Privacy Policy

We collect and process the following types of data:

• Discord User Information: Username, User ID, Avatar, and Email (if authorized via OAuth2).
• Discord Server Information: Server ID, Server Name, and Role Configuration (only for servers using our service).
• OAuth Authorization Data: Access Token, Refresh Token, Expiration Time, and Authorized Scopes (e.g., identify, guilds.join). These tokens are securely stored and used only for the authorized purposes.
• Server Configuration Settings: Custom role settings, shortlink settings, and OAuth preferences.
• Link Analytics: Shortlink redirection data, including click metrics, approximate geolocation, and destination URL.
• Technical Data: IP addresses and browser information (for web interface users), used to secure user accounts and prevent abuse.
• User Communications: Support inquiries sent via email or Discord.

Authorized Guild Information: When users authorize our application through OAuth2 in specific servers, their access is tagged with the ID of those servers. This information is used solely to manage user access and is never shared with server owners. Server owners cannot view or access any personal user information.

We utilize collected data to:

• Manage temporary access roles in Discord servers as requested by server owners.
• Provide secure OAuth2 authentication and manage user access to specific servers.
• Ensure that user access is restricted to authorized servers without exposing any personal information to server owners.
• Monitor and optimize shortlink redirections for performance analysis.
• Enhance bot functionality and user experience.
• Prevent system abuse, unauthorized access, and ensure service security.
• Address user support requests.
• Comply with legal obligations, including data retention and user rights under applicable law.
• Cross-Server Access Management: When you authorize our application in a specific Discord server, your access is recorded for that server. Server owners cannot view your personal information, but they may have the ability to authorize your access to other servers without directly accessing your details. This process is strictly controlled and does not expose your identity or account information to server owners.

We maintain a strict no-sale policy regarding your data. We do not sell, rent, or lease your personal information to third parties. Limited data sharing may occur under the following conditions:

• Service Providers: We may share necessary data with third-party service providers (such as hosting providers and analytics platforms) to maintain and enhance our services. These providers are contractually obligated to maintain data security.
• Legal Compliance: We may disclose information to law enforcement or government authorities if required by law or to protect our legal rights.
• No User Data Access for Server Owners: Server owners can manage user access to their servers without accessing any user data. They cannot view usernames, IDs, emails, or any other personal information of users who have authorized their servers.

We implement industry-standard security measures to protect your data, with access restricted to authorized personnel only.

KeyBot operates in accordance with Discord's Developer Policy and Terms of Service.

Some server owners may use third-party URL shorteners in combination with our service. KeyBot does not control or endorse these external services and is not responsible for their content, advertisements, or data collection practices.

• When server owners use third-party shorteners, users should review the privacy policies of those services independently.
• KeyBot cannot control or guarantee the security or privacy of these third-party links.

When you authorize our application through Discord's OAuth2 system, we collect data based on the scopes you grant (such as identify and guilds.join). This data is used to:

• Identify you and provide the requested role in the Discord server you authorized.
• Manage your access to authorized servers without revealing your personal information to server owners. In some cases, server owners may use authorized access to add you to other Discord servers. However, they cannot view your personal information, and your authorization is strictly controlled by the OAuth2 process.
• You may revoke OAuth2 access at any time through your Discord settings.
• The information collected is used solely for bot functionality and is never shared with server owners or other unauthorized parties.

The information collected is only used to provide bot functionality and is never shared with third parties. You may revoke access or request deletion of this information at any time by contacting us.

You have the right to:

• Request access to the personal data we have collected about you.
• Request deletion of your data, including OAuth tokens and server authorization.
• Revoke OAuth2 authorization through Discord’s settings.
• Contact us at [email protected] or join our Discord server for privacy inquiries.
• Request the removal of any data obtained through OAuth2 authorization.

We are committed to responding to your privacy-related requests within 14 business days. For any privacy concerns or inquiries, contact us at [email protected] or join our Discord server.

You may also request the removal of any data obtained through OAuth2 authorization or revoke server access granted during the process.