Data Collection and Processing Policy

Account data includes user ID, email, display name, profile image URL, date of birth, selected Male/Female lobby, rules acceptance, role, cooldown status, suspension status, and account timestamps.

Game data includes match ID, mode, ranked flag, status, clip ID, player IDs or guest identifiers, started and ended timestamps, winner ID, score-related metadata, detection event metadata, queue metadata, signaling channel name, and guest game count.

Progression data includes ELO rating, ranked wins, ranked losses, solo streak stats when implemented, gems, inventory, cosmetics, badges, memberships, order records, entitlements, and purchase history.

Camera frames are processed in the browser for local preview, peer video, face visibility, blink check, head turn check, smile or smirk risk, and visual safety checks. Raw webcam video is not recorded by default.

Microphone permission is required for live rooms so opponents can hear each other. Audio laughter detection is currently disabled. Raw microphone audio is not recorded by default.

Client-side visual processing may create metadata such as event type, confidence, timestamp, match phase, face visibility, smile or smirk result, camera missing result, and safety result. This metadata may be sent to the backend for match operation, moderation, reports, security, and audit.

Do not submit government IDs, payment card numbers, passwords, medical information, highly sensitive personal information, private addresses, phone numbers, social security numbers, bank information, explicit images, or other unnecessary sensitive data through reports, support, profile fields, or chat.

Do not use the service to capture, expose, transmit, or discuss minors, nudity, sexual behavior, private third-party information, illegal conduct, or another person's sensitive information.

If prohibited or unnecessary sensitive information is submitted, we may delete it, restrict it, preserve limited metadata for safety or legal reasons, suspend accounts, and take additional enforcement action.

Users must not be able to directly grant themselves ELO, gems, inventory, rank, memberships, order status, staff status, moderation outcomes, or leaderboard placement from client code.

Server-side routes, database functions, webhook handlers, and admin operations are responsible for sensitive changes such as Stripe fulfillment, ELO updates, gem changes, inventory grants, report decisions, suspensions, cooldowns, and admin actions.

Client code may request actions and display state, but the backend is the source of truth for protected game economy and moderation data.

Data retention varies by category. Session storage may last for a browser session. Guest cookies may last longer to enforce guest limits. Account, order, entitlement, leaderboard, report, and moderation data may last while the account or service operates.

We may retain data after deletion requests when needed for fraud prevention, chargebacks, tax, accounting, legal compliance, safety investigations, moderation history, security, backups, or dispute resolution.

When data is deleted, it may take additional time to disappear from backups, logs, caches, analytics, or vendor systems.