data is stored in:
  • Supabase PostgreSQL database (hosted in us-east-1, AWS)
  • Supabase Storage (for avatar images)
  • Supabase Auth (for sessions and authentication)

We do not store your password — Supabase Auth handles authentication securely.

3. How We Use Your Data

  • Authentication: To verify your identity and keep you signed in
  • Service delivery: To store and display your game logs, profiles, and social features
  • Recommendations: To show you relevant games (if enabled)
  • Price monitoring: To notify you of price drops on games you're tracking
  • Bug fixes & improvements: To understand crashes and improve the app
  • Legal compliance: To enforce our Terms of Service

We do not:

  • Sell or rent your data
  • Share data with advertisers
  • Use your email for marketing without consent
  • Use data for AI/ML training

4. How Long We Keep Your Data

  • Active accounts: We keep data as long as your account exists
  • After deletion: We delete all personal data within 30 days of account deletion
  • Backups: Our database backups are retained for 30 days, then destroyed
  • Logs: Server error logs are kept for 14 days

5. Your Rights

You can:

  • Download your data: Request an export of all your logs, profile, and account data
  • Delete your account: Remove yourself and all associated data permanently
  • Update your profile: Edit your username, bio, avatar anytime
  • Delete logs: Remove individual game entries or mass-delete your library
  • Opt out of features: Disable price alerts or social features

GDPR/CCPA rights (if applicable):

  • Right to access: Get a copy of your data
  • Right to deletion: "Right to be forgotten" — delete your account
  • Right to correction: Update your information
  • Right to data portability: Export your data in standard format

To exercise these rights: Email mckevvv@gmail.com with your request.

6. Data Security

We protect your data using:
  • HTTPS encryption in transit (TLS 1.3)
  • Row-level security (RLS) in the database — only you can see your logs
  • Password hashing (via Supabase Auth)
  • No plaintext secrets in code or logs
  • Regular security headers (CSP, HSTS, X-Frame-Options)

7. Third-Party Integrations

Some services run server-side — your browser never contacts them directly, so they see our servers, not your IP or device:
  • IGDB / Twitch (game data) — queried through our backend for game info
  • CheapShark (store pricing) — queried through our backend to show where to buy
  • Steam (optional import) — we call Steam's API from our backend using the Steam ID you provide; your Steam ID is only stored after you authorize the import

Others run client-side — your browser contacts them directly, so they receive your IP and basic device info under their own privacy policies:

  • Cloudflare Turnstile (bot/abuse protection) — on feedback and auth forms
  • Google / Discord (optional login) — OAuth sign-in only

Infrastructure providers that process data on our behalf:

  • Supabase (database, auth, storage) — see Section 2
  • Vercel (hosting/CDN) — serves the app and processes request metadata (IP, headers) to deliver pages

We do not share your data with any of these beyond what's necessary to provide the Service.

8. Cookies

We use:
  • Session cookies (from Supabase Auth) — to keep you logged in
  • Site cookies — to remember your preferences (optional)

Third-party cookies are limited to OAuth providers during login.

9. Children

playlogd is not intended for users under 13 (COPPA) or under 16 (GDPR). If we discover a child has created an account, we'll delete it immediately.

10. Changes to This Policy

We may update this policy. We'll notify you via email if changes are material. Continued use = acceptance.

11. Contact

For privacy concerns, data requests, or deletions:

Email: mckevvv@gmail.com

Privacy Policy — playlogd.gg