This policy is compliant with the EU General Data Protection Regulation (GDPR).
1. Data We Collect
When you register and play, the following data is collected:
- Username: for account login
- Display name: shown on the public leaderboard
- Password: stored encrypted using bcrypt — never in plain text
- Game scores: score, correct answers, game mode, difficulty
- Registration and last login dates
We do not collect email addresses, phone numbers, IP addresses, or any other identifying information.
2. How We Use Your Data
- Authentication and account login
- Displaying your display name and score on the public leaderboard
- Improving the game experience
Your data is never shared with any third parties, including for advertising purposes.
3. Data Storage
Data is stored in a secure Neon PostgreSQL database. Passwords are never stored in plain text and are hashed using bcrypt. Sessions are managed with secure tokens and expire after 30 days.
4. Your Rights (GDPR)
Under EU GDPR, you have the right to:
- Access: request to see your stored data
- Rectification: request correction of inaccurate data
- Erasure: request complete deletion of your account and data
- Restriction of processing
- Data portability
5. Cookies
We use only one secure HttpOnly session cookie for authentication. No advertising or tracking cookies are used.
6. Age Requirement
This Service is designed for users aged 13 and older. We do not knowingly collect data from children under 13.
7. Policy Changes
For material changes, notice is provided by updating this page with a new date.