Privacy & security

What this service stores, who can see it, and how to get rid of it.

What’s stored

  • Your Steam ID (from sign-in), used to gate access.
  • Your Rust+ companion token, encrypted at rest (AES-256-GCM; the key lives only on the server, never in the browser).
  • Per-map data your team generates: markers, drawings, shop/price history, presence heatmaps, timers, settings.

Who can see your map

Only the map’s owner and the accounts currently on that server’s in-game team roster. When someone leaves your team in-game, they lose access. Maps are not public and are not indexed.

Deleting your data

  • Delete a map from your maps page — this removes all of that map’s data.
  • Remove a pairing to forget the stored Rust+ token for that server.
  • Sign out everywhere invalidates all your active sessions.
  • Unused, unpaired maps are automatically reaped after a period of inactivity.

Smart-device notifications

The optional smart-alarm auto-capture registers this service as a push target for your Rust+ account, which redirects Rust+ notifications from your phone. It’s off by default, opt-in, and fully reversible (see the alarm guide). Push credentials are also encrypted at rest.

Not affiliated with Facepunch Studios or Valve. Rust and Rust+ are trademarks of Facepunch Studios.