Privacy Policy

Last updated: April 2026

What We Collect

When you create an account we store your email address and display name. You can optionally provide:

  • Location (city, region, country) — used to match you with nearby opponents
  • Discord handle and Discord ID — if you link your Discord account
  • Profile picture — uploaded by you or synced from Discord. Profile pictures are served from a public URL so they can appear on leaderboards, feeds, and other user-facing surfaces.
  • Patreon identifiers and subscription status — if you link a Patreon account to unlock supporter features (see Third Parties below)
  • Phone number — if you choose to verify a phone to unlock verified-game logging. We store the verified E.164 number and the timestamp of successful verification. We do not store the SMS code (that stays with our verification provider). See Third Parties below for the provider we use.

When you use the app we also store:

  • Game results and narratives — the core content you record
  • Army lists, detachments, faction choices you record on games
  • ELO ratings and per-system rankings
  • Campaign participation — memberships, hex pledges, and campaign roles
  • Tournament activity — registrations, pairings, reported results, and sportsmanship votes
  • Looking-for-Game posts and your responses
  • External links you attach to games (e.g., video battle-report URLs)
  • Custom campaign map images you upload (supporter feature — stored in a public bucket so the map can render for campaign members)
  • Game moment images you upload to your logged games (supporter feature — up to 3 per game, stored in a public bucket so they render alongside the game narrative)
  • Moderation records — reports you submit and admin actions taken on your account (see Data Retention below)
  • Operational metadata — rate-limit counters keyed to your account, and server logs that include standard web request info (IP address, user agent) retained briefly for abuse prevention and debugging

Why We Collect It

  • Email and password — to authenticate your account
  • Display name — shown publicly on leaderboards and game feeds
  • Location — to power the Looking-for-Game matchmaking feature
  • Discord data — so opponents can reach out, and to sync your avatar
  • Patreon data — to unlock supporter features and keep your tier in sync with your Patreon subscription
  • Phone number — to verify that you’re a real person before you log or confirm verified games. This raises the cost of throwaway accounts manipulating ratings without adding friction to casual play. We never use it for marketing.
  • Game results, narratives, army lists, and external links — the core purpose of the app
  • ELO ratings — to rank players on leaderboards
  • Moderation records — so admins can enforce these terms consistently and keep an audit trail
  • Operational metadata — to block abuse (rate limits, spam), diagnose errors, and keep the service running

Cookies & Similar Technologies

Battlechron uses a strictly necessary session cookie to keep you logged in. This is required for the app to function and is not subject to opt-in consent.

Advertising.We plan to add Google AdSense to support the site. When those ads go live, they will use cookies and similar technologies provided by Google to deliver and measure ads. We show a consent banner on your first visit where you can accept or reject advertising cookies. You can change your choice any time from the “Cookie settings” link in the site footer. If your browser asserts a Global Privacy Control signal (e.g. via Brave or Firefox), we honor it as a California CPRA opt-out and keep advertising cookies off unless you explicitly turn them on.

We do not run analytics or tracking cookies of our own, and we do not share your information with advertisers directly.

Third Parties

We use the following third-party services:

  • Supabase— database hosting, user authentication, and file storage (avatars, supporter- uploaded campaign map images, and supporter-uploaded game moment images). Your data is stored on Supabase’s infrastructure.
  • Vercel — site hosting and edge request handling. Vercel may retain standard web-server logs (IP, user agent, request path) briefly for operational purposes.
  • Discord(optional) — if you choose to sign in with Discord or link your Discord account, we receive your Discord username and avatar from Discord’s OAuth service.
  • Patreon (optional) — if you link a Patreon account to unlock supporter features, we receive your Patreon user ID, the email associated with your Patreon, your pledge amount, and your membership status with our campaign. This data is used only to verify supporter status and keep your tier in sync. You can unlink at any time from Settings; your Patreon-derived data is removed from your Battlechron profile when you do so.
  • Google AdSense(planned) — when advertising goes live and you have opted in through the consent banner, Google may set cookies and collect information such as your IP address, device type, and ad interaction to deliver ads. Google’s use of this data is governed by their own privacy policy.
  • Twilio(optional) — when you verify a phone number to unlock verified-game logging, we send your phone number to Twilio’s Verify service so they can send a one-time SMS code and validate the code you type back. Twilio holds the code; we do not. Twilio’s use of your phone number is governed by their own privacy policy. Standard SMS rates from your carrier may apply.

We do not sell your personal information. We do not share your personal information with third parties other than those listed above.

Data Retention

Most of your data is kept for as long as your account exists. When you delete your account:

  • Your profile, email, display name, location, Discord link, Patreon link, verified phone number, and uploaded images are permanently deleted. You can also remove your verified phone at any time from Settings without deleting your account; doing so reverts you to the free tier of game logging (casual only).
  • Games you participated inmay remain visible in aggregate form (for example, on an opponent’s record) but are anonymized so they no longer identify you.
  • Moderation records tied to your account (for example, a past ban or a battle-report dismissal) may be retained as audit history. Where retained, they are minimized to what is needed for community safety and kept only as long as reasonably necessary.
  • Operational logs (rate-limit counters, server logs) are rotated on a short timescale independent of account lifecycle.

Your Rights

You have the right to:

  • Access your data — download a copy of the personal data associated with your account from Settings. Secrets such as OAuth access tokens are listed but redacted; raw binary uploads (avatars, campaign map images) are linked rather than embedded in the file.
  • Delete your account — permanently remove your account and associated personal data from Settings, subject to the retention notes above
  • Correct your data — update your profile information at any time from Settings
  • Withdraw advertising consentat any time via the “Cookie settings” link in the site footer
  • California residents — you have the right to know, delete, and limit the use of your personal information, and to opt out of sale/sharing. Battlechron does not sell personal information. Global Privacy Control signals are honored as opt-outs automatically.

Age Requirement

You must be at least 13 years old (or the higher minimum age required by your local law, such as 16 in parts of the EU) to create an account and use Battlechron. We do not knowingly collect data from children below that age.

Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page will reflect the most recent revision. Continued use of Battlechron after a change constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy or your data, contact us at privacy@battlechron.com.