Privacy Policy

This Privacy Policy describes how Last Ship Sailing ("LSS," "the Game," "we") handles your data. LSS is a hobby project by Ashman Roonz, hosted at lss.fractalreality.ca.

1. Data we collect via Discord OAuth

When you click "Sign in with Discord" in LSS, Discord prompts you to authorize the Game to read a small set of data about your Discord account. We request only the identify scope (and, if you launch LSS as a Discord Activity in a voice channel, additional scopes specific to the Activity context).

The data we receive from Discord under identify consists of:

• Your Discord user ID (a numeric identifier).
• Your Discord username and global display name.
• Your Discord avatar (URL to the image hosted by Discord).

We do not request:

• Your email address.
• Your phone number.
• Your IP address (Discord may log this on its side; we do not see it).
• Your direct message contents or any private channel content.
• Connections to other accounts (Twitch, YouTube, etc.) unless you explicitly grant additional scopes in a future feature.

2. How we use that data

Your Discord identity is used for:

• Rendering your avatar and display name in the Game's lobby and (planned) in-match HUD elements.
• Identifying you in match-result records stored in our database so leaderboards and per-player profiles know who played which match.
• Validating in our backend Worker that you are a real Discord-authenticated user before accepting your match-result submissions or room heartbeats.

We do not use your data for advertising, profiling, training of AI models, or any commercial purpose. LSS is a non-commercial hobby project.

3. What we additionally collect when you play

Each time you complete a match, your browser submits the match's result to our backend. The submission includes:

• The match's start and end timestamps, the map you played on, and which team won.
• Each participant's Discord ID, the ship loadout they chose, their team, and their kill / death / damage-dealt / damage-taken / MVP / win-loss numbers.
• Whether the match was solo (one human vs bots) or multiplayer (two or more humans).

This data populates per-player career stats and the public leaderboard. Match records are immutable once validated ; we don't track location data, in-game chat (there isn't any), keystroke timing, or anything else beyond the gameplay numbers above.

4. Where your data is stored

LSS uses a small backend stack hosted entirely on Cloudflare's infrastructure. Three places hold data:

On your device (browser localStorage): Your Discord OAuth access token and a cached copy of your Discord user object are stored in your browser's localStorage so signin persists across page reloads. Your in-game settings (volume preferences, control bindings, etc.) also live here. This data lives on your machine only. Clearing your browser's site data, or signing out of LSS, removes it.

In our Cloudflare D1 database (lss-stats): Player career rows (one per Discord user) and match records are stored in a small SQLite database hosted by Cloudflare's edge infrastructure. Tables are players, matches, match_participants, player_loadout_stats, and achievements. The data is owned by the developer (Ashman Roonz) ; Cloudflare provides the hosting under their terms. The database is small (typical free-tier usage), single-region (Cloudflare's nearest data center to North America), and only the LSS Worker has write access via authenticated D1 bindings.

In Cloudflare KV (ephemeral cache): Two small key-value stores hold short-lived data: room heartbeats (90-second TTL ; expires automatically when a room goes silent) and a top-N leaderboard cache (60-second TTL ; serves repeated leaderboard reads without re-querying D1). KV entries auto-expire ; nothing persists beyond the TTL.

Through our Cloudflare Worker: Every authenticated API request (match post, leaderboard read, profile fetch, room heartbeat) is validated by a Worker that checks your Discord OAuth token against Discord's /users/@me endpoint. The Worker does not log requests or persist any user data beyond what's described above. Cloudflare may log infrastructure-level metadata as part of running the Worker ; see Cloudflare's Privacy Policy for what they do with that.

On Discord: If we ever post highlight notifications to a Discord channel for big moments (championship wins, milestones), those posts live on Discord under its own data policies. As of this version, no such posts are sent automatically ; the integration exists but is opt-in for future use.

On any server we directly operate: Nothing. We don't run a self-hosted server, a VM, a Pi, or anything else. The only infrastructure is Cloudflare's managed services (Workers + D1 + KV) plus GitHub Pages for static hosting.

5. Cookies and similar technologies

LSS does not use cookies. We use browser localStorage to persist your Discord token (described above) and your in-game settings (volume preferences, control bindings, etc.). We do not use third-party analytics, advertising trackers, fingerprinting, or any other tracking mechanism. The leaderboard / profile / rooms pages on lss.fractalreality.ca do not run analytics scripts of any kind.

6. How to delete your data

You have several straightforward options to remove your data from LSS:

• Hit the deletion API. While signed in, visit any page on lss.fractalreality.ca and run this in the browser console (F12):
  fetch('https://lss-backend.ashroney.workers.dev/me', { method: 'DELETE', headers: { Authorization: 'Bearer ' + localStorage.getItem('lss_discord_token') } }).then(r => r.json()).then(console.log)
  This scrubs your players row, your match-participation records, your per-loadout aggregates, and any achievements from the D1 database. Returns { ok: true, scrubbed: true }. Match rows themselves remain (they are immutable historical records) but you no longer appear in them.
• Sign out from the LSS lobby. This clears your Discord token and cached identity from your browser's localStorage immediately. Does not delete D1 data ; use the API endpoint above for that.
• Revoke LSS's access in your Discord account settings, under Advanced → Authorized Apps. This invalidates any token LSS holds for you and prevents future signins until you re-authorize. Does not delete D1 data ; use the API endpoint above.
• Clear your browser site data for lss.fractalreality.ca. Removes all locally stored LSS data including settings.
• Email the developer at ashroney@gmail.com if any of the above don't work for you, and ask for manual deletion.

7. Children's privacy

LSS is not directed at children under 13. You must be at least 13 years old (or the minimum age required by Discord in your jurisdiction, whichever is higher) to use LSS. If we become aware that a user under that age has signed in, we will revoke their access.

7. Third parties

LSS interacts with the following third-party services:

• Discord (identity, channel storage, planned Activities runtime). Subject to Discord's Privacy Policy.
• Cloudflare (DNS, edge serving, Worker proxy). Subject to Cloudflare's Privacy Policy.
• GitHub Pages (static hosting for the Game and these documents). Subject to GitHub's Privacy Statement.
• WebTorrent / BitTorrent trackers (used by Trystero for peer discovery during multiplayer matchmaking). These are public infrastructure not operated by us; they see your peer ID briefly during the connection handshake.
• Google Fonts (used by these documentation pages, not by the Game itself). Subject to Google's Privacy Policy.

We do not control these services and we are not responsible for their privacy practices. We chose them for technical fit and intentionally use only the minimum surface area each provides.

8. Data we do NOT collect

To be clear about what's not happening:

• No analytics or telemetry.
• No advertising identifiers.
• No browser fingerprinting.
• No background data collection.
• No selling, renting, sharing, or licensing of your data to anyone.
• No use of your data to train AI models.

9. International users

LSS is operated from Canada. By using LSS, you consent to your data being processed in Canada and routed through Cloudflare's global edge network. If you are a resident of the European Union, the United Kingdom, California, or another jurisdiction with specific data-protection laws, you may have additional rights (access, correction, deletion, portability). The minimal-data architecture of LSS makes most of these straightforward to honor ; the deletion mechanisms in Section 6 satisfy the typical requests.

10. Security

We follow standard security practices for the limited surface area LSS exposes:

• All connections use HTTPS (provided by Cloudflare and GitHub Pages).
• The Cloudflare Worker validates every authenticated request's Discord token against Discord's /users/@me endpoint before allowing writes to the database.
• Database write access is gated to the Worker only, via Cloudflare's signed D1 binding ; no direct external access to the database exists.
• The Game uses Discord's PKCE OAuth flow, which avoids the need for any shared client secret in the browser.
• Match results require consensus from all human participants before being counted toward leaderboards ; reports that disagree are flagged and excluded.

That said, no system is perfectly secure. If you become aware of a security issue with LSS, please report it privately to ashroney@gmail.com rather than disclosing it publicly.

11. Changes to this Policy

This Privacy Policy may be updated from time to time. Material changes will be posted at this URL with an updated effective date. Continued use of LSS after changes are posted constitutes acceptance of the revised Policy.

12. Contact

Questions about this Privacy Policy, requests for data access or deletion, and any other privacy-related concerns can be sent to ashroney@gmail.com, or raised in the LSS Discord server with moderators.