Zugwerk ("the Service") is operated by a private individual. This policy explains what data we collect and why.
What we collect
Account information
When you register, we store a username and a hashed password (bcrypt). An email address is optional. If you provide one, we store it. We use this information to authenticate you and provide the Service.
Game activity
We store moves, game results, and game metadata (opponent, time control, outcome, timestamps) in our database. This is core Service function — without it, there is no game history and no reconnection.
Chat messages
Lobby chat and game chat messages are transmitted in real time and stored temporarily. Lobby chat history is retained; game chat is ephemeral (cleared when the game ends).
Connection metadata
We log IP addresses and connection timestamps for rate limiting and abuse prevention. These logs are retained for 30 days and are not shared with anyone.
What we do NOT collect
- No analytics SDKs or tracking pixels.
- No advertising identifiers.
- No browser fingerprinting.
- No third-party data sharing of any kind.
Data storage and security
All data is stored on a single server in Germany (hosted by netcup). Passwords are bcrypt-hashed. All traffic between your browser and the Service is encrypted in transit (TLS). Data at rest is protected by PostgreSQL access controls.
Your rights
Under the GDPR, you have the right to access, rectify, or delete your personal data. To exercise these rights, contact contact@serabi.de. We will respond within 30 days.
Cookies
Zugwerk uses a session cookie for authentication (HttpOnly, Secure, SameSite=Lax). No tracking cookies. No third-party cookies.
Changes
This policy may be updated. The latest version is always at this URL.
Last updated: 2026-05-12