ChessCrumbs
ChessCrumbs

Privacy Policy

Your privacy matters to us. Here's how we handle your data.

Last updated: January 2025

1. Information We Collect

When you use ChessCrumbs, we collect the following information:

Account Information

When you create an account, we collect your email address, username, and password (stored securely using bcrypt hashing). If you sign in with Google or Facebook, we receive your name and email from those services.

Chess Data

We store chess positions where you made mistakes during games, along with the correct moves. Your complete game files (PGN) are processed in your browser and are not stored on our servers.

Usage Data

We collect information about how you use our service, including drill session performance, practice statistics, and feature usage to improve your experience.

Chess Platform Usernames

If you choose to connect your Chess.com or Lichess accounts, we store your usernames to fetch your games.

2. How We Use Your Information

We use your information to:

  • Provide and maintain our chess training service
  • Create and manage your account
  • Track your learning progress with spaced repetition
  • Generate personalized drill sessions based on your mistakes
  • Send important service updates (you can opt out of marketing emails)
  • Improve our service and develop new features
  • Process payments for premium subscriptions

3. Data Processing Location

Chess analysis happens in your browser. When you upload games, the Stockfish chess engine runs locally on your device. Your complete game files never leave your computer during analysis.

Only the positions where mistakes were identified are sent to our servers for storage, enabling spaced repetition learning across your devices.

4. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Payment processing (Stripe), hosting services, and email delivery
  • Chess Platforms: We query Chess.com and Lichess APIs using your provided usernames to fetch your games
  • Legal Requirements: If required by law or to protect our rights

Your chess data and training progress are private and never shared with other users or third parties for marketing purposes.

5. Data Security

We implement appropriate security measures to protect your data:

  • Passwords are hashed using bcrypt (never stored in plain text)
  • All data transmission uses HTTPS encryption
  • Database access is restricted and monitored
  • OAuth tokens are handled securely and not stored long-term
  • Regular security updates and monitoring

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information in Settings
  • Deletion: Delete your account and all associated data (see Data Deletion Instructions)
  • Portability: Export your training data (Premium feature)
  • Withdraw Consent: Disconnect OAuth accounts or stop using the service

To exercise these rights, visit your Settings page or contact us at support@chesscrumbs.com.

7. Cookies and Local Storage

We use:

  • Authentication Tokens: Stored in local storage to keep you logged in
  • Preferences: Your settings and preferences for the service
  • Cached Data: The Stockfish engine is cached in your browser for faster analysis

We do not use third-party tracking cookies or advertising cookies.

8. Children's Privacy

ChessCrumbs is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting a notice on our website or sending you an email. Your continued use of ChessCrumbs after changes take effect constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this privacy policy or your data, contact us at:

Email: support@chesscrumbs.com