GTOSense.tournament

Privacy Policy

Effective May 13, 2026

The short version

GTOSense is a poker training app. We collect the minimum data needed to make it work: your email if you create an account, your training stats, a hashed fingerprint of your browser/IP so we can enforce the daily free-tier quota, and standard server logs. We don't sell your data, we don't use it for advertising, and we don't share it with third parties beyond the infrastructure providers listed below.

What we collect

Account data (only if you sign up)

  • Email address
  • Password (hashed; we never see your plaintext password)
  • Optional handle / screen name
  • Account creation date and subscription status

Usage data

  • Aggregate training stats (hands played, accuracy, EV delta)
  • Best scores per lesson, when you reach Pro lessons
  • Last sign-in time

Free-tier quota data (everyone, including anonymous users)

  • A SHA-256 hash of your IP address combined with a browser fingerprint and a server-side salt
  • Daily hand count, reset at midnight UTC

We never store your raw IP. The fingerprint is computed in your browser before being hashed and stored, and we cannot reverse it back to your identity. We delete quota rows older than 30 days.

Server logs (operational, retained briefly)

  • HTTP request paths and response codes
  • Country-level geolocation
  • User-agent strings

These are kept for up to 30 days for debugging and abuse prevention.

Who we share data with

We use the following infrastructure providers. Each receives only the data needed to deliver their service.

  • Supabase - account storage, authentication, session management, training stats. Data centers in the United States.
  • Vercel (when deployed) - serves the website and runs the API routes. May log request metadata.
  • Stripe (once subscriptions launch) - payment processing. We never store card numbers; Stripe handles all of it.
  • PostHog (when enabled) - product analytics. Anonymous event tracking; no PII forwarded.

We do not sell or rent your data. We do not run third-party advertising trackers.

Cookies

We set essential cookies for authentication (Supabase session tokens) and to remember your appearance preferences. We do not use tracking cookies for advertising.

Your rights

You can:

  • Access your data via your /account page
  • Delete your account and all associated data from /account at any time
  • Email us at privacy@gtosense.com to request a copy of everything we hold about you, or to ask questions about this policy

If you are in the EU, UK, or California: GDPR / CCPA give you the right to access, correct, or delete your data, and to lodge a complaint with your local data-protection authority.

Children

GTOSense is a poker training product and is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe we have, email privacy@gtosense.com and we'll delete it immediately.

Changes to this policy

We'll bump the effective date at the top whenever this policy changes substantively, and email registered users for material changes that affect their data.

Contact

Questions about privacy or data? Email privacy@gtosense.com.