Privacy Policy

This website complies with Swiss Federal Act on Data Protection (FADP) and implements privacy-by-design principles. We are committed to protecting your privacy and handle all data with the utmost care.

For data protection inquiries: support@isitabluegem.com

We implement privacy by design principles:

• All users identified by SHA256 hash: hash(auth_method:user_id:salt)
• Hashes are mathematically irreversible - cannot be traced back to you
• Zero personal identifiable information (PII) in our database
• No collection of IP addresses, user agents, device info, or browser data
• Only essential service data linked to anonymous hashes
• Steam inspect links stored as they are public game data, not personal information
• Security audit logs maintained without any personal data
• Row-level security ensures you can only access your own anonymized data

We store Steam inspect links for discovered patterns. These are::

• Public game data that anyone can access
• Not linked to any personal information
• Designed by Valve to be freely shared
• Used to allow users to view and verify blue gem patterns in CS2

We use third-party authentication services. When you log in:

• Discord OAuth2:
  • We receive only your Discord user ID
  • This ID is immediately hashed and never stored
• Steam OpenID:
  • We receive only your Steam ID
  • This ID is immediately hashed and never stored

Important: We never receive or store your email, username, or any other personal information from these providers.

Your anonymized data may be processed in the following locations:

• Supabase servers (United States) - stores only hashed identifiers
• Google Analytics servers (United States) - if you consent to analytics

Since we only store anonymous hashes, your personal identity remains protected regardless of data location. We comply with Swiss Federal Act on Data Protection (FADP).

Under Swiss data protection law, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Restrict processing of your data
• Object to certain processing

We retain your data for the following periods:

• Anonymous user hashes and preferences: Until deletion request
• Blue gem discoveries and wishlists: Indefinitely (linked to anonymous hash)
• Analytics data: 26 months (if consented)
• Audit logs: 90 days (contains only anonymous hashes)
• IP addresses, user agents, session IDs: Never collected or stored

Our privacy-by-design architecture provides industry-leading security:

• SHA256 hashing with salt makes user identification mathematically irreversible
• Row-level security (RLS) ensures users can only access their own data
• No personal data stored means nothing sensitive to breach
• Comprehensive audit logging without exposing any personal information
• Anonymous database views prevent accidental PII exposure

Compliant with Swiss Federal Act on Data Protection (FADP) requirements.

For any privacy-related questions or to exercise your rights, please contact us at:

support@isitabluegem.com

We aim to respond to all requests within 30 days.