GameShelf Legal

Privacy Policy

Last updated: February 28, 2026

1. Who We Are

GameShelf is operated by an individual developer under the pseudonym wolfort, based in Poland.

For privacy questions or data subject requests, contact: help@gameshelf.me.

2. Scope

This policy explains how we collect, use, store, and protect personal data when you use GameShelf web features, including account registration, game library management, social features, and optional analytics.

3. Data We Process

Depending on how you use the service, we may process:

  • Account data: username, email address, password hash, account role, email verification status.
  • Security/session data: authentication cookies, refresh tokens (hashed in storage), login/session metadata.
  • Profile data: display name, bio, avatar URL, timezone, UI and privacy preferences.
  • Library and play data: game status, ratings, reviews, ownership details, playthrough logs, activity entries.
  • Social data: follower/following relationships, notifications, public profile counters and activity feed elements.
  • Technical/log data: IP address, user agent, request path and response status for service security and diagnostics.
  • Cookie/consent data: your analytics consent choice and related preference cookie/local storage value.
  • Captcha verification data: token and related request data needed to validate anti-bot checks.

4. Why We Process Data (Purposes)

  • To create and maintain your account.
  • To authenticate sessions and secure access.
  • To provide game tracking, logging, and social features.
  • To send operational emails, including verification.
  • To prevent abuse, spam, and unauthorized access.
  • To operate and improve service performance and reliability.
  • To measure website usage through optional analytics, only when consent is granted.

5. Legal Bases (GDPR)

  • Article 6(1)(b) GDPR: performance of a contract (account and core service functionality).
  • Article 6(1)(f) GDPR: legitimate interests (security, fraud prevention, service integrity, diagnostics).
  • Article 6(1)(a) GDPR: consent (optional analytics cookies and related analytics processing).
  • Article 6(1)(c) GDPR: compliance with legal obligations, where applicable.

6. Cookies and Similar Technologies

GameShelf uses essential cookies required for authentication and session continuity. Optional analytics cookies are disabled by default and are activated only if you accept them.

You can read more in our Cookie Policy and change your choice in the cookie banner when presented.

7. Third-Party Services and Recipients

We may share limited data with processors or service providers needed to run the platform, including:

  • Cloudflare Turnstile (captcha/anti-bot verification).
  • Google Analytics (only if analytics consent is granted).
  • Email infrastructure providers (verification and operational email delivery).
  • Game metadata providers such as IGDB for game information lookup.
  • Hosting and infrastructure providers used to run GameShelf systems.

Where relevant in the interface, we provide source attribution for game metadata (for example, IGDB.com) in line with applicable provider terms.

8. International Transfers

Some service providers may process data outside the EEA. Where that happens, we rely on appropriate safeguards under GDPR, such as contractual safeguards or other valid transfer mechanisms.

9. Data Retention

We retain data for no longer than necessary for the purposes described above, including:

  • Account and profile data: while your account remains active and as needed for service operation and security records.
  • Authentication/session data: short-lived authentication cookie data and refresh-session data according to session/security design.
  • Game, social, and activity data: while your account is active, unless deletion is requested and legally permissible.
  • Consent preference data: retained to remember your cookie choice and apply it consistently.
  • Logs and diagnostics: retained for security, abuse prevention, and troubleshooting for a limited operational period.

We periodically review retention practices and may update this policy as retention windows evolve.

10. Public Profile and Social Visibility

GameShelf includes social and community features. Depending on your settings and feature behavior, parts of your profile and activity may be visible to other users. Review privacy settings in your account to control social visibility where options are available.

11. Your Rights Under GDPR

You may request, where applicable:

  • Access to your personal data.
  • Rectification of inaccurate data.
  • Erasure of data.
  • Restriction of processing.
  • Data portability.
  • Objection to certain processing.
  • Withdrawal of consent at any time for consent-based processing.

To exercise rights, email help@gameshelf.me. You also have the right to lodge a complaint with your competent supervisory authority, including in Poland.

12. Automated Decision-Making

GameShelf does not use solely automated decision-making that produces legal effects or similarly significant effects on users.

13. Security

We implement technical and organizational safeguards appropriate to platform risk, including access controls, token and cookie security, and protective measures designed to reduce unauthorized access and abuse.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When material changes are made, we will publish an updated version and revise the "Last updated" date.

15. Contact

Privacy contact: help@gameshelf.me

Related legal pages: Terms of Service and Cookie Policy.