PRIVACY POLICY

Effective date: March 8, 2026  ·  Last updated: March 8, 2026

Hoard Haven ("we", "us", or "our") operates hoardhaven.com. This policy explains what information we collect, how we use it, and your rights over your data. We keep it plain — no legalese maze.

1. WHAT WE COLLECT

Account data: When you register, we store your email address, username, and a hashed (not readable) version of your password. We never store your password in plain text.

Game collection data: Everything you add to your library, wishlist, systems list, play logs, and notes is stored in our database so you can access it across devices.

Third-party connections (optional): If you choose to connect Discord, RetroAchievements, or Steam, we store the necessary tokens and identifiers to enable those integrations. You can disconnect at any time from your profile settings.

Session data: We use an HTTP-only cookie to maintain your login session (a refresh token). This cookie is essential to the service and cannot be opted out of while logged in.

Referrer data: When you create an account, we record the referring URL (the page you came from) to understand how people find us. This is not linked to any advertising profile.

Usage data (via Google Analytics): We use Google Analytics 4 to understand site traffic — pages visited, session duration, browser type, and general geographic region. This data is anonymous and aggregated. You can opt out using browser extensions like uBlock Origin.

2. HOW WE USE YOUR DATA

• To provide, operate, and improve the Hoard Haven service
• To authenticate you and maintain your session
• To sync your collection with connected services (RetroAchievements, Steam)
• To send price alerts for games on your watchlist (only when a target is hit)
• To understand how users interact with the app so we can improve it
• To respond to feedback or support requests you submit

We do not sell your data. We do not use your data for advertising profiling. We do not share your data with third parties except as described below.

3. THIRD-PARTY SERVICES

To run Hoard Haven we rely on the following external services:

• IGDB (Twitch) — game database and cover images. IGDB's CDN serves all game art directly to your browser. IGDB Terms
• Neon (PostgreSQL) — our database host, located in US East (AWS). Your data resides on their servers. Neon Privacy Policy
• Netlify — our hosting and serverless function platform. Netlify Privacy Policy
• Discord — optional OAuth integration. We store your Discord user ID and username if you connect. Discord Privacy Policy
• RetroAchievements — optional integration. Your RA username and API key are stored encrypted. RA Terms
• eBay / CheapShark / Best Buy APIs — used for price lookups. No personal data is sent to these services.
• Google Analytics — anonymous usage analytics. Google Privacy Policy
• Google Fonts — fonts loaded from Google servers. Google may log your IP. Google Privacy Policy

4. DATA RETENTION

Your account and all associated data (collection, systems, wishlist, forum posts) are retained for as long as your account exists. Deleted forum posts or collection items are removed immediately from our database.

If you delete your account, all your personal data is permanently deleted from our active database within 30 days. Backups may retain data for up to 90 days, after which they are overwritten.

5. YOUR RIGHTS

You have the right to:

• Access your data — your collection is always visible in the app
• Export your data — contact us and we will provide a JSON export
• Delete your account and data — email us at privacy@hoardhaven.com
• Correct inaccurate data — most can be edited in-app; email us for anything else
• Disconnect third-party integrations — available in Profile → Settings at any time

If you are in the EU/EEA, you have additional rights under GDPR including the right to lodge a complaint with your local data protection authority.

6. COOKIES

We use one essential cookie: a refreshToken HTTP-only cookie that keeps you logged in. It expires after 30 days of inactivity. There are no tracking or advertising cookies set by Hoard Haven itself. Google Analytics uses its own cookies — see Google's privacy policy for details.

7. CHILDREN'S PRIVACY

Hoard Haven is not intended for children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has created an account, contact us and we will delete it.

8. CHANGES TO THIS POLICY

We may update this policy as the service evolves. We will update the "Last updated" date at the top. Significant changes will be communicated via a notice on the site.

9. CONTACT

Questions about this policy? Email us at privacy@hoardhaven.com.

---