Data Practices

Privacy Policy

This policy explains what Mudhaven collects, why it is used, and the choices available to members.

Effective
July 15, 2026
Mudhaven aims to collect what is needed to operate accounts, moderation, security, and hosting without selling personal information.
01

Information collected

Mudhaven receives information you provide and limited operational information generated while you use the service.

  • Account username, email address, password hash, verification state, and account-security status.
  • World listings, hosting requests, resources, uploaded files, contact details, and staff communications.
  • Hosting configuration, runtime status, build and runtime logs, resource usage, database and website identifiers, and project timelines.
  • IP addresses, request metadata, login attempts, security events, moderation actions, and audit records.
02

How information is used

Information is used to authenticate accounts, review submissions, provision and operate hosting, send transactional email, diagnose failures, enforce limits, investigate abuse, secure the platform, and comply with valid legal obligations.

03

Sessions and cookies

Mudhaven uses first-party session, CSRF-protection, and remember-login cookies required for account security and signed-in features. The current service does not use third-party advertising cookies. Browser or server logs may record normal request metadata.

04

Sharing and disclosure

Mudhaven does not sell personal information. Information may be shared with infrastructure, email, security, or backup providers only as needed to operate the service; with staff who need it for support and moderation; or when reasonably necessary to respond to valid legal process, prevent harm, or protect rights and systems. Public listings and approved resources display the information you choose to publish.

05

Retention and deletion

Active account and hosting records are kept while needed to provide the service. Deleted submissions, projects, or accounts may remain temporarily in backups, logs, abuse records, or audit history. Security and moderation records may be retained longer when needed to prevent repeat abuse, resolve disputes, or meet legal obligations.

06

Security

Mudhaven uses measures such as HTTPS, password hashing, email verification, rate limits, access controls, upload validation, process limits, audit logging, and restricted server permissions. No internet service can guarantee absolute security, so members should keep independent backups and report suspected compromise.

07

Your choices

Members may update eligible submissions, remove notifications, request account or hosting deletion, and contact Mudhaven about access or correction questions. Some records cannot be immediately removed when they are needed for security, legal compliance, billing-free service integrity, or backup recovery cycles.

08

Children

Mudhaven is not directed to children under 13 and does not knowingly collect personal information from them. Contact Mudhaven if you believe a child has provided personal information so the situation can be reviewed.

Questions or notices

contact@mudhaven.net
Contact Mudhaven