Privacy Policy

This site is operated from Germany under the EU General Data Protection Regulation (GDPR / DSGVO). German law references in this document use the original article and section numbers; the GDPR articles are identical in every EU language.

1. Controller (Art. 4 No. 7 GDPR)

Jonathan Maria Kohlhas
Goethestraße 38A
64285 Darmstadt
Germany
Email: jonathan.kohlhas@gmail.com

2. Server logs

When you access this website the Apache web server automatically records the following data for technical purposes:

• IP address
• date and time of the request
• requested URL and HTTP method
• HTTP status code
• user-agent string
• referrer URL

The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in the stability, security, and debugging of the site). Logs are automatically deleted by the system-wide log-rotation tool after 14 days.

3. Third-party processing

To deliver this service we use third-party providers on whose systems data is processed in accordance with that provider's own privacy policy. The data processed consists primarily of traffic data (see "Server logs" above). Other data may be stored on the provider's systems but the providers have no direct access to it. The legal basis for this processing is Art. 6 (1) (f) GDPR — our legitimate interest, weighed against your rights and freedoms, in the functional, stable, and secure operation of the website.

We use the following provider for this purpose:

• Hetzner Online GmbH, Industriestraße 25, 91719 Gunzenhausen, Germany (Data Processing Agreement)

4. Cookies

This site sets no cookies and uses no comparable tracking technologies. There is no web analytics, no profiling, and no re-identification of individual users.

5. Browser local storage

The site stores small amounts of data in your browser's localStorage to provide certain UX features. This data never leaves your device and is not transmitted to our server.

• theme — your manual light/dark mode preference.
• lists.owned — for any curated lists you have published from this browser, the slug and the edit token, so you see an "Edit this list" button on the public page without needing to keep the edit URL handy. The edit token is the only way to modify or delete a list and is intentionally not transmitted unless you click the button.
• lists.followed — slugs of curated lists you have followed, so they appear in the "Following" sidebar on the curated-lists page.
• lists.<slug>.seen — for each list you visit, the set of game URLs that were on the page during your previous visit. Used purely client-side to highlight items that are new to you.
• lists.<slug>.reported — a marker that you have submitted a report for a particular list, used to suppress the "Report" button on subsequent visits.
• indexing-banner-dismissed — a flag remembering that you have dismissed the "still indexing" banner.

You can clear all of this data at any time via your browser's "Clear site data" function (or by clearing localStorage for this domain).

6. Curated lists (user-generated content)

The site lets you publish saved searches as anonymous "curated lists". When you publish a list, the title, description, topic chips, and the underlying search query are stored in our database. No account, email address, or other identifying data is required; the list is associated only with a randomly generated edit token that is shown to you once and saved in your browser's localStorage. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in operating the publication feature).

If you click "Report this list" on a list view, your IP address is stored in the list_reports table together with the slug of the reported list and the time of the report, deduplicated per (list, IP). The legal basis for this processing is Art. 6 (1) (f) GDPR (our legitimate interest in moderating user-generated content). Reports are kept until manual review.

7. Embedded preview images

Game preview images are served directly by itch.io's image CDN img.itch.zone. Loading a search result therefore transmits your IP address to itch.io. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in showing preview images without local caching). itch.io's privacy policy is available at itch.io/docs/legal/privacy-policy.

8. JavaScript libraries

The site uses the HTMX JavaScript library for interactive search. The library is served directly from this server; no data is transmitted to any third-party CDN.

9. Origin of game information

The game titles, descriptions, tags, and preview-image URLs shown here are sourced from itch.io. They are fetched at regular intervals from itch.io's public RSS feeds and HTML pages and cached in a local database to make the search feature possible. Only publicly available content is processed; areas excluded by robots.txt are not fetched.

10. Your rights

You have the following data-subject rights under the GDPR:

• access to data about you that is stored (Art. 15 GDPR)
• rectification of inaccurate data (Art. 16 GDPR)
• erasure (Art. 17 GDPR)
• restriction of processing (Art. 18 GDPR)
• data portability (Art. 20 GDPR)
• objection (Art. 21 GDPR)
• complaint to a supervisory authority (Art. 77 GDPR)

Please send any such request informally by email to the address listed under section 1.

11. Last updated

This privacy policy was last updated in May 2026.