← Back to Setup Guide

🔒 Privacy Policy

How Candy-Bot collects, uses, and protects your data

Last Updated: January 2025

1. Introduction

Your Privacy Matters

We are committed to protecting your privacy and being transparent about how we collect, use, and store your data when you use Candy-Bot.

This Privacy Policy explains how Candy-Bot ("we," "us," or "the Bot") collects, uses, processes, and protects information when you use our Discord bot services. By using Candy-Bot, you agree to the collection and use of information in accordance with this Privacy Policy and our Terms of Service.

2. Information We Collect

2.1 Automatically Collected Data

When you interact with Candy-Bot, we automatically collect certain information:

Data Type Purpose Retention Period
Discord User ID User identification and command processing Until bot removal or user request
Discord Server ID Server-specific configurations and features Until bot removal from server
Channel IDs Command execution and feature delivery Until bot removal from server
Message Content (Commands Only) Command processing and error logging 7 days (logs only)
Timestamps Rate limiting and usage analytics 30 days

2.2 User-Provided Data

Information you voluntarily provide when using Bot features:

  • Timezone Preferences: When you set your timezone using bot commands
  • Server Configuration: Settings configured by Bot-Admin users
  • Custom Commands: Any custom commands or responses you create
  • Notification Preferences: Your choices for automated notifications

What We DON'T Collect

We do NOT collect or store:

  • Private messages or DMs (unless you directly command the bot)
  • Voice chat data or recordings
  • Personal information like real names, addresses, or phone numbers
  • Financial or payment information
  • Message content from general server conversations

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Core Bot Functionality

  • Processing and responding to your commands
  • Providing timezone-based features and notifications
  • Maintaining server-specific configurations
  • Delivering automated announcements and updates

3.2 Security and Moderation

  • Preventing spam and abuse of bot features
  • Rate limiting to ensure fair usage
  • Detecting and preventing unauthorized access
  • Maintaining Bot-Admin role security

3.3 Service Improvement

  • Analyzing usage patterns to improve features
  • Debugging and fixing technical issues
  • Developing new bot capabilities
  • Optimizing performance and reliability

Data Minimization Principle

We only collect and process data that is necessary for the bot to function properly. We do not collect excessive or unnecessary information.

4. Data Storage and Security

4.1 Storage Location

Your data is stored on secure servers with the following protections:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database access controls
  • Regular security updates and monitoring
  • Limited access to authorized personnel only

4.2 Data Retention

We retain your data for different periods based on its purpose:

  • User Preferences: Until you remove the bot or request deletion
  • Server Configurations: Until the bot is removed from the server
  • Command Logs: 7 days for debugging purposes
  • Usage Analytics: 30 days in aggregated, anonymized form

Data Security Notice

While we implement industry-standard security measures, no system is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using reasonable security practices.

5. Data Sharing and Third Parties

5.1 We Do NOT Sell Your Data

We do not sell, trade, or rent your personal information to third parties for commercial purposes.

5.2 Limited Data Sharing

We may share your data only in these specific circumstances:

  • Discord API: Necessary data is shared with Discord to provide bot functionality
  • Legal Requirements: If required by law, court order, or legal process
  • Safety Concerns: To protect users from harm or illegal activities
  • Service Providers: Trusted partners who help us operate the bot (under strict confidentiality agreements)

5.3 Discord's Privacy Policy

Since Candy-Bot operates on Discord's platform, Discord's Privacy Policy also applies to your interactions. We recommend reviewing Discord's Privacy Policy for complete information.

6. Your Privacy Rights

GDPR and Privacy Rights

Regardless of your location, we respect your privacy rights and provide the following options:

6.1 Access and Portability

  • Right to Access: Request a copy of the data we have about you
  • Data Portability: Receive your data in a structured, machine-readable format

6.2 Correction and Deletion

  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we process your data

6.3 Objection and Withdrawal

  • Right to Object: Object to certain types of data processing
  • Withdraw Consent: Stop using the bot at any time

6.4 How to Exercise Your Rights

To exercise any of these rights:

  1. Join our Discord server: https://discord.gg/3dx
  2. Contact the bot developer: DJCAncdy
  3. Provide your Discord User ID and specify your request
  4. We will respond within 30 days

7. Children's Privacy

Age Restrictions

Candy-Bot is not intended for use by children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information:

  • Contact us immediately through our Discord server
  • We will delete the information as soon as possible
  • We may require verification of your parental status

Discord's Terms of Service also require users to be at least 13 years old (or the minimum age in their country).

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. When we transfer data internationally:

  • We ensure appropriate safeguards are in place
  • We comply with applicable data protection laws
  • We use secure transmission methods
  • We maintain the same level of protection regardless of location

By using Candy-Bot, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

9. Cookies and Tracking

9.1 No Web Cookies

Since Candy-Bot operates entirely within Discord, we do not use web cookies or browser tracking technologies.

9.2 Discord Tracking

Discord may use its own tracking and analytics. Please refer to Discord's Privacy Policy for information about their data practices.

9.3 Bot Analytics

We may collect anonymized usage statistics to improve the bot, including:

  • Command usage frequency (without personal identifiers)
  • Feature popularity metrics
  • Error rates and performance data
  • General geographic regions (country-level only)

10. Data Breach Notification

Breach Response Plan

In the unlikely event of a data breach that affects your personal information, we will:

  1. Immediate Response (within 24 hours):
    • Secure the breach and prevent further unauthorized access
    • Assess the scope and impact of the breach
    • Begin investigation and remediation efforts
  2. Notification (within 72 hours):
    • Notify relevant authorities if required by law
    • Inform affected users through our Discord server
    • Provide clear information about what happened
  3. Follow-up Actions:
    • Implement additional security measures
    • Provide support and guidance to affected users
    • Conduct thorough review and improve security practices

11. Third-Party Services

11.1 Discord Platform

Candy-Bot operates on Discord's platform and is subject to:

11.2 External Links

Our bot may provide links to external websites or services. We are not responsible for the privacy practices of these third-party sites. We encourage you to read their privacy policies before providing any personal information.

11.3 Integration Services

If Candy-Bot integrates with other services in the future, we will:

  • Update this Privacy Policy accordingly
  • Notify users of any new data sharing
  • Ensure third parties meet our privacy standards
  • Provide opt-out options where possible

12. Privacy Policy Updates

12.1 Change Notification

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • Significant changes will be announced in our Discord server
  • We may send direct notifications for major privacy-related changes
  • Continued use of the bot constitutes acceptance of the updated policy

12.2 Types of Changes

Minor Changes: Clarifications, formatting, or non-material updates

Major Changes: New data collection practices, sharing policies, or user rights

Stay Informed

We recommend reviewing this Privacy Policy periodically to stay informed about how we protect your information. Join our Discord server for the latest updates and announcements.

13. Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on the following legal grounds:

Processing Activity Legal Basis Description
Core Bot Functionality Legitimate Interest Necessary to provide the bot services you requested
User Preferences Consent You voluntarily provide settings and preferences
Security Measures Legitimate Interest Protecting users and preventing abuse
Legal Compliance Legal Obligation Complying with applicable laws and regulations

14. Contact Information & Data Protection Officer

For privacy-related questions, concerns, or requests:

• Primary Contact: Join our Discord server at https://discord.gg/3dx

• Bot Developer: DJCAncdy

• Response Time: We aim to respond to privacy requests within 30 days

14.1 What to Include in Your Request

When contacting us about privacy matters, please include:

  • Your Discord User ID
  • The nature of your request (access, deletion, correction, etc.)
  • Any relevant server IDs if applicable
  • Specific details about your concern or request

14.2 Verification Process

To protect your privacy, we may need to verify your identity before processing certain requests. This may involve:

  • Confirming your Discord account ownership
  • Verifying your role in relevant Discord servers
  • Additional security questions if necessary

15. Supervisory Authority

If you are located in the European Union and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

You can find your local supervisory authority contact information at: European Data Protection Board

16. Final Notes

Our Commitment to Privacy

We are committed to protecting your privacy and maintaining transparency about our data practices. This Privacy Policy reflects our current practices and will be updated as needed to ensure continued compliance with privacy laws and best practices.

Related Documents:

Questions? If you have any questions about this Privacy Policy or our privacy practices, please don't hesitate to contact us through our Discord server. We're here to help and ensure your privacy is protected.