Privacy
Privacy Policy
What APN collects, why it is needed, who helps process it, and how to ask for access, deletion, or correction. APN does not sell personal data.
1#Who runs APN
All Patch Notes operates the public APN service at allpatchnotes.com. Staging or preview hosts are not part of the public service and remain blocked from indexing.
General questions go to contact@allpatchnotes.com. Privacy, copyright, and legal notices go to legal@allpatchnotes.com.
2#What APN collects
- Account data when you sign up: email address, display name, profile preferences, sign-in identifiers, and authentication session state.
- Activity data tied to your account: saved posts, followed games or sources, notification preferences, and settings.
- Feedback data: good or bad vote, reason tags, optional note, content item ID, user ID when signed in, or a salted anonymous browser hash when signed out.
- Technical data used for security and reliability: user agent, origin, coarse rate-limit signals, Cloudflare request data, and similar abuse-prevention details.
- Contact data: the email address, subject, and message body you send to APN by email.
The public feedback form opens your email client. APN does not receive that message until you choose to send it from your own mail app.
3#Google Sign-In
If you choose Google Sign-In, APN uses Supabase Auth to receive the minimum Google account data needed to create or access your APN account: Google account ID, email address, and basic profile fields such as name or avatar when Google provides them.
- No Gmail, Drive, Contacts, or Calendar access.
- No sensitive or restricted Google scopes.
- No use of Google user data for ads, resale, credit decisions, or profiling outside APN account access.
- No transfer of Google user data except to service providers needed to run APN sign-in.
- Google data is used only to authenticate you, keep your account secure, and show basic account UI.
This section is written to match the Google API Services User Data Policy. You can revoke APN's Google access from your Google Account permissions, and you can email legal@allpatchnotes.com with subject "Privacy request" to delete the APN account tied to that sign-in.
4#How APN uses data
- To run browsing, search, saved posts, follows, account settings, and feedback.
- To send account messages such as sign-in links, password resets, security notices, and deletion confirmations.
- To measure optional analytics only after consent.
- To detect abuse, rate-limit requests, and keep the public site available.
- To respond to support, privacy, security, and legal requests.
5#Legal bases for EEA and UK users
- Contract: to provide the APN account and saved/follow features you request.
- Legitimate interests: to operate, secure, debug, and improve APN without overriding your rights.
- Consent: for optional analytics and any future feature that clearly asks for consent.
- Legal obligation: when APN must keep, disclose, or remove data to comply with law.
6#Service providers
APN does not sell personal data. These providers run parts of the service for APN.
| Provider | Purpose | Region | Data category |
|---|---|---|---|
| Cloudflare | Edge delivery, Workers runtime, DDoS and bot protection | Global edge | Technical and security data |
| Cloudflare Turnstile | Abuse checks on protected forms or flows when enabled | Global edge | Security challenge signals |
| Supabase | Authentication, user-owned account data, and public graph reads | EU / US | Account and activity data |
| Google Sign-In | Optional OAuth sign-in | Global | Google account ID, email, basic profile |
| Google Analytics 4 | Consent-gated aggregate usage measurement with IP anonymization | US / EU | Usage analytics after consent |
| Google Workspace / Gmail | Inbound support, legal, privacy, and security mail handling | Global | Email correspondence |
| Typesense on APN infrastructure | Search index for public content | EU | Public content metadata and search queries |
APN sends data to law enforcement only when legally required and only for the minimum scope required by the request.
7#International transfers
APN uses global infrastructure. When personal data crosses borders, APN relies on Standard Contractual Clauses, a UK IDTA or addendum when needed, or another lawful transfer mechanism for the jurisdiction.
8#Retention
| Data | Retention |
|---|---|
| Account data | While the account is active, then deleted within 30 days of a verified deletion request unless law requires a longer hold. |
| Saved posts, follows, and settings | Tied to the account lifecycle. |
| Anonymous feedback dedupe cookie and salted hash | Up to 12 months. |
| Aggregated analytics | Up to 24 months. |
| Security logs | Usually up to 90 days unless an incident requires longer retention. |
| Support or legal correspondence | Up to 24 months after the matter closes, or longer when needed for a legal claim. |
9#Your rights
Privacy requests
Email legal@allpatchnotes.com with subject "Privacy request" to ask for access, correction, deletion, export, objection, restriction, or consent withdrawal.
- APN may ask you to verify the account or email address before acting.
- APN responds within 30 days unless law allows or requires more time.
- You can also complain to your local data protection authority.
10#Security
APN uses TLS, Cloudflare edge protection, scoped service tokens, row-level security for user-owned tables, and least-privilege access. No online service is fully secure.
Security reports go to security@allpatchnotes.com or the Report Issue page. Please coordinate disclosure before publishing details.
11#Children
APN is a general-audience service for game update readers. It is not aimed at children under 13, or under 16 where local law sets that bar. If you believe a child created an account, contact APN and the account will be reviewed for deletion.
12#Changes
Material changes appear on this page with a new effective date. If a change affects account holders in a meaningful way, APN will also use email or an in-product notice when practical.
*Privacy contact
For access, correction, deletion, export, copyright, or other formal notices, use the legal inbox.
legal@allpatchnotes.comOpen email with subject "Privacy request"
Privacy / Terms / Cookies / Accessibility / Contact