TEARust / Privacy Policy
Back
๐Ÿ”’
Privacy Policy
TEARust is a squad coordination tool for Rust. This page explains exactly what data we collect when you use it, why we collect it, and how you can delete it. No legalese โ€” plain English.
Last updated: May 2025
๐Ÿ“‹
What we collect and why
Data Why we need it Stored where Kept for
Steam ID & persona name Identify you in your squad, show your name on the map Our server (SQLite) Until you leave all squads or request deletion
Steam avatar URL Show your avatar in the squad member list Our server (SQLite) Same as above
FCM credentials Receive push notifications from Facepunch's Rust+ backend (server pairing, alarms, smart switches) Our server (SQLite, encrypted) Until you click "Forget credentials"
Player token Authenticate with your Rust game server via the Rust+ protocol Our server (SQLite, encrypted) Until you remove the paired server or forget credentials
Player positions & status Show team members on the map in real time Memory only (never written to disk) Lost on server restart
Death locations Show recent death markers on the squad map Our server (SQLite) Pruned automatically after max-per-player limit
Map markers (custom pins) Squad-shared points of interest on the map Our server (SQLite) Until deleted by a squad leader, or when they expire
Chat messages In-app squad chat Our server (SQLite) Most recent N messages per squad, older ones dropped automatically
IP address Rate limiting and guest session continuity Our server (SQLite) Overwritten each session; not logged permanently
๐Ÿšซ
What we never do
โœ“
No selling or sharing. Your data is never sold, rented, or shared with any third party. We don't have advertising partners, analytics vendors, or data brokers.
โœ“
No tracking across sites. We don't use cookies for tracking. The only cookie we set is your session cookie โ€” it expires when you log out or after 30 days.
โœ“
FCM credentials stay on our server only. We receive push events from Facepunch's own infrastructure using your FCM token. We don't forward your token anywhere else.
โœ“
Player tokens are squad-scoped. Your player token is only used to connect to your own squad's active server. It's never used for any other purpose.
๐Ÿ“ก
How the Rust+ connection works

TEARust connects to your Rust server using the official Rust+ companion API โ€” the same protocol used by the Facepunch Rust+ mobile app. We are not doing anything the official app doesn't do.

1
You run a script on your PC that logs into Steam (in your own browser) and registers for Rust+ push notifications. This generates a config file containing your FCM token.
2
You upload that config file to TEARust. We store the token encrypted in our database and use it to open a persistent connection to Facepunch's FCM push service.
3
When you pair a server in-game (ESC โ†’ Rust+), Facepunch sends a push notification to our listener. We use the server details from that notification, plus your player token, to connect to the game server directly.
4
Live data (player positions, events, etc.) flows from the game server โ†’ TEARust server โ†’ your browser over a websocket. No third parties involved in this path.
โš 
Your player token grants access to the Rust+ API for that server as your Steam account. Treat it like a password. You can revoke access by removing the paired server from this page, or by "Forgetting credentials" which disconnects everything.
๐Ÿณ
Don't trust our server? Self-host it.

TEARust is open source. If you don't want to hand credentials to our server, you can run the entire app on your own machine or VPS.

๐Ÿ’ก
A Docker image and docker-compose.yml are included in the repository. Point your squad to your own domain, and all data stays on hardware you control. The database is a single SQLite file โ€” easy to back up and inspect.
๐Ÿ—‘
How to delete your data
1
Rust+ credentials โ€” go to the Pair page and click "Forget credentials & disconnect". This immediately removes all FCM credentials and disconnects from the game server.
2
Squad data (markers, deaths, chat) โ€” a squad leader can clear deaths from the settings menu. Deleting the squad removes all associated data.
3
Full account deletion โ€” contact us and we will remove your Steam ID, persona name, avatar, and all associated records from the database within 48 hours.
โœ‰
Questions or data requests

Have questions about this policy, want to request deletion, or found something concerning? Open an issue on GitHub or reach out directly. We will respond within a few days.

This is an independent hobby project, not a company. There's no legal department โ€” just a developer who wants to be transparent about what happens with your data.