TEARust is a squad-intelligence tool for Rust. This policy explains what data we collect, why, and how it is handled. We keep things minimal — we collect only what the app needs to function.
TEARust ("we", "us") is an independent project providing squad-tracking and analytics for the game Rust. Contact: ws.businesslab@gmail.com.
Steam account data. When you sign in via Steam OpenID we receive your Steam ID, display name, and avatar URL. We do not receive your password or email address — Steam handles authentication entirely.
Rust+ game data. If your squad leader pairs a Rust server via Rust+, we receive real-time data broadcast by that server through Rust+'s companion API. This includes: team member positions on the map, online/offline status, death events, and server events (cargo ship, patrol heli, etc.). This data is streamed from Facepunch's infrastructure — we store aggregated statistics (time online, distance roamed, death count) per wipe for leaderboard and analytics purposes. Raw location data is not persisted between sessions.
Usage data. We log standard server request logs (IP address, endpoint, timestamp) for security and debugging. These are not shared and are rotated periodically.
Billing data. Subscription payments are handled by Stripe. We store a Stripe customer ID and subscription status. We never see or store your card number — it goes directly to Stripe's PCI-compliant systems.
Integrations. If you connect a Discord webhook or Telegram bot, we store the webhook URL / chat ID to deliver alerts. These are stored encrypted at rest and used only to forward events you explicitly configured.
Invite & promo codes. Codes you generate or redeem are stored in association with your squad record.
We do not sell your data, share it with advertisers, or use it for any purpose unrelated to operating TEARust.
Squad statistics and player records are scoped to game wipes. When a squad is deleted or a subscription lapses beyond a reasonable grace period, associated data is removed. Steam profile data (name, avatar) is refreshed periodically and is not retained after account deletion.
You can request full deletion of your account and associated data by emailing ws.businesslab@gmail.com. We will action deletion requests within 30 days.
We use a single server-side session cookie to keep you logged in. No third-party tracking cookies are used. We do not use analytics SDKs (Google Analytics, Mixpanel, etc.).
All data is transmitted over HTTPS. Session secrets and integration credentials are stored in environment variables, not in source code. We follow reasonable security practices for an independent service of this scale.
TEARust is not directed at children under 13. If you believe a child has provided us personal data, contact us and we will delete it promptly.
We may update this policy as the service evolves. Material changes will be noted by updating the "Last updated" date above. Continued use of the service after changes constitutes acceptance.
Questions about this policy: ws.businesslab@gmail.com