Privacy Policy
How ChessWithPass™ handles the personal data of its players.
We respect your privacy. This policy explains what information we collect, why we collect it, and what control you have over it. By using ChessWithPass™ you accept the practices described here.
Information we collect
We collect only what we need to run the service:
- Account data — username, email, hashed password, optional display name and bio.
- Gameplay data — your games, moves, results, ratings, and tournament participation.
- Communication data — messages you send in-game chat, support requests, and email-verification receipts.
- Uploaded content — files you attach (avatars, bonus-claim proofs).
- Technical data — IP address, browser user-agent, and session timestamps recorded for security and abuse prevention.
How we use the data
We use the data to:
- operate the service: matchmaking, rating, tournaments, chat, balance;
- verify your email and protect your account;
- send transactional emails (signup, password reset, important account notices);
- send activity emails (re-engagement, invitations) which you can opt out of at any time;
- investigate fraud, abuse, and rule violations.
Sharing with third parties
We do not sell your personal data. We share it only with infrastructure providers strictly required to run the service: our hosting provider, our database, and our email-delivery partner (SMTP2GO). Each partner is bound by their own data-processing agreement.
We may disclose information when required by law, court order, or to protect the rights, property, or safety of ChessWithPass™ and its users.
Data retention
Account data is kept while your account is active. If you delete your account, personal data is removed within 30 days, except for records we are legally required to retain (e.g. financial records) and game histories that have been anonymised.
Security
Passwords are stored as bcrypt hashes. Tokens are issued via JSON Web Tokens with short access lifetimes and rotating refresh tokens. All transport is over HTTPS. No system is perfectly secure — please use a strong, unique password and notify us if you suspect unauthorised access.
Your rights
Depending on your jurisdiction (EU/EEA, UK, California, and others), you may have the right to:
- request a copy of the personal data we hold about you;
- request correction of inaccurate data;
- request deletion of your account and personal data;
- object to or restrict certain processing;
- withdraw consent for marketing communications at any time.
Cookies and local storage
We use a small number of strictly-necessary cookies and browser local-storage entries to keep you signed in and to remember your locale. We do not use third-party advertising or cross-site tracking cookies.
Children
ChessWithPass™ is not directed to children under 13. If you believe a child has provided personal data without parental consent, please contact us and we will delete it.
Changes to this policy
When the policy materially changes we will update the date below and, where appropriate, notify you by email or an in-app notice before the change takes effect.
Contact
Questions about privacy? Email privacy@chesswithpass.com.
Last updated: 2026-05-10