Privacy Policy
Last Updated: October 31, 2025
1. Introduction
This Privacy Policy explains how Disney Bot ("we," "us," or "the bot") handles information when you use our Discord bot and dashboard.
We believe privacy should be clear and easy to understand — no legal fog, no hidden tracking. Everything we collect is used to make the bot work securely, reliably, and responsibly.
We follow applicable data protection laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
2. Who We Are
Service Name: Disney Bot
Contact: [email protected] or Discord Support Server
Response Time: We aim to respond to all privacy requests within 30 days.
3. Information We Collect
We only collect information needed to make the bot and dashboard function securely and effectively.
3.1 Discord Account Details
When you use the bot or dashboard, we receive limited data from Discord:
- Discord ID and username
- Avatar or banner (if public)
- The servers you share with the bot and your roles/permissions
This lets the bot link your preferences and permissions to your Discord account.
3.2 Dashboard Login & Security Data
When you sign into the dashboard, we record a small amount of technical information to protect your account and detect unusual activity. This may include:
- Basic network details (e.g., your IP's region or city)
- Browser Type (desktop, mobile, OS version)
- Login times and session length
- Checks for automated or masked connections (VPN/proxy)
This data helps us identify suspicious login attempts, troubleshoot technical issues, and improve overall reliability.
3.3 Bot Usage Data
To keep the bot stable and improve features, we track anonymous summaries such as:
- Which commands are used most often
- General error patterns or configuration changes
We don't store full message content — only metadata needed for moderation or debugging, and even that is temporary.
4. Why We Collect This Information
We use the data we collect for three main purposes:
- To operate the bot and dashboard – linking settings to your Discord account and enabling your custom configurations.
- To keep everything secure – detecting unauthorized access, abuse, or malicious behavior.
- To improve performance – understanding how features are used so we can make them faster and more reliable.
We do not sell or share your personal information with advertisers or outside companies.
5. Legal Grounds (GDPR)
We process information based on:
- Legitimate Interests – ensuring platform security and preventing abuse.
- Contract Performance – providing the services you request through the bot.
- Consent – for optional or experimental features that you explicitly enable.
6. How Long We Keep Information
- Login data: automatically deleted after 90 days.
- Anonymized summaries: kept indefinitely for security and performance statistics.
- Server configuration data: retained while the bot remains in your server; deleted when removed.
- Temporary moderation logs: cleared after 30 days unless required for moderation review.
7. Who Can Access Your Data
- Only the two project developers have access to dashboard logs and stored data.
- Every developer action is logged for accountability.
- Access is limited to maintenance, debugging, or security review.
We may disclose limited data only if required by law or in urgent safety situations.
8. Tools and Services We Use
We rely on a few essential services to run the bot safely:
- Discord API – to operate bot features (subject to Discord's own privacy policy).
- ip-api.com – to estimate general location for login security checks.
- Local database hosting – all data is stored on our own secure server, not cloud-hosted.
We do not use analytics trackers, advertising networks, or cross-site tracking tools.
9. How We Protect Your Data
We take data security seriously and use:
- Encrypted HTTPS connections
- IP hashing for pattern recognition (not raw IP lookups)
- Secure authentication and handling
- A locally hosted, access-controlled database
- Regular backups and system updates
If a data breach ever occurs, we will notify affected users within 72 hours and contact relevant authorities as required by law.
10. Your Privacy Rights
Depending on where you live, you may have certain rights under GDPR or CCPA, including to:
- Access – see what data we hold about you
- Delete – request removal of your data
- Anonymize – strip identifiable information while keeping basic stats
- Export – download a copy in JSON format
- Rectify – correct inaccurate details
- Object or Withdraw Consent – stop certain types of processing
You can exercise these directly in the dashboard (via "Export," "Anonymize," or "Delete" buttons) or by contacting us via Discord or email.
We respond to all verified requests within 30 days.
11. Cookies and Session Storage
The dashboard only uses a short-lived session cookie to keep you logged in for up to six hours. We don't use any third-party cookies or trackers.
12. Children's Privacy
Disney Bot is intended for users 13 years or older, consistent with Discord's Terms of Service. We do not knowingly collect data from anyone under 13. If you believe a child's information was collected, please contact us and we'll delete it immediately.
13. International Data Storage
All data is stored in a secure, locally-hosted database in the United States. If you access the bot from another region, your information may be transferred securely to that location, but it remains under the same privacy protections.
14. Updates to This Policy
If we ever make significant changes, we'll:
- Update the "Last Updated" date above
- Announce the change in our Discord server or dashboard
- Summarize what changed for easy review
Continuing to use the bot after updates means you agree to the revised terms.
15. How to Reach Us
If you have privacy questions, requests, or concerns:
Discord: Support Server
Email: [email protected]
Response Time: Within 30 days (or sooner, if possible)
You can also contact your local data protection authority if you feel your issue isn't resolved.