Privacy Policy

1. Introduction

Welcome to Chessplain ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our chess analysis platform.

2. Information We Collect

2.1 Account Information

When you sign up using Google OAuth, we collect:

• Email address
• Name
• Google profile picture
• Unique identifier from Google

2.2 Usage Data

We collect information about how you use Chessplain:

• Chess games you upload (PGN files)
• Analysis requests and AI-generated explanations
• Feature usage (deep dives, position analysis)
• Subscription tier and billing information
• Daily usage statistics (games analyzed, deep dives used)

2.3 Technical Data

• IP address
• Browser type and version
• Device information
• Session data and cookies

3. How We Use Your Information

We use your data to:

• Provide our service: Analyze chess games, generate AI explanations, and store your game history
• Authenticate users: Verify your identity and manage your account
• Process payments: Handle subscriptions and billing through Stripe
• Enforce usage limits: Track daily game and analysis quotas based on your subscription tier
• Improve our service: Understand usage patterns and optimize features
• Communicate with you: Send service updates, security alerts, and support messages
• Prevent abuse: Detect and prevent fraudulent activity or terms violations

4. Data Sharing and Third Parties

We share your data with trusted third-party services:

4.1 Essential Service Providers

• Supabase: Database and authentication (privacy policy: supabase.com/privacy)
• Stripe: Payment processing (privacy policy: stripe.com/privacy)
• AI Service Providers: AI analysis generation for chess position explanations
• Google: OAuth authentication (privacy policy: policies.google.com/privacy)

4.2 We Never Sell Your Data

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest for database storage
• Row-Level Security (RLS) to isolate user data
• Regular security audits and updates
• Secure authentication with JWT tokens
• Rate limiting to prevent abuse

6. Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update incorrect or incomplete information
• Deletion: Request deletion of your account and associated data
• Portability: Export your chess game data
• Withdraw consent: Revoke authorization for data processing
• Object: Object to certain types of data processing

To exercise these rights, contact us at privacy@getchessplain.com

7. Data Retention

We retain your data for as long as your account is active. When you delete your account:

• Your chess games and analyses are permanently deleted within 30 days
• Your account information is removed from our systems
• Billing records are kept for 7 years for tax compliance
• Anonymized usage statistics may be retained for analytics

8. Cookies and Tracking

We use cookies for:

• Authentication: Maintaining your login session (essential)
• Preferences: Remembering your settings (functional)

See our Cookie Policy for more details.

9. Children's Privacy

Chessplain is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email notification for material changes

11. Contact Us

If you have questions about this privacy policy or our data practices, contact us at:

• Email: privacy@getchessplain.com