Sessions.gg is operated by MonkeyLabs LLC — a Nebraska LLC.

Effective Date: [INSERT DATE] | Last Updated: March 1, 2026

---

Who we are

MonkeyLabs LLC runs Sessions.gg. If you have questions about this policy, email us at legal@monkeylabs.gg.

What we collect

We collect only what we need to run your server.

You give us:

• Your email — so we can send your server details, session warnings, and your world download link.
• Your server config — the settings you pick at checkout (gamemode, difficulty, that kind of thing). We use it to spin up your server.
• Your world files — if you upload one. We store it for your session, then give you 7 days to download it after expiration. Then it's gone.
• Datapacks — if you upload any. Same rules as world files: stored for your session, deleted when it's over.
• Any message you send us — if you contact support.

We collect automatically:

• Your IP address — only for rate limiting. We don't track you across sessions or build a profile from it.
• Payment confirmation from Stripe — we find out the payment went through. We never see your card number, CVV, or billing address. Stripe holds all of that.

We don't use analytics, ad pixels, behavioral tracking, or third-party cookies.

Why we have it

We use your data to run the service you paid for:

• Spinning up and managing your server
• Sending you the emails tied to your session
• Processing your payment
• Responding if you reach out
• Preventing abuse

We won't sell your data or share it with marketers.

Where your data is stored

Your data is stored on servers located in the United States (OVH US East). World files and backups are stored on Cloudflare R2, which may replicate across Cloudflare's global network.

When your data gets deleted

• Session ends — your email and config are scrubbed from our active database.
• Same time — your world is moved to temporary encrypted storage and we send you a download link.
• 7 days later — your world is permanently deleted. There's no recovery after this.
• After that — we hold nothing about you.

Stripe keeps payment records on their end under their own retention policy. We don't store any payment details ourselves.

The services we use

We use three external services. Each one only gets what they need:

• Stripe — handles your payment. They operate under their own privacy policy. We never touch your card info.
• Resend — delivers our transactional emails. They get your email address to send the message.
• Cloudflare R2 — temporary encrypted storage for your world files and datapacks during the download window. Deleted when the window closes.

Cookies

We use one cookie to keep you logged in while managing your server. It's functional — the dashboard won't work without it. It's not tracking you. It disappears when you close your browser.

No third-party cookies. No ad tracking.

Security

• All connections are encrypted over HTTPS
• Authentication uses magic links — no stored passwords
• Internal services are network-isolated
• Your data is deleted automatically when your session ends

Data breaches

If a breach affects your data, we'll notify you by email within 72 hours of discovering it, along with what was affected and what we're doing about it.

Children's privacy

You must be 13 or older to use Sessions.gg. We don't knowingly collect data from anyone under 13. If you're a parent and think your child signed up without your permission, email us at legal@monkeylabs.gg and we'll delete it.

Your rights

Because we delete your data when your session ends, there's usually nothing left to request. But if you have an active session and want to know what we have — or want it removed early — email us at legal@monkeylabs.gg.

If you're covered by GDPR, CCPA, or similar laws, those rights apply.

If this policy changes

We'll post the update here with a new date. If you have an active session when it changes, we'll email you. We won't retroactively change how we handle data you've already given us.

Contact

MonkeyLabs LLC
legal@monkeylabs.gg