Legal

Privacy Policy

Effective May 22, 2026

This Privacy Policy describes how Andrew Parr (d/b/a Praeverto) ("we", "us") collects, uses, and shares information when you use praeverto.gg ("Service"). We collect only what we need to run the Service, and we don't sell your data.

1. What we collect

Account data. When you register, we store your username and (for email/password sign-up) your email address and a salted bcrypt hash of your password. We never store passwords in plaintext.

Steam linkage (optional). When you sign in with Steam or link Steam to an existing account, we receive your Steam ID, public username, and avatar URL from Valve's OpenID endpoint. We use this to match you to demos you appear in and to display your identity in the app.

FACEIT linkage (optional). When you connect FACEIT, we receive your FACEIT player ID and public profile data via FACEIT's OAuth endpoint. We use this to import your matches and to power the My Team and Scout features.

Demos and analysis. Demo files (.dem) you upload are stored on our servers, parsed into structured data (rounds, kills, utility throws, etc.), and retained for the period your tier permits (Free 14 days, Beginner 90 days, Pro 365 days, Team plans up to unlimited). After the retention window the raw file and the derived artifacts are hard-deleted.

Payment data. If you subscribe, Stripe processes your card and we store a customer reference (e.g. cus_…) and your subscription status. We never see or store your full card number or CVC.

Usage logs. Our servers log basic request metadata (IP, user agent, endpoint, timestamp) for security, abuse prevention, and debugging. These logs are typically retained for 30 days.

Cookies and local storage. We use a small number of cookies and sessionStorage entries strictly to keep you signed in, remember preferences, and run the captcha on registration. We do not use third-party advertising trackers.

2. How we use it

  • Authenticate you and protect your Account.
  • Parse and serve the demos you upload, including derived stats and 2D replay assets.
  • Generate highlight renders when you request them.
  • Send transactional and lifecycle emails (verification, password reset, payment failure, trial reminders, optional notifications you've opted into).
  • Process subscription payments and billing-state changes.
  • Detect abuse and prevent automated attacks.
  • Aggregate anonymous usage signals to improve the product. Aggregate data is never associated with your identity in any output we publish or share.

3. Who we share with (sub-processors)

We use a small set of third parties to run the Service. Each receives only the data needed for its function:

  • Stripe — payment processing, customer records, and invoice delivery. Stripe is PCI-DSS Level 1 certified.
  • Resend — transactional email delivery (verification, password resets, billing notices, trial reminders).
  • External rendering provider — highlight clip rendering. We send the demo identifier and the timestamp range to be rendered.
  • Valve (Steam) — OAuth identity verification when you sign in with Steam.
  • FACEIT — OAuth identity verification and public match-history lookup when you link FACEIT.
  • HLTV.org — public pro match and player data that we ingest and display. We never send your personal data to HLTV.
  • Cloudflare — captcha (Turnstile) on registration to block automated sign-ups.
  • DigitalOcean — infrastructure hosting (compute, storage, managed Postgres).

We don't sell or rent your personal data to anyone. Sub-processors operate under their own privacy commitments and are bound by contract to use the data only to provide their service to us.

4. Retention

We retain Account data for as long as your Account is active. When you delete your Account, we hold it in a soft-deleted state for 30 days (to allow restoration), then permanently delete private data including your password hash, email, FACEIT/Steam linkages, and private demos. Public demos remain in the library without an owner; you can request their removal before deletion if needed.

Demo files follow the tier-based retention windows described above. Payment records may be retained for tax and accounting purposes for up to seven years even after Account deletion.

5. Your rights

Regardless of where you live, you can:

  • Access and export the data we hold about you — email support@praeverto.gg.
  • Correct inaccurate Account information yourself in Account Settings.
  • Delete your Account from Account Settings → Danger Zone.
  • Opt out of optional notification emails from Account Settings → Notifications.
  • Unlink Steam or FACEIT at any time from Account Settings.

If you are in the European Economic Area, the United Kingdom, or California, you also have the right to lodge a complaint with your local data-protection authority. We will respond to verified rights requests within 30 days.

6. Children

The Service is not directed to children under 13. We don't knowingly collect data from children under 13. If you believe we have, please contact us and we'll delete it.

7. Security

We use industry-standard security practices: TLS for all data in transit, bcrypt for password hashes, restricted database access, signed URLs for demo downloads, and routine backups. No system is perfectly secure; if we discover a breach that affects your data, we'll notify you and the relevant authorities as required by law.

8. International users

Our servers are located in the United States. By using the Service from outside the U.S., you consent to the transfer of your data to and processing in the United States, which may have data-protection laws different from your country.

9. Changes to this Policy

We'll update this Policy as the Service evolves. Material changes are announced on the site and via email (when you have one on file) at least 14 days before taking effect. The "effective" date at the top tracks the current version.

10. Contact

Privacy questions, rights requests, or breach reports: support@praeverto.gg.