Privacy Policy

Redvora operates the Service and acts as the data controller for account and website data. For data processed within a Discord server (messages, member activity, logs and module records), the server’s owner and administrators determine how the bot is configured and used; in that respect Redvora acts as a processor on their behalf and the relevant server administrators are responsible for their members’ data and for providing any notices required in their community.

We collect the following categories of information:

Account & authentication. When you sign in with Discord via OAuth2, we receive your Discord user ID, username, global display name, avatar, and the list of servers in which you hold administrative permissions. We do not receive or store your Discord password.

Server & configuration data. For servers where the bot is active, we store the configuration you set (module settings, panels, forms, roles, channels and related preferences) and operational records produced by the modules you enable — for example tickets and their transcripts, applications and their answers, giveaways, moderation actions, invite counts, suggestions and audit history.

Discord event data. To provide logging and module functionality, the bot processes events delivered by Discord (such as messages, message edits and deletions, member joins and leaves, role and channel changes, and voice activity). What is retained depends on the modules an administrator enables and the applicable retention settings.

Secrets you provide. If you run your own custom bot or enable AI features, you may provide a bot token or third-party API key. These secrets are encrypted at rest and are used only to operate your instance; they are never displayed back to you after submission.

Billing. If you purchase a paid plan, our payment processor collects the information needed to complete the transaction. We receive confirmation of payment and subscription status; we do not store full card numbers.

Technical & usage data. Our servers and infrastructure providers automatically record technical information such as IP address, browser/user-agent, timestamps and basic request logs for security, abuse-prevention and diagnostics.

We use information to:

operate and provide the Service, including authentication, access control and the dashboard;

deliver the modules and features you enable, and store the records they create;

maintain security, prevent fraud and abuse, and enforce our Terms;

provide support and respond to your requests;

process payments and manage subscriptions; and

improve, maintain and develop the Service.

Where required by law, our legal bases for processing are the performance of our contract with you, our legitimate interests in operating and securing the Service, your consent (which you may withdraw), and compliance with legal obligations. We do not sell your personal data, and we do not use your private server content for advertising.

We share information only as needed to run the Service:

Discord. The Service is built on Discord’s API and necessarily exchanges data with Discord. Your use of Discord is governed by Discord’s Privacy Policy.

Infrastructure & sub-processors. We use reputable hosting and infrastructure providers to run our servers and databases, and a third-party payment processor to handle billing. These providers process data on our behalf under appropriate agreements.

Server administrators. Data generated within a server (such as tickets, applications and logs) is accessible to that server’s authorized administrators through the dashboard.

Legal. We may disclose information if required by law or valid legal process, or to protect the rights, safety and security of Redvora, our users or the public.

Business transfers. If Redvora is involved in a merger, acquisition or sale of assets, information may be transferred as part of that transaction, subject to this Policy.

We retain information for as long as needed to provide the Service and for the retention period applicable to your plan and configuration. Operational records use soft deletion and are purged after their retention window or shortly after you delete them. When you remove the bot from a server or close your account, related data is deleted or anonymized within a reasonable period, except where we must retain it to comply with legal obligations, resolve disputes or enforce our agreements.

We use technical and organizational measures to protect information, including encryption in transit (HTTPS), encryption at rest for sensitive secrets such as bot tokens and API keys, access controls and audit logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your Discord account and any tokens you provide secure.

We and our providers may process and store information in countries other than your own. Where personal data is transferred internationally, we take steps to ensure it remains protected in accordance with this Policy and applicable law.

Depending on your location, you may have rights to access, correct, export or delete your personal data, to object to or restrict certain processing, and to withdraw consent. You can exercise many of these directly: adjust or delete configuration in the dashboard, remove the bot from a server, or sign out. For other requests, contact us at [email protected] or via our Contact page. We will respond within the timeframe required by applicable law and may need to verify your identity first. You may also have the right to lodge a complaint with your local data protection authority.

The Service is not directed to children under the age required to use Discord in their country (at least 13, or older where local law requires). We do not knowingly collect personal data from children below that age. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete it.

We use strictly necessary cookies to keep you signed in and to operate the dashboard securely. We do not use advertising cookies. You can control cookies through your browser settings, but disabling necessary cookies may prevent the dashboard from working.

The Service may link to third-party sites and services that we do not control. This Policy does not apply to those third parties, and we encourage you to review their privacy policies.

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

If you have questions or requests regarding this Policy or your data, contact us at [email protected].