Privacy Policy
Last updated: May 29, 2026
Summary: We collect minimal data, don't sell anything, and don't use targeted advertising. Some data is processed by third-party services to enable AI features and error monitoring.
What We Collect
- Game history: Complete game records including moves (PGN format), results, ratings changes, and timestamps for all human vs human games
- Chat messages: Lobby chat and in-game chat messages with timestamps, for moderation and AI features
- Ratings & stats: Your Elo rating, win/loss/draw record, and games played
- Account data (optional): If you create an account: username, email (optional), Argon2id password hash
- Technical identifiers: IP address (for rate limiting and security), user agent string, session identifiers, lobby and room activity event records
- Page analytics: Pages visited and related technical identifiers recorded for operational usage statistics. No automated deletion schedule is currently configured.
- Puzzle performance: Daily puzzle challenge attempts and leaderboard rankings
Third-Party Services
We use the following third-party services. Each receives a limited subset of data necessary for its function:
- OpenAI — Chat messages sent in the lobby are evaluated by OpenAI's omni-moderation-latest model to detect policy violations. The Adam personality (GPT-4o-mini) responds to direct @mentions in lobby chat. Chat content is transmitted to OpenAI per their Privacy Policy.
- Sentry — Application exceptions may be captured and transmitted to Sentry for error monitoring. Error reports may include request context such as URL paths and session identifiers. Sentry is only active when a
SENTRY_DSN environment variable is configured. See Sentry's Privacy Policy.
- Render — Application hosting provider. All user data transits Render's infrastructure.
- Better Stack (Logtail) — Structured security and request logs are shipped to Better Stack for persistent storage and monitoring. Log data may include IP addresses, hashed session and user identifiers, request paths, response codes, and user-agent strings. See Better Stack's Privacy Policy.
We do not sell personal data to any third party. We do not use third-party advertising networks or behavioral tracking.
Data Retention
- Guest sessions: Guest sessions expire after 2 hours of inactivity or 30 days absolute. Guest session and account records (username) are deleted by the scheduled hourly cleanup after all associated sessions expire. Completed games, chat messages, moderation records, activity-event records, and page analytics may remain stored and may contain guest nicknames or technical identifiers.
- Registered accounts: Retained until you request deletion
- Completed game records: Permanently stored (moves, result, ratings, PGN)
- In-game chat: Permanently stored per game record
- Lobby chat: Soft-deleted (hidden from users) on a rolling 3-hour cycle; the five most recent lobby messages remain visible. Soft-deleted records are retained in the database and are not permanently purged.
- Ratings & stats: Updated after each game and stored permanently
- Sessions: Stored with a 30-day absolute expiration and 2-hour inactivity timeout
- Security logs: LobbyShield structured event logs are shipped to Better Stack (Logtail) for persistent storage. Retention is governed by the configured Better Stack retention period.
- Page analytics: Page visit records are stored in the
page_events table with no automated deletion schedule. Manual pruning is recommended periodically.
Security
We use HTTPS for all connections, Argon2id password hashing, and server-validated session cookies for authentication. WebSocket connections are authorized via HMAC-signed tokens bound to the issuing session. Step-up re-authentication is required for administrative operations.
Your Rights
- Play as a guest with no account required (note: your games and messages are still saved)
- Request account deletion by contacting us — some historical game, chat, moderation, and activity records may remain stored and may retain nicknames or identifiers until a formal deletion workflow is implemented
- Request deletion of specific messages (contact us; admin-initiated deletion only — no self-service interface currently exists)
- Request a copy of data associated with your account by contacting us
Data subject requests are handled manually. There is no automated self-service export or deletion portal at this time.
Minors
This platform has no age gate. Chess platforms routinely attract users under 13. We do not knowingly collect personal information from children under 13 (or the applicable age of digital consent in your jurisdiction), but we have no mechanism to verify user age. If you believe a child has provided personal information, contact us so we can investigate, stop further collection where applicable, and process deletion or anonymization requests using our current manual procedures. Some historical records may remain until a formal end-to-end deletion workflow is implemented. A formal age gate and parental-consent mechanism are planned before any targeted growth toward minors.
Changes to This Policy
We may update this policy as the platform evolves. Significant changes will be communicated on the site.
Questions?
Contact us at contact@lobbychess.com
← Back to Lobby Chess