Privacy Policy
Last updated: May 2026
1. Overview
RustGuessr is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights. We collect only what is necessary to operate the site.
2. Data We Collect
When you create an account, we collect:
- Username — displayed publicly on leaderboards and profiles
- Email address — used for account verification, password resets, and account communications only
- Password — stored as a secure one-way hash (bcrypt); we cannot read your password
When you play and interact with the site, we also store:
- Game scores and guess history
- Profile information you choose to provide (display name, bio, country, social links)
- Profile picture, if you upload one
If you subscribe to VIP, payment is handled entirely by Stripe. We store only your Stripe customer ID and subscription ID — we never see or store your card details.
3. How We Use Your Data
- To operate your account and authenticate you
- To display scores on the leaderboard and your public profile
- To send account emails (verification, password reset) — no marketing emails
- To process VIP subscriptions via Stripe
We do not sell, rent, or share your personal data with third parties for marketing purposes.
4. Third-Party Services
We use the following third-party services:
- Stripe — payment processing for VIP subscriptions. Stripe's Privacy Policy applies to data you provide during checkout.
- Railway — hosting provider where your data is stored on servers within their infrastructure.
- Resend — transactional email delivery (verification and password reset emails only).
5. Data Retention
Your account data is retained for as long as your account exists. If you wish to delete your account and all associated data, contact us via Discord and we will process your request within a reasonable time.
6. Cookies
We use an httpOnly cookie to store your authentication refresh token. This cookie is strictly necessary for keeping you logged in and is not used for tracking or advertising. No third-party tracking cookies are used.
7. Security
We take reasonable measures to protect your data, including hashed passwords, HTTPS, and secure token handling. No system is perfectly secure, but we follow industry-standard practices.
8. Children's Privacy
RustGuessr is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.
9. Your Rights
You have the right to access, correct, or request deletion of your personal data. To exercise these rights, contact us via our Discord server.
10. Changes to This Policy
We may update this Privacy Policy occasionally. The "last updated" date at the top reflects the most recent revision. Continued use of the site after changes constitutes acceptance of the updated policy.