Privacy policy
Template notice: this policy was drafted to accurately describe how the service works
today, but it has not been reviewed by a lawyer and a dedicated contact address is still to be added.
It is documentation, not legal advice.
Rust Meadow is a live web map for Rust teams, powered by the Rust+ companion protocol. This
page explains what data the service handles, why, who can see it, and how to delete it.
What we collect
- Your Steam identity. Signing in uses Steam's OpenID — Steam confirms who you are and we receive
your 64-bit Steam ID. We never see your Steam password. To show avatars and display names in the team
panel, we also fetch the public part of your Steam community profile (persona name and avatar
image URL).
- Rust+ data you connect. If you pair a server, we store the pairing (server address and your
Rust+ player token, encrypted at rest with AES-256-GCM) and use it to run your live map. While a
map runs we process and store the gameplay data it produces: the in-game team roster (Steam IDs, names,
positions, online status), team chat, map markers and drawings, vending-machine/shop history, per-player
presence heatmaps, AFK and online-time totals, timers, map settings, and — if you add them — smart-device
entity IDs, camera IDs and tracked rival names.
- Optional integrations. A Discord webhook URL (encrypted at rest, one-way mirror) if you configure
the Discord bridge; Rust+ push credentials (encrypted at rest) if you opt into smart-alarm auto-capture;
a BattleMetrics server binding if you use rival tracking.
- Billing. If you buy Pro we store your plan, order history and an internal credit ledger.
Card details are handled by the payment provider's hosted checkout (Stripe, when card payments are live)
and never touch our servers. During the current launch promo, upgrades cost $0 and no card is
collected at all.
- Operational logs. Standard short-lived server logs and in-memory rate-limit counters, which can
include IP addresses, kept for debugging and abuse prevention.
Why we use it
One purpose: running the service you signed up for — authenticating you, connecting to your Rust server
over Rust+, showing the live map to your team, answering ! commands, and processing purchases.
!ai questions (plus the live map context needed to answer them) are processed by our AI
provider, Anthropic. We do not sell data, run ads, or use tracking/analytics services.
Cookies
rmsess | Strictly necessary. Your sign-in session — a signed token
containing your Steam ID. HttpOnly, Secure, SameSite=Lax; 30-day sliding lifetime. Without it you cannot
stay signed in. |
rmstate | Strictly necessary. A short-lived anti-forgery value set only
while you're completing Steam sign-in, deleted right after. |
That's all of them — no analytics, advertising or third-party cookies. A few UI preferences (like the
text-to-speech toggle and the dismissal of the cookie notice itself) live in your browser's localStorage
and are never sent to us. Because only strictly-necessary cookies are used, the cookie banner is a
disclosure, not a consent request.
Who can see your data
A map is visible only to its owner and the accounts currently on that server's in-game team roster —
leave the team in-game and access ends. Maps are not public and not indexed. The service operator can access
stored data for operations, debugging and abuse handling.
Third parties
- Steam / Valve — sign-in (OpenID) and your public profile (persona name, avatar). Avatar images
load in your browser directly from Steam's CDN.
- Facepunch — your map talks to your Rust server through the Rust+ companion connection.
- Anthropic — processes
!ai questions and their map context to generate the reply.
- BattleMetrics — only if you bind a server for rival tracking (we query their public server/player
data).
- Discord — only if you configure a bridge webhook (we post your selected alerts to it).
- Payment provider — Stripe hosted checkout for card payments, once live. We receive payment
status, never card numbers.
Retention & deleting your data
- Delete a map from your maps page — removes all of that map's data (markers, history, heatmaps,
chat, devices, …).
- Remove a pairing — forgets the stored (encrypted) Rust+ token for that server.
- Sign out everywhere — invalidates all of your active sessions.
- Delete your account (from your maps page) — removes your maps, pairings, push credentials,
sessions and billing profile in one step.
- Maps left unpaired are auto-deleted after about 30 days of inactivity.
- Encrypted database snapshots are kept as short-term backups (the most recent handful, replaced on a
rolling basis) — deleted data ages out of them automatically.
Security
Rust+ tokens, Discord webhooks and push credentials are encrypted at rest; the site is HTTPS-only and the
session cookie is HttpOnly/Secure. More practical detail (including smart-alarm auto-capture and what it
redirects) is in privacy & security.
Changes & contact
If this policy changes materially, the change will be visible on this page. Questions or
deletion requests: reach the operator through the Cow Tools community Discord (a dedicated
contact address will be added here).
Not affiliated with Facepunch Studios or Valve. Rust and Rust+ are trademarks of Facepunch
Studios.