OverlayGG Privacy Policy
Effective date: [Fill in the date you first publish this page on overlaygg.com] Last updated: [Same as effective date until revised]
OverlayGG ("OverlayGG", "we", "us", or "our") is operated by Overlay Game Guides LLC, a California limited liability company headquartered in Los Angeles County, California. This Privacy Policy explains what information we collect when you use the OverlayGG desktop application or visit overlaygg.com, why we collect it, how we use it, and the choices you have.
If you have any questions about this policy, contact us at support@overlaygg.com.
1. Who this applies to
This policy covers everyone who:
- Downloads, installs, or runs the OverlayGG desktop application on Windows, whether obtained through Steam or directly;
- Creates an OverlayGG account using an email address, or signs in with Steam; or
- Visits overlaygg.com.
2. Information we collect
We collect only the information needed to operate OverlayGG. We do not sell your data.
2.1 Information you provide
| What | When | Why |
|---|---|---|
| Email address | When you create an account with email + password | To identify your account and send you essential transactional messages (e.g. password reset, if added in the future) |
| Password (hashed) | When you create or change your password | We never store passwords in plain text — we hash them with bcrypt before saving |
| Steam ID, Steam display name, Steam avatar | When you sign in with Steam | To identify your account and link OverlayGG to the Steam license you purchased |
| Personal notes, favorites, settings | When you use those features inside the app | To sync your data across devices and preserve it across reinstalls |
2.2 Information collected automatically
| What | Why |
|---|---|
| Session cookies (signed, HTTP-only) | To keep you signed in between launches of the app |
| IP address (transient, in server logs) | For abuse prevention, rate limiting, and security |
| Search queries that returned no results ("missed searches") | To prioritize which guides to add next. Stored with your user ID for de-duplication, but never used to profile or advertise to you. |
2.3 Information we do not collect
- Game files, save files, or any data from the games you play
- Screen captures or screenshots of your computer
- Keystrokes outside of the OverlayGG window
- Content from other applications running on your computer
- Browsing history outside of OverlayGG
- Precise location, contacts, or any device identifiers
- Voice recordings (the optional voice-search feature uses your browser's built-in Web Speech API; the audio is processed locally by your browser/operating system and never reaches our servers)
- Any tracking or advertising cookies
We have no third-party advertising trackers, no Google Analytics, no Facebook Pixel, and no marketing automation tags on overlaygg.com or in the desktop app.
3. How we use your information
We use the information we collect for the following purposes only:
- To run the app — verifying your account, gating access to paid features, syncing your favorites/notes/settings between sessions and devices.
- To improve the catalog — analyzing which guides are missing (via missed-search logs) so we can add them.
- To prevent abuse — rate limiting sign-in attempts, detecting and blocking automated scraping or brute-force attacks.
- To respond to support requests — when you email us, we use your email address to reply to you.
We do not use your information to train AI models, build advertising profiles, or sell to third parties.
4. Service providers we use
OverlayGG is built on a small number of third-party services. The information shared with each is listed below.
| Provider | What they do | What they receive |
|---|---|---|
| Steam (Valve Corporation) | Distribution, payments, identity (when you sign in with Steam) | Your Steam transaction record (Valve's, not ours), and your Steam ID + display name + avatar when you sign in via Steam |
| Neon (Database hosting) | Hosts our PostgreSQL database | All account data listed in section 2.1 |
| Replit (Application hosting) | Hosts the OverlayGG backend server | API request logs (IP, timestamp, endpoint) — typical web-server access logs |
We do not currently use email-sending providers, analytics providers, advertising networks, or customer-relationship-management tools.
(We use various developer tools internally to write guide content, but those tools never receive any user data — they operate on public information only and are not part of the Service that handles your account.)
5. Cookies and similar technologies
OverlayGG uses one cookie:
overlaygg_session— a signed, HTTP-only session cookie that keeps you signed in. It contains a random session identifier and is deleted when you sign out. This cookie is strictly necessary for the application to function and is exempt from consent requirements under EU/UK ePrivacy rules.
We do not use advertising cookies, third-party tracking cookies, web beacons, fingerprinting, or local storage for tracking purposes. (Local storage is used only for in-app preferences such as the "Don't show this warning again" toggle, and is stored only in your browser/device.)
6. Data retention
- Account data (email, hashed password, Steam ID, settings, favorites, notes): kept for as long as your account exists. Deleted within 30 days of an account-deletion request (see section 7).
- Server access logs: kept for up to 90 days for security and abuse-prevention purposes, then deleted.
- Missed-search logs: kept indefinitely in aggregate form (the search query is stored without identifying you in the aggregate report). Per-user records are deleted with your account.
7. Your rights
Depending on where you live, you have the following rights with respect to your personal information:
- Access — request a copy of the personal information we hold about you.
- Correction — request that we correct inaccurate information.
- Deletion — request that we delete your personal information ("right to be forgotten" / "right to deletion").
- Portability — request a machine-readable copy of your data.
- Objection / restriction — object to certain types of processing or ask us to restrict it.
- Withdraw consent — where we rely on consent (we currently do not, beyond what's required to use the app), you can withdraw it.
To exercise any of these rights, email support@overlaygg.com from the email address associated with your account, or include your Steam ID if you signed in with Steam. We will respond within 30 days.
We do not discriminate against users who exercise their privacy rights.
7.1 Specific notes for EU/UK residents (GDPR / UK GDPR)
- The legal basis for processing your account data is performance of a contract (operating the app you signed up for).
- The legal basis for security logging and rate limiting is legitimate interest (preventing abuse).
- We do not transfer data outside the EU/UK except to our hosting providers (Neon and Replit), both of which are based in the United States. Where required, we rely on Standard Contractual Clauses for any such transfers.
- You have the right to lodge a complaint with your local data-protection authority.
7.2 Specific notes for California residents (CCPA / CPRA)
- We do not "sell" or "share" personal information as those terms are defined under the CCPA/CPRA.
- The categories of personal information we collect are listed in section 2.
- You may exercise your CCPA rights by emailing support@overlaygg.com.
8. Children's privacy
OverlayGG is not directed to children under 13 (or under 16 in the EU/UK), and we do not knowingly collect personal information from anyone in those age ranges. If you believe a child has created an account, contact us and we will delete the account.
9. Security
We protect your information using:
- HTTPS everywhere (TLS in transit)
- Bcrypt-hashed passwords (never stored in plain text)
- Signed, HTTP-only session cookies
- Server-side rate limiting on sign-in and signup
- Database access restricted to a small number of authorized people
No system is perfectly secure. If we ever experience a breach that affects your information, we will notify you and the appropriate regulators as required by law.
10. Changes to this policy
If we make material changes to this Privacy Policy, we will update the "Last updated" date at the top, and — for users who have provided an email address — send a one-time notice to that email. Continued use of OverlayGG after changes take effect means you accept the updated policy.
11. How to contact us
Overlay Game Guides LLC Email: support@overlaygg.com Subject line: "Privacy" (so we can prioritize)
For data-deletion requests, please use the subject line "Account deletion request".