← Back to BombPot

Privacy Policy

Version 2026-07-01 · Last updated: 2026-07-01

DRAFT — requires review by a licensed attorney in your state. Not legal advice.
Short version. BombPot collects as little as possible. To play you provide only a display name you choose (use a nickname if you like). We don't ask for your real name, email, password, or payment details, and we don't sell your data.

1. What we collect

  • Display name you type in (may be a pseudonym).
  • Gameplay data — your actions, chip counts, and table/chat messages during a session.
  • Local storage in your browser — a session token so you can rejoin your seat, and your agreement acceptance.
  • Basic technical logs our hosting providers keep automatically (e.g., IP address, timestamps) to run and secure the service.

We do not collect real names, emails, passwords, payment information, or precise location, and we do not run behavioral ad tracking.

2. Why we use it

To run the game, keep you in your seat across reconnects, prevent abuse, and improve the service. We do not sell your personal information.

3. Service providers

We use infrastructure vendors to operate the app — currently web hosting (Vercel) and server/ database hosting (Railway / PostgreSQL). They process data only to provide hosting. If we add payments or analytics later, we'll update this policy and name those providers.

4. Retention & deletion

Live game state is held in memory and is transient. Saved table snapshots (names, chip counts) expire automatically (about 12 hours). Local-storage data stays in your browser until you clear it. To request deletion of any data associated with you, email informationignite@gmail.com and we'll delete what we can identify.

5. Cookies & local storage

We use browser local storage (not advertising cookies) for your session and your agreement record. Clearing your browser storage removes them.

6. Children

BombPot is for adults 18+ and is not directed to children. We do not knowingly collect personal information from anyone under 13; if you believe a child provided data, contact us and we will delete it.

7. Your rights (CCPA/CPRA, GDPR)

Depending on where you live, you may have rights to access, correct, or delete your personal information, and to opt out of sale (we don't sell). Because we collect so little and use no accounts, the main practical right is deletion — email informationignite@gmail.com.

8. Security & breach

We use reasonable measures (encryption in transit, minimal data collection, restricted access) to protect data, but no system is perfectly secure. If a breach affecting personal data occurs, we will investigate, contain it, and notify affected users as required by applicable law.

9. Changes & contact

We may update this policy; material changes bump the version above. Questions or requests: informationignite@gmail.com. [Legal entity name — placeholder.]