Privacy Policy - GamersHut
GamersHut LLC · Effective Date: June 23, 2026
Your privacy matters to us. This policy explains what information we collect, why we collect it, and what we do with it. We’ll try to keep this as short and readable as possible.
Questions? Email us at [email protected].
The Short Version
- We collect your email, payment info (handled by PCI compliant Stripe), and usage/diagnostic data, including your dashboard activity.
- We use it to run your account, route your game traffic to the right server, debug issues and improve GamersHut.
- We don’t sell your data. Ever.
- You can ask us to delete your data anytime.
1. Who We Are
GamersHut LLC (“GamersHut,” “we,” “us,” or “our”) operates gamershut.net and the GamersHut game server hosting service. This policy applies to all personal data we collect through our website, dashboard, and services.
2. What We Collect
When you sign up or join a waitlist:
- Email address - to send account info, billing receipts, service updates, and to map your account to Stripe
- Display name - for account identification within your communities
- Password - stored as a one-way bcrypt hash; we cannot see your actual password
- Requested games - to gauge demand for games not yet supported
When you subscribe:
- Billing information - handled entirely by Stripe. We never see or store your full card number. We only receive a tokenized payment reference, the last 4 digits of your card, and expiration date for display purposes.
- Billing address - required by Stripe for payment processing
- Subscription status and history - so we know your account is active and can manage renewals
When you use GamersHut:
- IP address and browser/device info (“user agent”) - collected on login and during gameplay sessions. We use this to route multiplayer connections to the correct server, detect inactivity, maintain security logs, and prevent account abuse.
- Connection logs - which games your server has been used for, and when. We need this to manage your server infrastructure.
- Game save data - stored in secure object storage so your worlds persist between sessions and to backup your data
- Server configuration - settings you apply to your game servers
- Invitation records - if you invite someone to a community, we store their email to deliver the invitation
- Website/dashboard interaction data - to improve GamersHut and fix issues, see Section 9
If you contact us:
- Support messages and correspondence - so we can help you and improve the service
3. What We Don’t Collect
- We do not collect or monitor your in-game activity beyond what your specific game’s server logs
- We do not track you across other websites
- We do not build advertising profiles or sell data to advertisers
4. How We Use Your Information
| What we collect | Why we collect it |
|---|---|
| Account management, billing receipts, service updates | |
| Payment data (via Stripe) | Processing your subscription |
| Connection logs | Running your servers, troubleshooting issues |
| Game saves | Keeping your worlds available |
| IP address | Security, fraud prevention, server routing |
| Support messages | Resolving your issues, improving the service |
We’ll occasionally email you about new games we’ve added, product updates, or Early Access feedback requests. You can unsubscribe from marketing emails anytime. Account and billing emails will still be sent because they’re required to deliver the service.
5. Who We Share Data With
We share data with a small number of trusted third-party services (sub-processors) that help us operate GamersHut. We do not sell, rent, or trade your personal data.
| Service | What they do for us | Data they see |
|---|---|---|
| Stripe | Payment processing, billing portal | Email, billing address, payment card details |
| Fly.io | General purpose compute infrastructure | IP address, game console logs, server metadata |
| Tigris | General purpose storage for game save files | Game world/save data |
| Neon.tech | Database hosting | Account records (email, display name, hashed credentials) |
| Resend | Transactional email delivery | Email address, display name, community name |
| PostHog | Product analytics and diagnostics | Email, IP address, session activity (see Section 9) |
| Cloudflare | Content delivery, DNS, and edge routing | IP address, user agent, request paths |
Links to each provider’s own privacy policy are available on their website or upon request at [email protected].
We may also disclose your information if required by law (e.g., in response to a court order or subpoena). We will notify you of such requests if we are legally permitted to do so.
We do not use your data for any automated decision-making or profiling that produces legal or similarly significant effects.
6. International Data Transfers
GamersHut is based in the United States. All data will be transferred to and processed in the US.
7. Data Retention
- Active accounts: We retain your data for as long as your account is active.
- After cancellation: While we do not guarantee data retention after cancellation, we may store your game saves for a period of time to allow you to resume playing if you return. We will permanently delete your saves upon your request, generally within 30 days. Email address and billing records are retained for up to 7 years for accounting and legal compliance purposes.
8. Your Rights
Regardless of where you live, you can:
- Access - request a copy of the personal data we hold about you
- Correct - ask us to fix inaccurate or incomplete data
- Delete - ask us to erase your personal data (subject to legal retention requirements)
- Export - receive your data in a portable, machine-readable format
- Restrict - ask us to limit how we use your data in certain circumstances
- Object - object to processing based on our legitimate interests
- Unsubscribe - opt out of marketing emails at any time via the unsubscribe link in any email
To exercise any of these rights, email us at [email protected]. We’ll respond within 30 days (and within the legally required timeframe).
9. Cookies & Other Tracking Technologies
Essential session cookie
We set one cookie (JSESSIONID) to keep you logged in. It’s HttpOnly and Secure (can’t be read by scripts, only sent over HTTPS), expires after 14 days, and is required for the site to function. This cannot be opted out of, otherwise you wouldn’t be able to log in.
Local storage
We store a small amount of data relating to the dashboard in your browser’s local storage to keep the dashboard fast and smooth to use. This includes but is not limited to your active community, user details and preferences. This is cleared automatically when you log out.
Analytics & session recording (PostHog)
We use PostHog, a product analytics tool, to understand how people use our dashboard and to diagnose bugs, particularly around server setup and checkout, where failures are costly for users. PostHog is configured to:
- Identify you directly using your account email or display name
- Record session replays and heatmaps of your dashboard activity
- Estimate your general location (city-level) from your IP address
- Capture technical request data (HTTP headers and request/response bodies) for select diagnostic endpoints, to help us debug failed server provisioning or checkout errors. Sensitive data is omitted prior to being sent to PostHog.
We route PostHog through our own domain for reliability purposes.
What we don’t use
We don’t use third-party advertising cookies, cross-site ad trackers, or fingerprinting for advertising purposes.
You can also manage cookies directly in your browser settings, though blocking the essential session cookie will prevent you from logging in.
10. Security
We take reasonable and industry-standard steps to protect your data:
- All data is transmitted over HTTPS/TLS encryption
- Passwords are hashed using a modern algorithm (bcrypt); we cannot see your password
- Password reset tokens expire within 15 minutes
- Endpoints employ rate limiting based on risk severity
- Payment data is handled entirely by Stripe and never touches our servers
- Game server data is stored in secure, industry-standard infrastructure
- Game servers are isolated from one another using hardware level virtualization to reduce infiltration risk
- Diagnostic and analytics tools (see Section 9) are configured to mask sensitive fields like passwords and payment details by default
- Access to personal data within our team is limited to those who need it
In the event of a data breach that is likely to affect you or your rights and freedoms, we will notify you and any applicable regulatory authority as quickly as possible, in no longer than the legally required timeframe.
11. Children’s Privacy
GamersHut accounts may only be created by individuals 13 years of age or older. We do not knowingly collect personal data from children under 13 through account creation.
If we learn that someone under 13 has created their own account, we will delete the account and associated personal data. Parents or guardians who believe their child has created an account can contact us at [email protected] for prompt removal.
12. California Privacy Rights (CCPA)
If you’re a California resident, you have the right to:
- Know what personal information we collect and how it’s used
- Request deletion of your personal information
- Opt out of the sale of personal information (we do not sell personal information)
- Non-discrimination for exercising your privacy rights
To make a request, email [email protected] with “California Privacy Request” in the subject line.
13. Changes to This Policy
If we make significant changes to this policy, we’ll notify you by email and update the “Effective Date” at the top. Minor clarifications may be made without notice. Continued use of GamersHut after changes take effect means you accept the updated policy.
14. Contact
Got a question about your privacy, your data, or anything else?
Reach out to us via [email protected] or join our Discord.
GamersHut LLC