LEADR

Privacy Policy


Last updated: February 2026

This policy explains what data we collect, why, and what we do with it. We've kept it short and readable on purpose.

LEADR is operated by Barney Jackson, a sole trader (autónomo) registered in Andalucía, Spain.

The short version

We collect the absolute minimum data needed to run the service. We don't sell it, we don't use it for advertising, and we don't track you with cookies. Player data is pseudonymous by design and scoped to individual games. All data is stored in the EU.

Who this policy covers

LEADR serves two groups of people, and we handle their data differently.

Developers are people who create an account to use the LEADR API and app. You are a direct customer with a direct relationship to us.

Players are end-users of games that use LEADR. We process player data on behalf of developers. In legal terms, the game developer is the data controller for their players' data, and LEADR is the data processor.

What we collect from developers

When you sign up and use LEADR, we collect:

  • Email address — used for authentication, account recovery, and service communications.

  • Display name — this can be anything you choose; it doesn't need to be your legal name.

  • IP address — appears in API access logs for security and debugging purposes. Logs are retained for 90 days, then automatically deleted.

  • Billing information — collected and handled entirely by our merchant of record, Paddle. We never see or store your payment details.

We also collect anonymous usage analytics through Umami, a privacy-focused analytics tool. These analytics contain no cookies or personal identifiers.

What we collect from players

When a game uses the LEADR API, we may process the following player data:

  • Scores and associated metadata — including an optional name field set by the game. This may or may not be personally identifying, depending on what the developer chooses to submit.

  • IP address — processed in real time to extract approximate location (city, region, timezone), then discarded. We do not store raw player IP addresses beyond what appears in API access logs (retained for 90 days).

  • Client fingerprint — generated on the player's device to identify repeat requests from the same client. This fingerprint is not reversible to any personal information.

All player data is scoped to the individual game that created it. We do not track, profile, or link players across different games.

What we don't do

We want to be explicit about this:

  • We never sell your data or email address to anyone.

  • We don't use cookies for tracking or marketing. The LEADR websites and app set no cookies at all.

  • We don't share data with advertisers.

  • We don't profile players across games. Each game's data is isolated by design.

Where we store your data

All data is stored on servers in Germany, hosted by Hetzner. All third-party services we use for processing data are hosted in the EU.

Self-hosted installations

If you run leadr-oss (our open-source package) on your own infrastructure, we collect nothing. No telemetry, no analytics, no phone-home requests. Your data stays entirely on your servers.

Third-party services

We use the following services to operate LEADR. Each processes some data on our behalf:

  • Paddle

    • Purpose: Payments and billing (merchant of record)

    • Data region: Process data outside of the EU, fully compliant with EU law & GDPR

  • Mailgun

    • Purpose: Transactional email

    • Data region: EU

  • Framer

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • Vercel

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • BetterStack

    • Purpose: Logging, metrics, and error tracking

    • Data region: EU

  • Neon

    • Purpose: Database hosting

    • Data region: EU (Germany)

  • Umami

    • Purpose: Privacy-focused web analytics

    • Data region: EU

None of these services receive data beyond what is necessary for their stated purpose.

Cookies

We don't use any. No tracking cookies, no analytics cookies, no marketing cookies, no cookie banners. The app uses API-key-based authentication without cookies.

Data retention and deletion

Developer accounts: If you delete your account, we retain your data for 30 days in case of accidental deletion, then permanently purge all personal information. Anonymous or aggregated data (such as usage statistics) may be retained.

Game and player data: When a developer deletes a game, all associated player data is retained for 30 days, then permanently deleted. Developers can also request immediate deletion of specific game data at any time. When a developer account is deleted, all their games follow the same process.

API access logs: Logs containing IP addresses are retained for 90 days for operational and security purposes, then deleted.

Children's privacy

LEADR does not knowingly collect personal information from children under 16. Developer accounts require users to be at least 16 years old.

Regarding players: because LEADR processes only pseudonymous, game-scoped data (with no player accounts, emails, or persistent personal identifiers), our data collection is minimal by design. However, game developers using LEADR are responsible for ensuring their own games comply with applicable age-related regulations, including GDPR and COPPA, in how they collect and submit data to our API.

Your rights

Regardless of where you live, we believe you should have control over your data. You have the right to:

  • Access your personal data and request a copy of it.

  • Correct any information you believe is inaccurate or incomplete.

  • Delete your personal data. We will comply within 30 days.

  • Restrict or object to how we process your data.

  • Export your data in a portable format.

These rights align with the EU General Data Protection Regulation (GDPR), which we comply with as an EU-based service. We extend these rights to all users regardless of location.

To exercise any of these rights, email us at privacy@leadr.gg. We will respond within 30 days.

Changes to this policy

If we make material changes to this policy, we will notify affected users by email before the changes take effect. Minor clarifications or formatting changes may be made without notice.

You can always find the current version of this policy at leadr.gg/privacy.

Contact

For any questions about this policy or your data:

Email: privacy@leadr.gg

Privacy Policy


Last updated: February 2026

This policy explains what data we collect, why, and what we do with it. We've kept it short and readable on purpose.

LEADR is operated by Barney Jackson, a sole trader (autónomo) registered in Andalucía, Spain.

The short version

We collect the absolute minimum data needed to run the service. We don't sell it, we don't use it for advertising, and we don't track you with cookies. Player data is pseudonymous by design and scoped to individual games. All data is stored in the EU.

Who this policy covers

LEADR serves two groups of people, and we handle their data differently.

Developers are people who create an account to use the LEADR API and app. You are a direct customer with a direct relationship to us.

Players are end-users of games that use LEADR. We process player data on behalf of developers. In legal terms, the game developer is the data controller for their players' data, and LEADR is the data processor.

What we collect from developers

When you sign up and use LEADR, we collect:

  • Email address — used for authentication, account recovery, and service communications.

  • Display name — this can be anything you choose; it doesn't need to be your legal name.

  • IP address — appears in API access logs for security and debugging purposes. Logs are retained for 90 days, then automatically deleted.

  • Billing information — collected and handled entirely by our merchant of record, Paddle. We never see or store your payment details.

We also collect anonymous usage analytics through Umami, a privacy-focused analytics tool. These analytics contain no cookies or personal identifiers.

What we collect from players

When a game uses the LEADR API, we may process the following player data:

  • Scores and associated metadata — including an optional name field set by the game. This may or may not be personally identifying, depending on what the developer chooses to submit.

  • IP address — processed in real time to extract approximate location (city, region, timezone), then discarded. We do not store raw player IP addresses beyond what appears in API access logs (retained for 90 days).

  • Client fingerprint — generated on the player's device to identify repeat requests from the same client. This fingerprint is not reversible to any personal information.

All player data is scoped to the individual game that created it. We do not track, profile, or link players across different games.

What we don't do

We want to be explicit about this:

  • We never sell your data or email address to anyone.

  • We don't use cookies for tracking or marketing. The LEADR websites and app set no cookies at all.

  • We don't share data with advertisers.

  • We don't profile players across games. Each game's data is isolated by design.

Where we store your data

All data is stored on servers in Germany, hosted by Hetzner. All third-party services we use for processing data are hosted in the EU.

Self-hosted installations

If you run leadr-oss (our open-source package) on your own infrastructure, we collect nothing. No telemetry, no analytics, no phone-home requests. Your data stays entirely on your servers.

Third-party services

We use the following services to operate LEADR. Each processes some data on our behalf:

  • Paddle

    • Purpose: Payments and billing (merchant of record)

    • Data region: Process data outside of the EU, fully compliant with EU law & GDPR

  • Mailgun

    • Purpose: Transactional email

    • Data region: EU

  • Framer

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • Vercel

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • BetterStack

    • Purpose: Logging, metrics, and error tracking

    • Data region: EU

  • Neon

    • Purpose: Database hosting

    • Data region: EU (Germany)

  • Umami

    • Purpose: Privacy-focused web analytics

    • Data region: EU

None of these services receive data beyond what is necessary for their stated purpose.

Cookies

We don't use any. No tracking cookies, no analytics cookies, no marketing cookies, no cookie banners. The app uses API-key-based authentication without cookies.

Data retention and deletion

Developer accounts: If you delete your account, we retain your data for 30 days in case of accidental deletion, then permanently purge all personal information. Anonymous or aggregated data (such as usage statistics) may be retained.

Game and player data: When a developer deletes a game, all associated player data is retained for 30 days, then permanently deleted. Developers can also request immediate deletion of specific game data at any time. When a developer account is deleted, all their games follow the same process.

API access logs: Logs containing IP addresses are retained for 90 days for operational and security purposes, then deleted.

Children's privacy

LEADR does not knowingly collect personal information from children under 16. Developer accounts require users to be at least 16 years old.

Regarding players: because LEADR processes only pseudonymous, game-scoped data (with no player accounts, emails, or persistent personal identifiers), our data collection is minimal by design. However, game developers using LEADR are responsible for ensuring their own games comply with applicable age-related regulations, including GDPR and COPPA, in how they collect and submit data to our API.

Your rights

Regardless of where you live, we believe you should have control over your data. You have the right to:

  • Access your personal data and request a copy of it.

  • Correct any information you believe is inaccurate or incomplete.

  • Delete your personal data. We will comply within 30 days.

  • Restrict or object to how we process your data.

  • Export your data in a portable format.

These rights align with the EU General Data Protection Regulation (GDPR), which we comply with as an EU-based service. We extend these rights to all users regardless of location.

To exercise any of these rights, email us at privacy@leadr.gg. We will respond within 30 days.

Changes to this policy

If we make material changes to this policy, we will notify affected users by email before the changes take effect. Minor clarifications or formatting changes may be made without notice.

You can always find the current version of this policy at leadr.gg/privacy.

Contact

For any questions about this policy or your data:

Email: privacy@leadr.gg

Privacy Policy


Last updated: February 2026

This policy explains what data we collect, why, and what we do with it. We've kept it short and readable on purpose.

LEADR is operated by Barney Jackson, a sole trader (autónomo) registered in Andalucía, Spain.

The short version

We collect the absolute minimum data needed to run the service. We don't sell it, we don't use it for advertising, and we don't track you with cookies. Player data is pseudonymous by design and scoped to individual games. All data is stored in the EU.

Who this policy covers

LEADR serves two groups of people, and we handle their data differently.

Developers are people who create an account to use the LEADR API and app. You are a direct customer with a direct relationship to us.

Players are end-users of games that use LEADR. We process player data on behalf of developers. In legal terms, the game developer is the data controller for their players' data, and LEADR is the data processor.

What we collect from developers

When you sign up and use LEADR, we collect:

  • Email address — used for authentication, account recovery, and service communications.

  • Display name — this can be anything you choose; it doesn't need to be your legal name.

  • IP address — appears in API access logs for security and debugging purposes. Logs are retained for 90 days, then automatically deleted.

  • Billing information — collected and handled entirely by our merchant of record, Paddle. We never see or store your payment details.

We also collect anonymous usage analytics through Umami, a privacy-focused analytics tool. These analytics contain no cookies or personal identifiers.

What we collect from players

When a game uses the LEADR API, we may process the following player data:

  • Scores and associated metadata — including an optional name field set by the game. This may or may not be personally identifying, depending on what the developer chooses to submit.

  • IP address — processed in real time to extract approximate location (city, region, timezone), then discarded. We do not store raw player IP addresses beyond what appears in API access logs (retained for 90 days).

  • Client fingerprint — generated on the player's device to identify repeat requests from the same client. This fingerprint is not reversible to any personal information.

All player data is scoped to the individual game that created it. We do not track, profile, or link players across different games.

What we don't do

We want to be explicit about this:

  • We never sell your data or email address to anyone.

  • We don't use cookies for tracking or marketing. The LEADR websites and app set no cookies at all.

  • We don't share data with advertisers.

  • We don't profile players across games. Each game's data is isolated by design.

Where we store your data

All data is stored on servers in Germany, hosted by Hetzner. All third-party services we use for processing data are hosted in the EU.

Self-hosted installations

If you run leadr-oss (our open-source package) on your own infrastructure, we collect nothing. No telemetry, no analytics, no phone-home requests. Your data stays entirely on your servers.

Third-party services

We use the following services to operate LEADR. Each processes some data on our behalf:

  • Paddle

    • Purpose: Payments and billing (merchant of record)

    • Data region: Process data outside of the EU, fully compliant with EU law & GDPR

  • Mailgun

    • Purpose: Transactional email

    • Data region: EU

  • Framer

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • Vercel

    • Purpose: Website hosting and CDN

    • Data region: EU/Global edge

  • BetterStack

    • Purpose: Logging, metrics, and error tracking

    • Data region: EU

  • Neon

    • Purpose: Database hosting

    • Data region: EU (Germany)

  • Umami

    • Purpose: Privacy-focused web analytics

    • Data region: EU

None of these services receive data beyond what is necessary for their stated purpose.

Cookies

We don't use any. No tracking cookies, no analytics cookies, no marketing cookies, no cookie banners. The app uses API-key-based authentication without cookies.

Data retention and deletion

Developer accounts: If you delete your account, we retain your data for 30 days in case of accidental deletion, then permanently purge all personal information. Anonymous or aggregated data (such as usage statistics) may be retained.

Game and player data: When a developer deletes a game, all associated player data is retained for 30 days, then permanently deleted. Developers can also request immediate deletion of specific game data at any time. When a developer account is deleted, all their games follow the same process.

API access logs: Logs containing IP addresses are retained for 90 days for operational and security purposes, then deleted.

Children's privacy

LEADR does not knowingly collect personal information from children under 16. Developer accounts require users to be at least 16 years old.

Regarding players: because LEADR processes only pseudonymous, game-scoped data (with no player accounts, emails, or persistent personal identifiers), our data collection is minimal by design. However, game developers using LEADR are responsible for ensuring their own games comply with applicable age-related regulations, including GDPR and COPPA, in how they collect and submit data to our API.

Your rights

Regardless of where you live, we believe you should have control over your data. You have the right to:

  • Access your personal data and request a copy of it.

  • Correct any information you believe is inaccurate or incomplete.

  • Delete your personal data. We will comply within 30 days.

  • Restrict or object to how we process your data.

  • Export your data in a portable format.

These rights align with the EU General Data Protection Regulation (GDPR), which we comply with as an EU-based service. We extend these rights to all users regardless of location.

To exercise any of these rights, email us at privacy@leadr.gg. We will respond within 30 days.

Changes to this policy

If we make material changes to this policy, we will notify affected users by email before the changes take effect. Minor clarifications or formatting changes may be made without notice.

You can always find the current version of this policy at leadr.gg/privacy.

Contact

For any questions about this policy or your data:

Email: privacy@leadr.gg