Privacy Policy

Last updated 2026-05-30.

Short version, in plain English: We collect the minimum information needed to run an admin panel for your Rust servers. We do not store your payment card number — PayPal handles that. We do not sell or share your data with advertisers, data brokers, or any third party for marketing. Ever.

1. What we collect
  • Account info — email address, display name, password hash (bcrypt; we cannot read it).
  • Workspace data — your workspace name, server names + IPs, RCON ports, the player records / bans / detections / audit entries you create while using the panel.
  • RCON credentials — the RCON password you add for each server is stored so the panel can connect on your behalf. We never transmit it to a third party.
  • Operational logs — request logs (IP, timestamp, URL) kept short-term for security, abuse-prevention, and debugging.
  • Visit analytics — coarse aggregated counts (one visit per IP per day) on the public marketing page. No third-party trackers, no cookies for analytics.
2. What we do NOT collect or store
  • Payment card numbers, CVCs, or full card details — these are submitted directly to PayPal and never touch our servers. We receive only a PayPal subscription ID + payer ID for display in your billing panel.
  • Government IDs, addresses, phone numbers, or birth dates — we never ask for these.
  • Advertising or behavioral profiling data — none. There are no third-party ad pixels, Facebook pixels, or Google Analytics on Dream Mix Watcher.
3. Who we share data with

We share strictly what is required to deliver the Service:

  • PayPal — billing details necessary to process your subscription.
  • Steam Web API (when enabled) — public Steam IDs you ask us to enrich.
  • proxycheck.io (when enabled) — player IP addresses you ask us to risk-score.
  • Your own webhooks (Discord, custom endpoints) — only the events you configure us to send.

That's the entire list. We do not sell your data. We do not share it with advertisers. We do not let third-party data brokers buy access to it.

4. Cookies

We use a single first-party session cookie to keep you signed in. There are no analytics, advertising, or tracking cookies on any page of the Service.

5. How we secure it

Passwords are hashed with bcrypt. RCON connections use the server-side WebSocket handshake supplied by Facepunch. The application enforces role-based access inside each workspace and writes an audit entry for every administrative action. We patch promptly when upstream dependencies issue security advisories.

6. Your rights

You can export your workspace data on request, correct or delete your account information through the Settings page, or ask us to permanently erase all data tied to your account. We honour requests within 30 days. EU/UK users have GDPR rights to access, rectify, erase, restrict, and port their data — same email address handles all of these.

7. Data retention

Active workspace data is kept for as long as your account is active. After deletion, backups containing your data are purged within 30 days. Audit logs may be retained for up to 12 months for security and dispute resolution.

8. Children

Dream Mix Watcher is not directed at children under 13. We do not knowingly collect data from anyone under that age. If you believe a child has created an account, contact support and we will remove the account.

9. Changes

If we make material changes to this Privacy Policy we will notify workspace owners by email and via an in-app banner. The "last updated" date is shown below.

Last updated: Dream Mix Watcher 2026-05-30

← Back to home