better itch search

Privacy Policy

This site is operated from Germany under the EU General Data Protection Regulation (GDPR / DSGVO). German law references in this document use the original article and section numbers; the GDPR articles are identical in every EU language.

1. Controller (Art. 4 No. 7 GDPR)

Jonathan Maria Kohlhas
Goethestraße 38A
64285 Darmstadt
Germany
Email: jonathan.kohlhas@gmail.com

2. Server logs

When you access this website the Apache web server automatically records the following data for technical purposes:

The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in the stability, security, and debugging of the site). Logs are automatically deleted by the system-wide log-rotation tool after 14 days.

3. Third-party processing

To deliver this service we use third-party providers on whose systems data is processed in accordance with that provider's own privacy policy. The data processed consists primarily of traffic data (see "Server logs" above). Other data may be stored on the provider's systems but the providers have no direct access to it. The legal basis for this processing is Art. 6 (1) (f) GDPR — our legitimate interest, weighed against your rights and freedoms, in the functional, stable, and secure operation of the website.

We use the following provider for this purpose:

4. Cookies

For anonymous visitors this site sets no cookies and uses no comparable tracking technologies.

If you choose to log in via itch.io (see § 5), one strictly- necessary session cookie is set. The cookie value is a high-entropy random string; only its SHA-256 hash is stored on our server, so a database leak alone does not allow forging the cookie. The cookie expires 30 days after your last activity (sliding window), with a hard cap of 90 days from the session's creation. Strictly necessary cookies under § 25 (2) Nr. 2 TTDSG do not require consent; we set this one only because the logged-in feature would not function without it.

Beyond the session cookie there is still no web analytics, no profiling, and no re-identification of individual users.

5. Login via itch.io (OAuth)

This site offers an opt-in login via your existing itch.io account, using the OAuth 2.0 authorization-code flow with PKCE. Login is not required to search; it enables the library- search feature described in § 6.

The OAuth flow requests the following scopes:

Before any of these scopes are requested, you see an interstitial consent screen on /auth/itch/login that names the scopes, the third-country transfer (§ 8), and the special-category surface (§ 6). Clicking "Continue to itch.io" is the moment your explicit consent under Art. 49 (1) (a) GDPR is recorded.

After itch.io issues us an access token, we fetch your profile once and store the following fields locally: your itch.io numeric user ID, username, display name, avatar URL, profile URL, first-login timestamp, and last-login timestamp.

The access token itself is stored encrypted (AES-256-GCM) with a key derived from your session cookie via HKDF-SHA256. The encrypted token in our database is therefore not usable without the live cookie — a database leak alone does not yield a token that can call itch.io as you.

Legal basis: Art. 6 (1) (b) GDPR — processing necessary for the performance of a service you requested by logging in.

Retention: the session row is deleted when you log out, when you delete your account, or when your account has been inactive for 12 months. We delete our local copy of the access token whenever the session is deleted. itch.io does not document a token-revocation endpoint we can call, so the token remains valid upstream until its natural expiry; you can revoke it manually from your itch.io API keys page.

6. Owned-games library

When you are logged in, we fetch the list of games you own from itch.io's API (via the profile:owned scope) and store it persistently in our database. The list is refreshed at most every thirty minutes. We persist this data between sessions rather than refetching each time for performance reasons: a cold fetch for a large library takes several seconds of upstream API calls, and persisting the result avoids paying that cost on every visit.

When you are logged in, we also automatically import the list of itch.io bundles your account owns from itch.io's API (the same profile:owned scope) and store it persistently against your account, together with the timestamp of import. It is refreshed alongside your owned-games list. The contents of each bundle are looked up from our own bundle catalog (a crawl of public itch.io bundle pages); we do not transmit any bundle data back to itch.io.

This data may, in combination, reveal information considered "special categories of personal data" under Art. 9 GDPR, such as political opinions, philosophical convictions, or sexual orientation. itch.io bundles often have themed or charitable framing — names like Bundle for Ukraine, Indie Bundle for Abortion Funds, TTRPGs for Trans Rights in Texas, or Queer Games Bundle. Ownership of a single bundle is not the same as a declaration of affiliation, but a stored record can on its face reveal such information.

Legal basis: Art. 6 (1) (b) GDPR for the processing in general, plus Art. 9 (2) (a) GDPR — explicit consent — for the special-category aspect. Your consent for the special-category aspect is captured at the moment you choose to log in, on a screen that names the categories of information the data may reveal — including that the bundles your account owns are imported automatically.

Versioned consent: when we materially update the consent terms, every logged-in user sees a persistent banner asking them to re-confirm at /auth/itch/consent. Library features are paused for that user until they renew or delete their account.

Retention: this data is deleted when you delete your account, when itch.io's API reports you no longer own a particular game (removed on the next refresh), or automatically when your account has been inactive for 12 months. The 12-month inactivity sweep runs once a day and removes the profile row, the session, the stored game library, and any bundle assertions in a single transaction. Withdrawing the Art. 9 (2) (a) consent is equivalent to deleting the account, because the library-search feature cannot function without the data.

7. Account-bound list features and UI preferences

When you are logged in, three additional categories of data are processed against your account so the corresponding features work across devices:

Legal basis: Art. 6 (1) (b) GDPR for the UI preferences (performance of the service you requested by toggling a setting while logged in); Art. 6 (1) (a) GDPR for list ownership and follows (consent, given at the point you claim, publish-while-logged-in, or follow a list).

Retention. UI preferences and follows are deleted together with your account. Curated lists you have published survive account deletion: they remain publicly accessible at their existing URLs, but the link to your itch.io account (the access-control role grant) is removed and any shareable edit URLs you minted for those lists are revoked at the same time. If you would rather your lists disappear with your account, delete them individually from "My lists" before deleting your account. The pre-deletion screen shows the count of lists you own and follow and links to the management page.

8. Transfer to a third country (USA)

itch.io is operated by Itchio Inc., 1023 Springdale Rd. Bldg 13 Ste F, Austin, Texas 78721, USA. Logging in and refreshing your library involve transmitting personal data to Itchio Inc.:

Legal basis for the third-country transfer: Art. 49 (1) (b) GDPR — the transfer is necessary for the performance of the service you have requested by clicking "Log in with itch.io" and by using the library-search feature. We do not transfer your data to Itchio Inc. for any other purpose. itch.io's privacy policy is available at itch.io/docs/legal/privacy-policy.

9. Browser local storage

The site stores small amounts of data in your browser's localStorage to provide certain UX features. This data never leaves your device and is not transmitted to our server, except in two cases described below where the value is also mirrored to your account when you are logged in.

You can clear all of this data at any time via your browser's "Clear site data" function (or by clearing localStorage for this domain).

10. Curated lists (user-generated content)

The site lets you publish saved searches as anonymous "curated lists". When you publish a list, the title, description, topic chips, and the underlying search query are stored in our database. No account, email address, or other identifying data is required; the list is associated only with a randomly generated edit token that is shown to you once and saved in your browser's localStorage. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in operating the publication feature).

If you click "Report this list" on a list view, a salted cryptographic hash of your IP address is stored in the list_reports table together with the slug of the reported list, an optional free-text reason, and the time of the report. Reports are deduplicated per (list, IP-hash) within a 24-hour window. The salt is rotated every 24 hours and is not retained; once rotated, no one — including us — can map an old hash back to the originating IP. The legal basis for this processing is Art. 6 (1) (f) GDPR (our legitimate interest in moderating user-generated content). Report rows are kept until manual review.

11. Embedded preview images

Game preview images are served directly by itch.io's image CDN img.itch.zone. Loading a search result therefore transmits your IP address to itch.io. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in showing preview images without local caching). itch.io's privacy policy is available at itch.io/docs/legal/privacy-policy.

12. JavaScript libraries

The site uses the HTMX JavaScript library for interactive search. The library is served directly from this server; no data is transmitted to any third-party CDN.

13. Origin of game information

The game titles, descriptions, tags, and preview-image URLs shown here are sourced from itch.io. They are fetched at regular intervals from itch.io's public RSS feeds and HTML pages and cached in a local database to make the search feature possible. Only publicly available content is processed; areas excluded by robots.txt are not fetched.

14. Your rights

You have the following data-subject rights under the GDPR:

If you have an itch.io login on this site, you can delete your account and all data associated with it at any time from your account page at /auth/itch/account. The deletion screen asks you to type DELETE to confirm before anything happens. Deletion is immediate: your session, the profile fields we mirrored from itch.io, your stored game library, and any bundle assertions are removed in a single operation. Withdrawing the Art. 9 (2) (a) consent described in § 6 is equivalent to deleting the account, because the library-search feature cannot function without the data.

Data export (Art. 15 / Art. 20). Logged-in users can download a JSON copy of all data associated with their account at /auth/itch/account/export — profile fields, owned-games list, bundle assertions, and last-refresh timestamp. The export excludes session rows because those are security material (encrypted access token, session-id hash) and not data about you in the Art. 15 sense.

List reports. The list_reports table (§ 10) is not linked to itch.io accounts: we deliberately do not store an IP column on the session table, so we have no way to correlate a report row with the account that submitted it. List-report IP retention is governed by § 10, independently of any account-delete action.

For other requests (rectification, restriction, objection), please send an informal email to the address listed under § 1.

15. Last updated

This privacy policy was last updated in May 2026 (added account-delete + data-export self-serve endpoints, versioned consent flow, login interstitial with named Art. 49 (1) (a) and Art. 9 (2) (a) consent moments, salted-and-rotated hashing of IP addresses in list reports, and the 12-month inactivity sweep).

searching…