Privacy Policy

1.1 Discord Account Information

When you authorize ComCraft through Discord OAuth, we collect:

• Discord User ID (unique identifier)
• Username and discriminator (e.g., User#1234)
• Email address (if provided through OAuth)
• Avatar URL

1.2 Server (Guild) Information

When the Bot is added to a Discord server, we collect:

• Server ID and name
• Server owner ID
• Channel IDs and names where the Bot is configured
• Role IDs and names (for permission management)
• Member count and basic server statistics

1.3 Usage Data

We collect data about how you interact with the Bot:

• Commands used and their frequency
• Feature configuration settings
• XP and leveling progress
• Message statistics (for leveling and analytics)
• Moderation actions and logs
• Ticket conversations and support interactions
• Event RSVPs and attendance
• AI chat interactions and prompts

1.4 Payment Information

When you subscribe to a paid plan:

• Payment method details (processed securely by Stripe/PayPal)
• Billing address and name
• Transaction history and invoices
• Subscription tier and renewal dates

Note: We do not store complete credit card numbers. Payment processing is handled by certified third-party payment processors (Stripe, PayPal) that are PCI-DSS compliant.

1.5 Third-Party Integration Data

When you connect third-party services (Twitch, YouTube):

• Twitch/YouTube channel information and access tokens
• Stream status and subscriber events
• Channel IDs and display names

We use the collected information for the following purposes:

• Service Delivery: To provide and maintain Bot functionality, including all features and commands
• Authentication: To identify and authenticate users accessing the dashboard
• Personalization: To customize Bot behavior based on your server settings and preferences
• Analytics: To generate server statistics, insights, and usage reports
• Support: To respond to your support requests and troubleshoot issues
• Billing: To process payments and manage subscriptions
• Communication: To send important updates, announcements, and notifications
• Security: To detect and prevent abuse, fraud, or unauthorized access
• Improvement: To analyze usage patterns and improve Bot features
• Legal Compliance: To comply with applicable laws and regulations

3.1 Storage Location

Your data is stored on secure servers provided by Supabase (PostgreSQL database) hosted in Europe. We use industry-standard encryption for data at rest and in transit.

3.2 Security Measures

• SSL/TLS encryption for all data transmission
• Encrypted database storage
• Regular security audits and updates
• Access controls and authentication
• Automated backups and disaster recovery
• Row-level security (RLS) policies in database
• Rate limiting and DDoS protection

3.3 Data Retention

We retain your data for as long as:

• Your account is active
• Needed to provide services
• Required by law (e.g., transaction records)

After account deletion, most data is removed within 30 days. Some data may be retained longer for legal or security purposes.

We do not sell your personal information. We may share your data only in the following circumstances:

4.1 Service Providers

We work with trusted third-party services:

• Supabase: Database hosting and authentication
• Stripe & PayPal: Payment processing
• Discord API: Bot functionality
• Twitch/YouTube APIs: Stream notifications
• OpenAI/Anthropic: AI-powered features
• Vercel: Web hosting and CDN

4.2 Legal Requirements

We may disclose your information if required by law or to:

• Comply with legal obligations or court orders
• Protect our rights and property
• Prevent fraud or security threats
• Protect user safety

4.3 Business Transfers

If CodeCraft Solutions is involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify you of any such change.

Under the General Data Protection Regulation (GDPR), you have the following rights:

To exercise any of these rights, please contact us through our support channels. We will respond to your request within 30 days.

Our website and dashboard use cookies and similar technologies:

• Essential Cookies: Required for authentication and basic functionality (e.g., session cookies)
• Analytics Cookies: Help us understand how visitors use our website (can be opted out)
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling cookies may affect functionality.

ComCraft is designed for general audiences. We do not knowingly collect personal information from children under 13 (or 16 in the EU). Discord's Terms of Service require users to be at least 13 years old.

If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

When you use AI features (chat, image generation):

• Your prompts are sent to third-party AI providers (OpenAI, Anthropic, Stability AI)
• We log prompts for usage tracking and billing purposes
• AI providers may use prompts to improve their models (per their policies)
• Generated content is stored temporarily and may be cached
• Do not include sensitive personal information in AI prompts

Our primary data storage is located in Europe (GDPR-compliant regions). However, some third-party services (e.g., Discord, OpenAI) may process data in other countries, including the United States.

We ensure that any international data transfers comply with applicable data protection laws through appropriate safeguards such as Standard Contractual Clauses (SCCs).

In the unlikely event of a data breach that may affect your personal information, we will:

• Notify affected users within 72 hours of discovery
• Inform relevant data protection authorities as required by law
• Provide details about the breach and steps taken to address it
• Offer guidance on protecting your account

We may update this Privacy Policy from time to time. When we make significant changes:

• We will update the "Last updated" date at the top
• We will notify users via email or Bot announcement
• We will post a notice on our website

Your continued use of ComCraft after changes indicates acceptance of the updated policy.

If you have questions about this Privacy Policy or want to exercise your data rights, contact us: