Privacy Policy

Last updated: May 31, 2026

1. Information We Collect

Mayor's Bot collects the following information when you use the Bot or web dashboard:

1.1 Data Provided by Discord

  • User data: Discord user ID, username, display name, avatar URL
  • Server data: Server ID, server name, member count, channel IDs, role IDs
  • Message content: Only when translation features are active in a channel (not stored permanently — processed in memory and logged as translation records)

1.2 Data You Provide

  • Registration data: In-game names, gang codes, ranks, and other form fields you submit
  • Ticket content: Messages sent within support ticket channels
  • Feedback: Bug reports, suggestions, and exit survey responses
  • Tracker entries: Button clicks and timestamps in activity trackers
  • Vote ballots: Choices made in polls (anonymous if enabled)

1.3 Automatically Collected Data

  • XP/Leveling: Message counts and XP earned per user per server
  • Moderation logs: Infractions (warns, mutes, kicks, bans) with moderator and reason
  • Translation logs: Source text, translated text, languages, and timestamps
  • Global reputation: Cross-server infraction summaries (no message content)

2. How We Use Your Data

We use collected data solely to:

  • Provide and operate the Bot's features (translation, moderation, leveling, etc.)
  • Display information on the web dashboard
  • Maintain the global reputation system for cross-server moderation
  • Generate server analytics and leaderboards
  • Improve the Bot based on feedback and usage patterns
  • Send service-related notifications (exit surveys, ticket updates)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Third-Party Services

The Bot shares limited data with third-party services to provide functionality:

  • Discord API: All Bot functionality requires Discord API access
  • OpenAI: Message text is sent for AI-powered translations, ticket AI, and screenshot reading (not stored by us beyond logging)
  • Google Translate: Message text is sent for translation (fallback provider)
  • Tenor API: GIF search queries (no personal data)
  • nekos.best / waifu.pics: Action type requests only (no personal data)
  • Twitch / YouTube / Kick APIs: Streamer usernames for live alerts
  • Telegram Bot API: Bridged messages are forwarded between Discord and Telegram
  • Top.gg: Vote verification (user ID only)

Each third-party service has its own privacy policy. We encourage you to review them.

4. Discord OAuth2 (Dashboard Login)

When you log into the web dashboard, we use Discord OAuth2 to authenticate you. We request the following scopes:

  • identify: Your Discord user ID, username, and avatar
  • guilds: List of servers you're in (to show servers where you have admin access)

We do not request access to your email, friends list, or the ability to join servers on your behalf. Your Discord access token is stored only in your browser session and is never saved to our database.

5. Data Storage & Security

Data is stored in PostgreSQL databases hosted on Railway (US). We implement reasonable security measures including:

  • HTTPS encryption for all web traffic
  • Database access restricted to the Bot application only
  • No plaintext password storage (Discord OAuth only)
  • Environment variables for all secrets and API keys

6. Data Retention

  • Translation logs: Retained for up to 90 days, then automatically purged
  • Moderation infractions: Retained until manually cleared by server admins
  • XP/Leveling data: Retained while the Bot is in your server; deleted upon request
  • Registration data: Cleared when a member leaves the server
  • Server config: Retained while the Bot is in your server
  • Global reputation: Infraction summaries decay over time (+1 point/week)

7. Your Rights

You have the right to:

  • Access: Request a copy of your data stored by the Bot
  • Deletion: Request deletion of your data by contacting us
  • Opt out: Remove the Bot from your server to stop all data collection
  • Correction: Update your registration data via the Bot or dashboard

To exercise these rights, contact us through our Discord support server.

8. Children's Privacy

The Bot is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

9. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to restrict processing, and the right to lodge a complaint with a supervisory authority. Our legal basis for processing is legitimate interest (providing the Bot's services) and consent (when you use features that process your data).

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Bot after changes constitutes acceptance of the revised policy.

11. Contact

For privacy-related questions or data requests, contact us through our Discord support server or use the /feedback command.