MyChessGPT

Privacy Policy

Last updated: May 14, 2026

This Privacy Policy explains how MyChessGPT ("we", "our", or "us"), operated at mychessgpt.com, collects, uses, and protects your information when you use our AI-powered chess tutoring service. By using MyChessGPT, you agree to the practices described here.

1. Information We Collect

Account information

When you create an account we collect:

  • Email address
  • Display name (chosen by you)
  • Profile picture (if you upload one)
  • Password (stored as a secure hash — we never see your plain-text password)
  • Sign-in method (email/password or Google OAuth)

Content you create

When you use the service we store:

  • Chat messages and AI responses you generate
  • Chess positions (FEN), game scores (PGN), and move history shared with the AI
  • Chats you choose to share with others

Usage and technical data

  • Pages visited and features used within the app
  • Browser type, device type, and IP address
  • Error logs and performance data
  • Number of messages sent (used to enforce free-tier limits)

Payment information

If you subscribe to a paid plan, payment is processed by our third-party payment processor. We do not store your card number, CVV, or bank details. We retain only your subscription status and billing history.

What we do NOT collect

  • Phone number or physical address
  • Biometric data
  • Precise geolocation
  • Any information from children under 13

2. How We Use Your Information

  • To provide the MyChessGPT service — including sending your chess questions and positions to AI providers to generate tutoring responses
  • To authenticate your account and keep it secure
  • To enforce free-tier message limits and manage subscriptions
  • To allow you to view your chat history and share chats with others
  • To send you transactional emails (e.g., email verification, password reset)
  • To diagnose errors and improve the quality of the service
  • To comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for targeted advertising.

3. AI Providers and Third-Party Services

To generate chess tutoring responses, your messages and chess positions are sent to one or more of the following AI providers depending on the model you select:

We also use the following services to operate the platform:

  • Supabase — user authentication, database storage, and file storage (supabase.com/privacy)
  • Google OAuth — if you choose to sign in with Google
  • Payment processor — for handling subscription payments securely

Each provider processes data under their own privacy policy. We only share the minimum information necessary for each provider to perform their function.

4. Cookies and Session Data

We use a session cookie to keep you logged in between page visits. This cookie contains an authentication token — no personally identifiable information is stored in the cookie itself.

We do not use advertising cookies or third-party tracking pixels. You can clear cookies in your browser settings at any time; doing so will sign you out.

5. Data Sharing

We share your data only in the following circumstances:

  • AI providers — your messages and chess positions are sent to whichever AI model you select, as described in Section 3.
  • Supabase — all account data, chats, and files are stored on Supabase infrastructure.
  • Shared chats — if you use the Share feature, the shared chat is accessible to anyone with the link.
  • Legal requirements — if required by law, court order, or to protect the rights and safety of our users or the public.
  • Business transfers — if MyChessGPT is acquired or merged, your data may be transferred as part of that transaction. We will notify you beforehand.

6. Data Retention

We retain your account data and chat history for as long as your account is active. If you delete your account, your personal data and chats are permanently deleted from our systems within 30 days, subject to any legal obligations to retain certain records.

You can delete your account at any time from your profile settings page.

7. Security

We take reasonable technical and organisational measures to protect your data, including:

  • Passwords stored as bcrypt hashes (never in plain text)
  • Data in transit encrypted via HTTPS/TLS
  • Database access restricted via Row Level Security (RLS) policies
  • Service-role credentials never exposed to the client

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access — request a copy of the personal data we hold about you
  • Correction — update your display name or profile picture at any time from your profile settings
  • Deletion — delete your account and all associated data from your profile settings, or by contacting us
  • Portability — request your chat history in a structured format
  • Objection — object to certain types of processing where we rely on legitimate interest
  • Withdraw consent — you may stop using the service at any time

To exercise any of these rights, email us at support@mychessgpt.com. We will respond within 30 days.

9. GDPR (European Users)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

  • Contract performance — to provide the MyChessGPT service you signed up for
  • Legitimate interests — to improve the service and prevent abuse
  • Legal obligation — where required by applicable law
  • Consent — for any optional communications you opt into

You have the right to lodge a complaint with your local data protection authority (e.g. the ICO in the UK, or the relevant supervisory authority in your EU member state).

10. Children's Privacy

MyChessGPT is not directed at children under the age of 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has created an account, please contact us at support@mychessgpt.com and we will promptly delete the account.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For significant changes, we will notify you by email or via a notice on the site. Your continued use of MyChessGPT after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at: support@mychessgpt.com