Privacy Policy

Last updated: 2016-09-21

As with most online services, you trust us with your data when you use our website. This privacy policy is here to help you understand what information we collect, how we store it and what we do with it. If you have any questions or concerns about this policy or your data in general, email us at [email protected] and we'll get back to you as soon as possible.

We aim to be as transparent as possible. To that end, we made the website open source. We run an unmodified version of the code that is available on Github for everyone to see. accounts

Account data

There are two types of accounts on Anonymous and Regular.

Anonymous accounts consist of an autogenerated UUID we call an "Authentication Token" and that is it. They are a convenient way of sending us game replays semi-anonymously without creating an account beforehand.

Regular accounts are created when you first sign into the website, such as from the home page. We use the OAuth 2 API in order to delegate authentication to, and then automatically create a corresponding account for you. The only data we get from the API is your Battletag and your Account ID; both are stored in order to enable you to log in. We do not receive or store passwords, names, emails, addresses, billing data or any type of personally-identifiable information.

Account deletion

You may request to delete your account from the "Delete account" section of your account page. Upon doing so, your account will be marked for deletion and you will no longer be able to log into it. All account data will be irreversibly wiped within the following 7 days. Uploaded replays will be detached from the account and will only be reachable via links you may have previously shared. However, you can elect to to have them deleted as well.

Hearthstone Deck Tracker

Hearthstone Deck Tracker (HDT) is our officially-supported client. Whenever you finish a game of Hearthstone with HDT running, the game's log is automatically uploaded to You can disable those uploads in HDT itself, in options > tracker > replays.

By default, HDT also sends some basic usage statistics to our servers upon starting the application and completing a game. We use this data only in aggregate to help us understand how our users use the software. To disable this from HDT, go to options > tracker > settings and check off Submit anonymous data.

Replay data

Whenever an upload is made to, the following data is sent to us and saved on our servers:

  • The uploader's IP address, for the purpose of curation (such as to ban badly-behaving clients)
  • Optionally, game metadata such as game and client IDs, game server IP, etc.
  • The Power.log file generated by the game.
The Power.log file contains only gameplay data. However, player definitions contain a unique Hearthstone account ID (this is different from the account ID), as well as a player name. The player name is usually the "name" portion of a Battletag. When playing against a RealID friend, that name is the player's real name. Due to a limitation in the log format, we have no way to tell which is which. Be mindful when sharing replays of games against your RealID friends, as this information is exposed to everyone who gets the replay.

Statistics and game analysis

Part of our goal for creating this service is to understand Hearthstone and its metagame. The strong diversity of backgrounds in the HearthSim community puts us in the unique position to be able to analyze the game as nobody has ever done before. Our intention is to contribute that data back to the community in various ways such as blog posts, APIs, and interactive features (some of which we may monetize, in order to help us keep this service free).

We will share more details on our analytical strategy as development on the website continues. Users can elect to globally opt their replays out of such analyses and archives.

Other information

Our servers are hosted on the Amazon Web Services infrastructure, in Northern Virginia in the United States. This is where replays are stored as well.

Our servers log requests across our web pages and APIs for the purposes of debugging only. None of those logs contain any personally-identifiable information and they are all destroyed once they become irrelevant within the first 60 days after they are written.

We use Google Analytics to understand how our users use the website. All data is anonymous. respects Do Not Track and will not serve Google Analytics to browsers sending this header. If you are concerned with usage tracking on the internet, we recommend the EFF's Privacy Badger extension.