Loading entitlements
Checking plan and usage metadata.
Privacy readiness
Account data export and deletion
Account export, deletion, and anonymization workflows are not implemented yet. They remain disabled until the backend owns identity confirmation, retention policy, audit-log preservation, and game-integrity anonymization.
Export readiness
- Verified account ownership
- Scoped export package
- Audit-safe delivery
Deletion readiness
- Owner confirmation
- PII anonymization
- Game archive integrity
Completed games, moves, ratings, moderation records, and audit logs require explicit retention decisions before any destructive account workflow is exposed.
Delivery readiness
Notifications and email delivery
Email delivery, product notifications, push notifications, and notification preferences are not implemented yet. They stay disabled until backend services own provider setup, consent, unsubscribe controls, abuse prevention, delivery audit records, and privacy-reviewed templates.
Email delivery boundary
- Provider configuration
- Delivery audit records
- Bounce and failure handling
Notification consent boundary
- User consent and preferences
- Unsubscribe controls
- Abuse prevention and rate limits
Account recovery and email verification now have backend token state, but provider-backed delivery remains disabled. The app must not send transactional or marketing messages until delivery and consent workflows are implemented server-side.
Support readiness
Support and privacy request intake
Support tickets, privacy requests, legal requests, and user-contact intake are not implemented yet. They stay disabled until backend services own identity checks, request categories, triage ownership, retention rules, abuse prevention, audit records, and a safe response channel.
Intake boundary
- Verified requester identity
- Scoped request category
- Abuse-resistant submission limits
Operations boundary
- Triage ownership
- Retention and legal-hold policy
- Metadata-only audit trail
Current error states may show request IDs for debugging, but there is no user-facing support case workflow yet. Do not expose contact forms, deletion-request forms, or legal request actions until intake handling is implemented server-side.