🦆 Reflecting Swamp

Privacy

Last updated June 2026

Reflecting Swamp is an 8-bit duckling-shepherding game that runs entirely in your browser. The short version: there is almost nothing to collect, and we collect almost nothing. No camera, no microphone, no video, no biometrics, no account, no login. This page explains exactly what stays on your device and the two anonymous counter beacons that leave it.

What stays on your device

The game uses your browser's localStorage to remember a few things, all of which live only in your browser:

Your high-score board — the local 80s-style top-5 list of three-initial entries.
Your mute setting and difficulty preference (Easy / Normal / Hard).
Anonymous device-level counters — running totals like games played and lanes advanced.

None of this identifies you. You can wipe all of it through your browser's site settings at any time. Clearing it does not retroactively remove anything from the anonymous aggregate counts described below.

What is sent, and when

Two small anonymous beacons can leave your device. Both are fire-and-forget counter snapshots — there is no response the game waits on, and nothing identifying travels with them. Both are sent only when the game is served from the production site (reflectingswamp.com); local dev servers and Cloudflare preview deploys send nothing at all.

At the end of each game: `/api/metrics`

When a run finishes, the page sends one anonymous counter snapshot containing exactly these fields:

Games played — total games completed on this device.
Total play seconds — cumulative time played on this device.
Total lanes advanced — cumulative lanes crossed on this device.
Total far-bank crossings — cumulative crossings cleared on this device.
Lanes this game — lanes advanced in the run just finished.
Seconds this game — duration of the run just finished.
High score — best score on this device.
Share count — number of successful shares.

When you share a score: `/api/share`

If you tap the Share button and the share completes successfully, a second beacon is sent containing only:

Seconds shared — duration of the run being shared.
Lanes shared — lanes advanced in that run.
New best — whether the run was a new personal best.
Share method — which path was used (native share with file, native text, or clipboard).

That is the whole list. There are no identifiers, cookies, fingerprints, device IDs, or session tokens of any kind. Two people playing in the same browser are indistinguishable in this data.

Where it goes

Both beacons land in a Cloudflare Workers Analytics Engine dataset (reflectingswamp_metrics) with roughly 90-day retention. Each row holds only the fields listed above plus a server-assigned timestamp. No identifiers are ever stored. The public aggregate totals built from this data are visible on the stats page.

No tracking, no third parties

There are no cookies, no fingerprinting, and no third-party scripts or fonts. No analytics, advertising, or social-tracking code is loaded — the two beacons above are the entire telemetry story.

Server logs

The honest footnote: like any web host, the server sees the IP address and timestamp of each request as a basic consequence of how HTTP works. The site runs on Cloudflare Pages, so Cloudflare keeps standard request logs for routine operational purposes (TLS termination, DDoS protection, abuse handling). We do not extract these or correlate them with the anonymous counters above.

Want a stricter posture? Route the connection through a VPN or Tor before opening the site. The server will still see an IP — just not yours.

Questions

There's more on the about page, and you can reach a human via the contact page.