Anonymous play still uses personal data.

What we process

• Anonymous guest identifier stored on the device and a hashed copy of that identifier on the backend.
• Generated guest display name, gameplay records, room codes, participation history, and short-lived websocket connection state.
• Infrastructure metadata handled by hosting providers such as IP address and access logs.

Why we process it

• Create and maintain anonymous guest sessions.
• Run public matchmaking, private rooms, rematches, and spectator access.
• Maintain live game state, move history, and reconnect grace handling when a player disconnects during their turn.
• Handle privacy requests, security incidents, and abuse prevention.

Legal bases

• Performance of a contract or steps requested by the user to provide matchmaking, room joins, live gameplay, and reconnect handling.
• Legitimate interests for basic service security, abuse prevention, and short retention needed to keep game state consistent.

Processors

• Cloudflare: PartyKit realtime hosting, Durable Objects, D1 storage, and edge delivery. (May process or transfer data in the United States and other regions permitted by its DPA and subprocessors list.)
• Vercel: Application shell hosting, server functions, and delivery. (Primary processing facilities are in the United States, with possible processing in other regions used by Vercel or its subprocessors.)

International transfers

• If hosting or infrastructure providers process personal data outside your country, transfers are handled under the provider data processing terms and applicable transfer safeguards.
• Cloudflare states in its privacy and DPA materials that service data may be processed globally, including in the United States and other regions used by Cloudflare and its subprocessors.
• Vercel states in its DPA that its primary processing facilities are in the United States and that cross-border transfers rely on its DPA transfer mechanisms, including SCC and UK transfer terms where required.

Retention

• Matchmaking queue entries: 24 hours. Queue entries older than 24 hours are automatically deleted by the hourly cleanup task.
• Unused private rooms: 7 days. Waiting private rooms with no second player are automatically deleted after 7 days of inactivity by the hourly cleanup task.
• Finished games and move history: 30 days. Finished games, participant rows, and moves are deleted 30 days after the game ends by the hourly cleanup task.
• Guest profiles: 30 days. Inactive guest profiles are deleted after 30 days by the hourly cleanup task when they are no longer referenced by queue or game participation records.

Your rights

• Access your data.
• Request erasure of your guest profile.
• Receive an export of your data in JSON format.
• Object to processing based on legitimate interests where applicable.
• Lodge a complaint with your local supervisory authority.

If you believe your data has been handled unlawfully, you can contact us first or complain to the supervisory authority in your EU/EEA country of residence.