CommonGrove BETA

Legal

Privacy Policy

Plain English. We respect your data and your right to understand what happens to it.

Effective: when your account is created · Beta — may change as the platform develops

What is CommonGrove?

CommonGrove is a closed, private platform for introverts and gamers to find genuine friendships — no ads, no bots, no public profiles. It is operated by Coldev Enterprises.

Nothing on CommonGrove is visible to people who are not logged in. This policy explains what data we collect when you use it and how that data is handled.

What we collect

Account information

Your gamertag, display name (if you set one), email address, and a hashed copy of your password. We never store your password in plain text — it is hashed using Argon2id before being saved.

Profile information

Your avatar, bio, interests and tags you have selected, identity mode setting, and any preferences you configure.

Activity

Rooms you join or create, hangout posts you publish, messages you send and receive, and interactions with other users.

Reports

Problem reports or safety reports you submit, including any context you provide.

Date of birth

Your date of birth is collected during registration. We use it to verify that you meet the minimum age requirement (18 years old) and for optional account features. Your date of birth is never displayed on your profile and is not visible to other users.

Technical data

IP address, browser type, device type, timestamps, and session data. This is collected automatically as part of operating any web service and is used for security and debugging.

How we use it

We use your data to:

  • Operate the platform — authentication, rooms, messaging, profiles.
  • Match you with relevant rooms and hangout posts based on your interests and tags.
  • Verify that you meet the minimum age requirement of 18 years old.
  • Enable optional account features tied to your date of birth.
  • Moderate the community and respond to safety reports.
  • Investigate and fix bugs.
  • Detect and prevent abuse, spam, and bots.

What we don't do

  • We do not sell your personal data. Not to advertisers, not to data brokers, not to anyone.
  • There is no advertising on CommonGrove. No ad targeting, no tracking pixels, no behavioural profiling for commercial purposes.
  • Your data is not shared with third parties beyond the infrastructure providers described below, or where legally required.
  • Your date of birth is never made public. It is not shown on your profile and is not visible to other users. CommonGrove is an 18+ community and does not allow accounts for users under 18.

Message retention

Messages in persistent rooms are stored for approximately 14 days, after which older messages may be removed automatically. You should not rely on CommonGrove as long-term message storage.

Hangout posts expire after 6 hours by design — that is intentional and part of how the feature works.

Direct messages are stored as long as the conversation exists. If you delete your account, your messages will be removed or anonymised.

Moderation logs may retain message content for longer periods where there is a legitimate safety or review reason to do so.

Reports

When you submit a problem report or safety report, its contents — including any related user, room, message context, or screenshot — are reviewed by the site administrator. Reports are never shown to the user being reported.

Reports may be retained as part of a moderation record. If a report leads to action against an account, a summary of the evidence is kept in case it is needed for review.

Third-party services

Cloudflare

CommonGrove uses Cloudflare for DDoS protection, DNS, and network routing. Cloudflare may process your IP address and request data. Cloudflare has its own privacy policy.

Server infrastructure

The platform runs on third-party server infrastructure. These providers process data only as needed to host and operate the service, under data processing agreements.

Email provider

Your email address is shared with a transactional email provider solely to send verification emails and password reset links. It is not used for marketing.

Payment provider (future)

If supporter subscriptions are introduced, payment processing will be handled by a third-party provider. CommonGrove will not store your card details. We'll update this policy before that feature launches.

Data security

Passwords are stored using Argon2id, a strong one-way hashing algorithm. They are never readable by anyone, including the site owner. Sessions use secure, HTTP-only cookies with strict same-site settings.

Reasonable technical measures are in place to protect your data. That said, no online system is perfectly secure. If you suspect your account has been compromised, please contact us immediately via the Report a problem page.

Beta notice

CommonGrove is in beta. Features, data practices, and this policy may evolve as the platform develops. If something significant changes, you'll be notified within the app.

Using CommonGrove during beta means you accept that some things are still being built and refined.

Account deletion & contact

You can request account deletion or ask any question about your data by using the Report a problem page. Requests are handled personally by the site administrator.

Deleted accounts are soft-deleted initially rather than immediately wiped. If you want your data fully removed, say so in your request and it will be done.

CommonGrove · Coldev Enterprises · Logo by AC Creative · Contact