Privacy Policy

Last updated: April 2026

What We Collect

When you create an account we store your email address and display name. You can optionally provide:

  • Location (city, region, country) — used to match you with nearby opponents
  • Discord handle and Discord ID — if you link your Discord account
  • Profile picture — uploaded by you or synced from Discord. Profile pictures are served from a public URL so they can appear on leaderboards, feeds, and other user-facing surfaces. Uploaded images are re-encoded server-side to remove embedded EXIF metadata (including any GPS coordinates from phone photos) before they reach storage.
  • Patreon identifiers and subscription status — if you link a Patreon account to unlock supporter features (see Third Parties below)
  • Phone number — if you choose to verify a phone to unlock verified-game logging. We store the verified E.164 number and the timestamp of successful verification. We do not store the SMS code (that stays with our verification provider). See Third Parties below for the provider we use.

When you use the app we also store:

  • Game results and narratives — the core content you record
  • Army lists, detachments, faction choices you record on games
  • ELO ratings and per-system rankings
  • Campaign participation — memberships, hex pledges, and campaign roles
  • Tournament activity — registrations, pairings, reported results, and sportsmanship votes
  • Looking-for-Game posts and your responses
  • External links you attach to games (e.g., video battle-report URLs)
  • Custom campaign map images you upload (supporter feature — stored in a public bucket so the map can render for campaign members)
  • Game moment images you upload to your logged games (1 image per game on the free tier, up to 5 per game for supporters — stored in a public bucket so they render alongside the game narrative)
  • Pending email changes — when you request an email change in Settings, we hold your pending new email address on your account record until you confirm the change by clicking links sent to both your current and new addresses. Both confirmations are required for the change to take effect.
  • Moderation records — reports you submit and admin actions taken on your account (see Audit Log and Data Retention below)
  • Operational metadata — rate-limit counters keyed to your account, and server logs that include standard web request info (IP address, user agent) retained briefly for abuse prevention and debugging

Why We Collect It

  • Email and password — to authenticate your account
  • Display name — shown publicly on leaderboards and game feeds
  • Location — to power the Looking-for-Game matchmaking feature
  • Discord data — so opponents can reach out, and to sync your avatar
  • Patreon data — to unlock supporter features and keep your tier in sync with your Patreon subscription
  • Phone number — to verify that you’re a real person before you log or confirm verified games. This raises the cost of throwaway accounts manipulating ratings without adding friction to casual play. We never use it for marketing.
  • Game results, narratives, army lists, and external links — the core purpose of the app
  • ELO ratings — to rank players on leaderboards
  • Moderation records — so admins can enforce these terms consistently and keep an audit trail
  • Operational metadata — to block abuse (rate limits, spam), diagnose errors, and keep the service running

Cookies & Similar Technologies

Battlechron uses a strictly necessary session cookie to keep you logged in. This is required for the app to function and is not subject to opt-in consent.

Advertising.We plan to add Google AdSense to support the site. When those ads go live, they will use cookies and similar technologies provided by Google to deliver and measure ads. We show a consent banner on your first visit where you can accept or reject advertising cookies. You can change your choice any time from the “Cookie settings” link in the site footer. If your browser asserts a Global Privacy Control signal (e.g. via Brave or Firefox), we honor it as a California CPRA opt-out and keep advertising cookies off unless you explicitly turn them on.

We do not run analytics or tracking cookies of our own, and we do not share your information with advertisers directly.

Third Parties

We use the following third-party services:

  • Supabase— database hosting, user authentication, and file storage (avatars, supporter- uploaded campaign map images, and supporter-uploaded game moment images). Your data is stored on Supabase’s infrastructure.
  • Vercel — site hosting and edge request handling. Vercel may retain standard web-server logs (IP, user agent, request path) briefly for operational purposes. We also use Vercel Analytics for anonymous, aggregate page-view metrics (which pages are popular, referrer, country, browser/OS family) and Vercel Speed Insights for anonymous performance samples (Core Web Vitals like load time and layout stability). Neither sets cookies, neither tracks individuals across sessions, and neither receives your account identity.
  • Resend— transactional email delivery. Resend handles outbound mail for signup confirmation, password reset, email-change confirmation, and other account notifications. Your email address transits Resend’s infrastructure when these messages are sent. Resend does not use your email address for any purpose other than delivery.
  • ImprovMX — inbound email forwarding for our public addresses (team@battlechron.com, account@battlechron.com). ImprovMX only sees mail sent to those addresses and forwards it to a private inbox the Battlechron operators monitor. It does not process user-uploaded content or your personal account data.
  • Discord(optional) — if you choose to sign in with Discord or link your Discord account, we receive your Discord username and avatar from Discord’s OAuth service.
  • Patreon (optional) — if you link a Patreon account to unlock supporter features, we receive your Patreon user ID, the email associated with your Patreon, your pledge amount, and your membership status with our campaign. This data is used only to verify supporter status and keep your tier in sync. You can unlink at any time from Settings; your Patreon-derived data is removed from your Battlechron profile when you do so.
  • Google AdSense(planned) — when advertising goes live and you have opted in through the consent banner, Google may set cookies and collect information such as your IP address, device type, and ad interaction to deliver ads. Google’s use of this data is governed by their own privacy policy.
  • Twilio(optional) — when you verify a phone number to unlock verified-game logging, we send your phone number to Twilio’s Verify service so they can send a one-time SMS code and validate the code you type back. Twilio holds the code; we do not. Twilio’s use of your phone number is governed by their own privacy policy. Standard SMS rates from your carrier may apply.

We do not sell your personal information. We do not share your personal information with third parties other than those listed above.

Data Location

Battlechron’s database, file uploads, and account data are hosted on Supabase infrastructure located in the United States. Site hosting (Vercel) and transactional email (Resend) operate from globally distributed edge networks but route account data through U.S. regions as their primary store. If you access the site from outside the U.S., your data is transferred to and processed in the U.S.

Audit Log

Administrative actions taken on your account — bans, unbans, supporter-tier grants or revocations, tournament-organizer role changes, dispute resolutions, removal of reported content, and similar moderation events — are recorded in an internal audit log along with the reason given by the acting administrator. The audit log is visible only to Battlechron administrators and is retained as long as your account exists; entries tied to a deleted account are pruned along with the rest of your data.

Data Retention

Most of your data is kept for as long as your account exists. When you delete your account, the precise behavior depends on the kind of record:

  • Your profile, email, display name, location, Discord link, Patreon link, verified phone number, avatar, supporter game moment images, and uploaded campaign map images are permanently deleted. You can also remove your verified phone at any time from Settings without deleting your account; doing so reverts you to the free tier of game logging (casual only).
  • Games you logged (where you were the submitter)are deleted entirely along with their associated narrative, dispatch entries, ELO history, and any battle-report links or game moment images attached to them. They will no longer appear on your opponents’ records either; opponent W-L counts adjust accordingly.
  • Games you played as the opponent (where someone else logged the game)remain on the submitter’s record but with your reference removed — the row stays, your name on it is replaced with a generic placeholder.
  • Tournament participation— your registrations, pairings, and any sportsmanship votes you cast or received are deleted along with your account. Tournaments you organized remain (the tournament record persists with the “created by” reference removed) so that other participants’ records stay intact.
  • Campaign membership— your member rows and any hex pledges you made are deleted. Campaigns you owned have their “created by” reference removed but the campaign and its other members’ data are preserved.
  • ELO ratings and per-system rankings (verified, casual, and seasonal) are deleted along with your account. Other players’ ratings are not retroactively recomputed.
  • Looking-for-Game posts you authored are deleted.
  • Moderation records tied to your account (e.g., a past ban, a battle-report dismissal) are pruned with your account. Moderation events you took as an administrator (where you were the actor, not the target) have your reference removed but the record of the action persists for audit integrity.
  • Operational logs(rate-limit counters, server logs) follow their host providers’ default retention — typically up to 30 days — independent of account lifecycle.

Your Rights

You have the right to:

  • Access your data — download a copy of the personal data associated with your account from Settings. Secrets such as OAuth access tokens are listed but redacted; raw binary uploads (avatars, campaign map images) are linked rather than embedded in the file.
  • Delete your account — permanently remove your account and associated personal data from Settings, subject to the retention behavior described above
  • Correct your data — update your profile information, including email address and password, at any time from Settings
  • Withdraw advertising consentat any time via the “Cookie settings” link in the site footer
  • California residents — you have the right to know, delete, and limit the use of your personal information, and to opt out of sale/sharing. Battlechron does not sell personal information. Global Privacy Control signals are honored as opt-outs automatically.

Age Requirement

You must be at least 13 years old (or the higher minimum age required by your local law, such as 16 in parts of the EU) to create an account and use Battlechron. We do not knowingly collect data from children below that age.

Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page will reflect the most recent revision. Continued use of Battlechron after a change constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your data, contact us at privacy@battlechron.com. For general support, see the Contact link in the site footer.