Effective date: Feb 24, 2026

1v1 Arena stores account data needed to run login and sessions: username, email, account timestamps, and session metadata such as IP and user agent.

Your password is not stored in plain text. It is stored as a one-way password hash.

We use auth cookies for sign-in sessions. Access and refresh tokens are stored in HTTP-only cookies, and CSRF protection is used for form and refresh actions.

Session records are kept so you can view active devices and revoke sessions from your dashboard.

If our data handling changes, this page will be updated with a new effective date.