Privacy policy

When you sign in with Discord, Google, or Steam, we receive a provider account id, your email (Google/Discord), your display name, and your avatar. We use Steam's public ID to fetch your owned-games list when you import your library.

As you use the app we store: games you add, the platforms and statuses you choose, hours played, sessions you log, XP and level data, achievements, friends, and any preferences (e.g. leaderboard visibility, timezone).

No third-party advertising trackers. No Google Analytics. No Facebook pixels. We may add Plausible privacy-friendly analytics later — if we do, we'll update this page first.

To run the product: track your backlog, award XP, populate leaderboards, suggest what to play next. That's it. We don't sell, rent, or share your data with advertisers.

Your username and stats appear on public leaderboards by default. You can opt out anytime in /settings. Your real name from the OAuth provider is never shown — only your handle.

Your library, sessions, and achievements are private to you unless we add explicit sharing later.

Data is stored in a PostgreSQL database hosted on Railway in the EU. Backups follow Railway's standard retention. Auth.js sessions live in cookies (HTTP-only, SameSite=Lax).

• IGDB / Twitch:server-side calls to look up game metadata. We send a search query; we don't send your identity.
• Steam: if you sign in with Steam, we use the OpenID flow plus the Web API to read your owned-games list.
• Discord / Google: OAuth providers for sign-in only.
• Stripe: scaffolded but not active. When Pro launches, billing data lives at Stripe and we store only the subscription state.

You can download every byte of your data as JSON, or delete your account entirely, from /settings. Deletion is permanent — there is no recovery window. We do not retain a shadow copy.

Strictly-necessary session cookies for authentication. A single localStorage flag for whether you've dismissed the cookie banner. No tracking cookies.

If we change anything material, we'll bump the date at the top and tell you in-app. Continued use after a change means you're cool with it.

Questions or a data request you can't self-serve? Reach us via the email listed in the repo README. (We're a small team — please be patient.)