Privacy Policy and Terms of Service

Effective Date: January 1 2025 | Last Updated: October 18 2025

Privacy Policy

This Privacy Policy explains how Hashcracky (“we,” “our,” or “us”) collects, uses, discloses, and safeguards information when you visit or use our website and related services (collectively, the “Service”). By using the Service, you consent to the practices described below.

1. Information We Collect

We intentionally designed Hashcracky to operate with minimal personal data. We do not ask for names, postal addresses, payment details, or other traditional identifiers. However, certain limited data is generated automatically:

Technical & Security Data (IP address, user-agent string) is processed in memory only for anti-spam and rate-limiting purposes and is discarded on every application restart. The data is never written to disk unless automatically captured by protective middleware that is triggered during suspected abuse.
Account Activity such as hashed usernames, leaderboard entries, and challenge submissions.
Server Logs (error traces, performance metrics) may be kept for up to 90 days to maintain operational integrity. Logs do not contain IP addressess.

IP addresses can be personal data in some jurisdictions; our limited, security-only use is based on legitimate interest in safeguarding the Service (GDPR Art. 6(1)(f)).

2. Cookies and Local Storage

We use the following browser storage mechanisms solely for Service functionality and never for cross-site tracking or advertising:

Key	Type	Purpose	Retention
`auth_token`	Cookie (essential)	Maintains your authenticated session.	Expires when you log out or clear cache.
`hcky.reset`	Local Storage	Stores account-reset codes you explicitly request.	Expires when you log out or clear cache.
`hcky_regen_field`	Local Storage	Stores inventory option you explicitly request.	Expires when you log out or clear cache.

Because these items are strictly necessary for core functionality, an opt-out would break the Service. We do not place third-party or analytics cookies.

3. How We Use Information

We use the limited data described above to:

Authenticate users and maintain sessions.
Operate leaderboards and game mechanics.
Prevent spam and abuse through temporary IP-based rate limiting.
Monitor uptime and diagnose errors (aggregated log data).

We rely on (a) your consent when you create an account, and (b) our legitimate interest in providing a secure and functional competition platform.

4. Disclosure to Third Parties

We do not sell or rent any information. The only external party that may process data on our behalf is:

Digital Ocean, LLC – infrastructure hosting provider (servers located in the United States). See their policy at digitalocean.com/legal/privacy.

5. International Data Transfers

All data is stored and processed exclusively on U.S.-based servers (“droplets”) operated by Digital Ocean. We do not transfer data across borders.

6. Security

We employ modern application security techniques, encryption, and secure principles across Hashcracky. Nevertheless, no service can guarantee absolute security.

7. Data Breach Notification

In the unlikely event of a breach affecting account data, we will post a public statement on all available media channels and, where legally required, notify regulators and affected users without undue delay.

8. Data Retention

User-initiated account deletion removes account data immediately.
Server logs (error traces, performance metrics) are purged every 90 days.
Historical leaderboard usernames may be retained indefinitely for record integrity.

9. Your Rights

Depending on your location, you may have the right to access, correct, erase, or restrict processing of your data, and to object to certain uses. To exercise any right, email us at contact@hashcracky.com. We respond within 30 days. EU/EEA residents may lodge complaints with their local supervisory authority.

10. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect data from this age group. If we learn that such information has been submitted, we will delete it promptly.

11. Sensitive Data

We do not collect special-category data (e.g., health, biometrics) and provide no form field capable of accepting it.

12. Automated Decision-Making

Automated logic is limited to IP-based rate limiting that temporarily restricts requests when abusive patterns are detected. No profiling is performed.

13. “Do Not Track” Signals

Because we perform no cross-site tracking, our Service behaves the same regardless of a browser’s Do Not Track or Global Privacy Control signal.

14. Accessibility

This policy is available in alternative formats upon request. Contact us at contact@hashcracky.com.

15. Changes to This Policy

We may update this Policy from time to time to reflect changes in technology, law, or our practices. Material changes will be announced via a notice on our website.

16. Contact Us

If you have questions or concerns, email contact@hashcracky.com. We do not maintain a physical office address.

Terms of Service

These Terms of Service (“Terms”) govern your use of Hashcracky. By accessing the Service, you agree to be bound by these Terms.

1. Use of Service

You agree to use the Service lawfully and in a way that does not infringe the rights of others. Prohibited activities include harassment, transmitting obscene content, and attempting to gain unauthorized access.

2. Account Responsibility

You are responsible for keeping your account credentials confidential and for all activities that occur under your account.

3. Rate Limiting & Anti-Abuse

To safeguard the Service, we impose automated, IP-based rate limits. Breaching these limits may result in temporary or permanent suspension.

4. Termination

We may suspend or terminate your access without notice if you violate these Terms or if we discontinue the Service.

5. No Guarantee of Service

The Service is provided “as is” without warranties of any kind, including availability or accuracy.

6. Intellectual Property

All original content and code are the property of Hashcracky and its licensors and are protected by copyright and other laws.

7. Randomness of Service

Some features are intentionally random. We do not guarantee that generated content will meet expectations or be appropriate for all audiences.

8. Fictional Content

All content is fictional and any resemblance to real persons or data is coincidental.

9. Limitation of Liability

To the fullest extent permitted by law, Hashcracky shall not be liable for indirect or consequential damages arising out of the use or inability to use the Service.

10. Governing Law

These Terms are governed by the laws of the United States without regard to conflict-of-law principles.

11. Changes to Terms

We may modify these Terms at any time. Material changes will be posted on the website. Continued use after changes constitutes acceptance.

12. Contact

Questions about these Terms? Email us at contact@hashcracky.com.