Last updated: February 10, 2026
Account Information: Email address, display name, and password (hashed) when you create an account via Supabase Auth.
Queries: The text questions you submit for AI model battles.
Votes & Preferences: Your thumbs up/down votes, model preferences, and custom system prompts.
Payment Information: Processed directly by Stripe. We receive your subscription status and Stripe customer ID but never your credit card number.
Email Subscriptions: Email address if you opt into our newsletter.
Usage Data: Battle history, timestamps, model selections, response times, and scores.
Device Information: Browser type, operating system, screen resolution, and IP address.
Cookies: Authentication cookies (Supabase session), preference cookies (dark mode, view settings). See our Cookie Policy.
We do not store your API keys. "Bring Your Own Key" keys are stored only in your browser's localStorage and transmitted via HTTPS for single requests only. We do not sell individual user data to third parties. We do not use your queries to train AI models.
We use your information to: (a) provide and operate the Service; (b) process battles and generate scores, evaluations, and analytics; (c) maintain your account, battle history, achievements, and streaks; (d) send transactional emails (confirmations, password resets); (e) send marketing emails only with your explicit consent; (f) generate aggregated, anonymized benchmarks and leaderboards; (g) improve and debug the Service; (h) detect and prevent fraud, abuse, and terms violations; (i) comply with legal obligations.
AI Providers: Your queries are sent to third-party AI providers (Anthropic, OpenAI, Google DeepMind, xAI) to generate responses. Each provider processes queries under their own privacy policy and data handling practices. We recommend reviewing their policies.
Infrastructure: We use Vercel (hosting), Supabase (database/auth), and Stripe (payments). These providers process data under their respective privacy policies and DPAs.
Public Battles: If you share a battle via a public link, the query and AI responses become publicly accessible. Do not include personal information in public battles.
Aggregated Data: We may share anonymized, aggregated statistics (e.g., "Claude wins 62% of coding battles") publicly or with partners. This data cannot identify individual users.
Legal Requirements: We may disclose data if required by law, court order, or to protect our rights, safety, or property.
Account data and battle history are retained while your account is active. You may delete individual battles or your entire account at any time. Upon account deletion, we remove your personal data within 30 days. Anonymized aggregate data may be retained indefinitely. Email subscription data is retained until you unsubscribe. Payment records are retained as required by tax law (typically 7 years).
We implement industry-standard security measures including: HTTPS encryption for all data in transit; password hashing via Supabase Auth (bcrypt); Row-level security (RLS) on all database tables; no server-side storage of user API keys. However, no system is 100% secure, and we cannot guarantee absolute security.
Depending on your jurisdiction, you may have the right to: access your personal data; correct inaccurate data; delete your data ("right to be forgotten"); export your data in a portable format; object to or restrict certain processing; withdraw consent for marketing communications. To exercise these rights, email privacy@battledome.ai. We respond within 30 days.
Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where required by GDPR.
The Service is not directed at children under 13. We do not knowingly collect data from children under 13. If we learn we have collected such data, we will delete it promptly. Contact us at privacy@battledome.ai if you believe a child has provided us data.
California residents have additional rights under the CCPA: the right to know what personal information we collect and how it's used; the right to delete personal information; the right to opt out of the "sale" of personal information (we do not sell personal information); the right to non-discrimination for exercising your rights. To submit a request, email privacy@battledome.ai with subject "CCPA Request."
We may update this Privacy Policy periodically. Material changes will be notified via email or in-app notice. Continued use after updates constitutes acceptance.
Data Controller: BattleDome
Email: privacy@battledome.ai
For GDPR inquiries, see our GDPR page.