We log what we need.
Nothing more.

1. 01

   Overview

   MistyWisp is a vanilla Rust dedicated server operated by individuals, not a company. We collect the minimum data needed to run the server, keep it secure, and enforce the rules. We do not sell, rent, or share data with advertisers.

2. 02

   What we collect

   Two surfaces collect data: the website (this page) and the game server (RustDedicated). They are separate systems and the website never receives anything that could identify you in-game.

   Website access logs (nginx + FastAPI)

   IP address, user-agent, requested URL, response status, timestamp, request ID. Stored on the server filesystem.

   Game server logs (Rust)

   Steam ID, in-game name, IP, ping, chat messages, kills, deaths, build / decay events. Standard Facepunch retail logging.

   Ban records

   Steam ID, reason, issuing admin, issued-at and expires-at timestamps. Used to enforce the rules across wipes.

   Local storage on your device

   A consent key, mistywisp.consent.v1, recording your analytics choice. If you accept analytics, Google Analytics additionally sets its own cookies (_ga, _gid); decline and none of those are set.

3. 03

   Why

   Every category of data above maps to a specific operational need. We never use any of it for marketing or ad profiling. Site analytics are a separate, optional, consent-gated thing — see section 04.

   Security

   IP-based rate limiting, brute-force detection, anti-DDoS triage.

   Rule enforcement

   Investigating reports, supporting bans, defending appeals with evidence.

   Service operation

   Routing, debugging, capacity planning. The website backend uses request IDs to trace a single request end-to-end when something fails.

4. 04

   Cookies & local storage

   MistyWisp uses Google Analytics (GA4) to understand site traffic — but only if you accept the consent prompt. Until you accept, no GA script loads and no GA cookie is set. If you accept, Google Analytics sets cookies (_ga, _gid) and processes your usage data. If you decline, only one first-party key (mistywisp.consent.v1) is stored, just to remember your choice. We never set advertising cookies, and you can change your choice any time using the control at the bottom of this page.

5. 05

   Retention

   We keep data for as long as the operational reason requires it, and no longer.

   Website access logs

   30 days, then rotated and deleted.

   Game server logs

   Rolled at every wipe (max ~30 days).

   Ban records

   Indefinite. Active bans are required forever.

   Backups

   28 days for daily snapshots, 6 months for monthly.

6. 06

   Sharing

   We share data with third parties only in these cases: (a) if you opt in to analytics, your site usage is processed by Google (Google Analytics) under their terms, (b) we honour valid legal requests from a competent authority, (c) we may share Steam IDs of confirmed cheaters with EAC and other vanilla communities so cheaters can't simply migrate. We never share IP addresses or chat logs outside the admin team.

7. 07

   Your rights (EU / UK)

   If you're in the EU or UK, GDPR and UK GDPR give you specific rights over your personal data. We honour all of them within 30 days.

   Access

   Get a copy of what we hold on your Steam ID or IP.

   Correction

   Ask us to fix incorrect records (e.g. a wrong ban reason).

   Deletion

   Erase your data, except active ban records and security logs.

   Objection

   Push back on processing — we'll explain or stop.

8. 08

   Contact

   All privacy requests go through the MistyWisp Discord ticket system. Replies are written, not in voice. If Discord is unavailable, leave a request in the in-game F7 report system with subject GDPR and an admin will reach out.

This notice is informational and written in plain English on purpose. It is not a contract. By using MistyWisp you agree to processing as described above; if you disagree, do not use the server. Changes will be reflected here with a new "Last updated" date.