Privacy Policy
Last Updated: November 22, 2025
This policy explains what we collect, why we collect it, and how we use and protect it.
1. Information We Collect
- Account Data: Email, username, Discord user ID.
- Authentication: Hashed/encrypted passwords or OAuth tokens (never stored in plain text).
- Bot Runtime Data: Process status, resource usage (CPU/RAM), start/stop events.
- Operational Logs: Startup messages, error traces, deployment timestamps.
- Usage Metrics: API request frequency, uptime counters, restart counts.
- Technical Data: IP addresses (rotational logging), user agent, coarse region.
- Support Interaction: Ticket content, troubleshooting notes.
2. How We Use Data
- Operate and maintain hosting infrastructure.
- Monitor stability, performance, and abuse prevention.
- Provide support and troubleshoot issues.
- Improve scheduling, scaling, and reliability.
- Generate aggregated analytics (non-personal).
- Fulfill legal and compliance obligations.
3. Data Security
- TLS encryption in transit.
- Hashed credentials (bcrypt or better).
- Role-based access controls for staff tools.
- Periodic vulnerability scanning.
- Automated backups for essential operational data.
4. Operational Audit & Abuse Investigation
If we reasonably suspect malicious, abusive, or prohibited usage we may temporarily access limited operational artifacts to verify compliance:
- Container/process listings and runtime metrics.
- Relevant non-sensitive log excerpts (e.g., crash traces, error output).
- File system items directly implicated in suspected abuse (e.g., mining scripts, exploit payloads).
We do not harvest arbitrary source code for unrelated purposes. Access is scoped and audited. Confirmed violations can result in suspension or termination per Terms.
Refusal to cease clearly abusive activity after notification may trigger immediate environment shutdown.
5. Data Sharing
We do not sell personal data. Limited sharing occurs with:
- Infrastructure and payment (if applicable) providers.
- Legal authorities when required.
- Potential merger/acquisition entities under NDA.
- With explicit user consent.
6. Retention
- Account data: retained while active; deleted within 30 days of closure.
- Operational logs: rotated and purged (typically 30–90 days).
- Backups: lifecycle-managed and encrypted.
7. Your Rights
- Access: Request a summary of stored personal data.
- Rectification: Correct inaccurate profile info.
- Deletion: Request account and data removal (legal exceptions may apply).
- Portability: Export bot code and configuration files.
- Restriction: Ask for temporary processing limits under qualifying conditions.
8. Cookies & Tracking
We use minimal cookies/session tokens for authentication and dashboard state. Disabling them may break functionality.
9. Third-Party Integrations
Discord API interactions follow Discord's platform rules. External analytics, if enabled, are limited to aggregated operational metrics.
10. International Transfers
Data may transit or be stored in multiple regions with equivalent security controls.
11. Compliance (GDPR / CCPA)
We honor applicable rights frameworks. We do not sell data nor create advertising profiles.
12. Changes to Policy
Material changes will be announced. Continued use after updates indicates acceptance.
13. Contact
Open a support ticket or reach us via Discord for privacy inquiries.