Privacy Policy
No advertising
No ad networks, behavioral pixels, or data selling.
Limited processors
OpenAI, Sentry, Render, and Better Stack — disclosed in full.
Security-minded
HTTPS, Argon2id, secure sessions, and HMAC-signed WebSocket tokens.
Last updated: May 29, 2026
Privacy Policy: We collect minimal data, don't sell anything, and don't use targeted advertising. Some data goes to third-party services for AI features and error monitoring. No Google Analytics, no advertising pixels, no cross-site tracking.
What We Collect
- Game history: Complete game records including moves (PGN format), results, ratings changes, and timestamps for all human vs human games
- Chat messages: Lobby chat and in-game chat messages with timestamps, for moderation and AI features
- Ratings & stats: Your Elo rating, win/loss/draw record, and games played
- Account data (optional): If you create an account: username, email (optional), Argon2id password hash
- Technical identifiers: IP address (for rate limiting and security), user agent string, session identifiers, lobby and room activity event records
- Page analytics: Pages visited and related technical identifiers recorded for operational usage statistics. No automated deletion schedule is currently configured.
- Puzzle performance: Daily puzzle challenge attempts and leaderboard rankings
Third-Party Services (Complete List)
These are the only external services that receive any user data. Each gets a limited subset needed for its function:
- OpenAI: Lobby chat messages are evaluated by OpenAI's omni-moderation-latest model to detect policy violations. The Adam personality (GPT-4o-mini) responds to direct @mentions in lobby chat. Chat content is sent to OpenAI under their Privacy Policy.
- Sentry: Application errors may be captured and sent to Sentry for error monitoring. Error reports may include request paths and session identifiers. Sentry is only active when a
SENTRY_DSNenvironment variable is configured. See Sentry's Privacy Policy. - Render: Our hosting provider. All data is hosted and served through Render's infrastructure.
- Better Stack (Logtail): Structured security and request logs are shipped to Better Stack for persistent storage and monitoring. Log data may include IP addresses, hashed session and user identifiers, request paths, response codes, and user-agent strings. See Better Stack's Privacy Policy.
We don't use and have no plans to add:
- Google Analytics or any other analytics platform
- Advertising networks or behavioral tracking pixels
- Social media tracking (Facebook, Twitter/X, etc.)
- Third-party CDN scripts that report back to external services
All other data processing happens on Render's infrastructure. Nothing is shared with parties outside this list. We don't sell personal data.
Data Retention
- Guest sessions: Guest sessions expire after 2 hours of inactivity or 30 days absolute. Guest session and account records (username) are deleted by the scheduled hourly cleanup after all associated sessions expire. Completed games, chat messages, moderation records, activity-event records, and page analytics may remain stored and may contain guest nicknames or technical identifiers.
- Registered accounts: Retained until you request deletion
- Completed game records: Permanently stored (moves, result, ratings, PGN)
- In-game chat: Permanently stored per game record
- Lobby chat: Soft-deleted (hidden from users) on a rolling 3-hour cycle; the five most recent lobby messages remain visible. Soft-deleted records are retained in the database and are not permanently purged.
- Ratings & stats: Updated after each game and stored permanently
- Sessions: Stored with a 30-day absolute expiration and 2-hour inactivity timeout
- Security logs: LobbyShield structured event logs are shipped to Better Stack (Logtail) for persistent storage. Retention is governed by the configured Better Stack retention period.
- Page analytics: Page visit records are stored in the
page_eventstable with no automated deletion schedule. Manual pruning is recommended periodically.
Security
We use HTTPS for all connections, Argon2id password hashing, and server-validated session cookies for authentication. WebSocket connections are authorized via HMAC-signed tokens bound to the issuing session. Step-up re-authentication is required for administrative operations.
Your Rights
- Play as a guest with no account required (note: your games and messages are still saved)
- Request account deletion by contacting us. Note: some historical game, chat, moderation, and activity records may remain stored and may retain nicknames or identifiers until a full deletion workflow is in place
- Request deletion of specific messages by contacting us (admin-initiated only, no self-service interface yet)
- Request a copy of data associated with your account by contacting us
Requests are handled manually. There's no self-service export or deletion portal yet.
Age and Minors
Interactive LobbyChess features are limited to users who are at least 16 years old. We do not ask for or store your date of birth for ordinary access. Instead, before you create an account or begin an interactive guest session, we ask you to confirm that you are at least 16 and that you agree to the Terms and this Privacy Policy. We store only the fact that this confirmation was made, the applicable policy version, and the time of confirmation — not a birthdate or age.
We do not collect personal information from children under 13, and LobbyChess is not directed to children. If a user tells us they are under 16, we restrict interactive access for that account or session. If you believe a child has submitted personal information, contact us and we will investigate and handle full deletion.
Changes to This Policy
We may update this policy as the platform grows. Significant changes will be posted here.
Questions?
Contact us at contact@lobbychess.com
← Back to Lobby Chess