This Privacy Policy explains how GuildProtect processes data for the Discord bot, web dashboard, Anti-Nuke protection, backups, verification, public profiles, reports, premium features and administration tools. Replace operator name, address, contact email and jurisdiction-specific details before publishing a live instance.
GuildProtect is a security and recovery platform for Discord servers. The service processes Discord and server data only to provide protection, access control, logging, recovery, verification and administration features.
The controller is the operator of this GuildProtect instance. The operator must provide a legal name or company name, postal address, contact email and any mandatory legal disclosures before public launch.
Privacy requests should be sent to the contact address provided by the operator. GuildProtect itself is software; responsibility for a hosted instance remains with the operator.
When users sign in with Discord, GuildProtect processes Discord user ID, username, global display name, avatar, locale preference, session data and the guild list returned by Discord OAuth.
This data is required to display the dashboard, verify ownership or administrator permissions, filter guilds where the bot is installed, store language preferences and secure access to protected server settings.
GuildProtect stores guild IDs, guild names, icons, owner IDs, channel IDs, role IDs, role names, role colors, role hierarchy status, bot permissions, log channel, server language, Anti-Nuke configuration, whitelist entries, punishment settings and guide status information.
This information is necessary so the bot can detect dangerous actions, enforce configured punishments, send logs, restore server structure and show accurate setup guidance.
For security events GuildProtect may store actor ID, target ID, guild ID, rule key, action timestamp, punishment type, punishment status, failure reason and related technical metadata.
These logs are used for abuse detection, rate windows, owner notifications, dashboard audit views, server log channels and later security review by authorized users.
Profile backups and server backups may contain roles, role positions, role permissions, role colors, channels, categories, channel positions, channel types, permission overwrites and other server structure data required for restoration.
Backups do not intentionally store Discord message contents. Backups can be restored on servers where the acting user or admin has the required access inside GuildProtect.
If a user verifies through GuildProtect, the service processes Discord user ID, username, display name, avatar, access token, optional refresh token, token expiry, guild ID, guild name, verification timestamp and, where available, server join timestamp.
The Discord OAuth guilds.join permission is used only to add verified users back to eligible servers through the restore members feature. Tokens must be protected by the operator and should not be exported or used for unrelated purposes.
Server owners and authorized administrators can view verified members connected to their verification setup and may restore them to servers where they have access.
Users may enable a public profile. A public profile can display avatar, display name, status text, badges, selected protected guilds, membership information and, for premium users, a custom public URL.
Users may report public profiles. Reports can include reporter ID, target profile ID, reason, status, close information and admin moderation history. Admins with the required permission may block or unblock public profiles and record a reason.
GuildProtect stores premium status, expiry date or permanent state, rank assignments, rank colors, rank icons, power levels, permissions, backup limits and whether a rank grants premium or appears on the team page.
Admin panel users may view guilds, users, premium status, public profile status, reports, verified members, backups and admin logs depending on their assigned permissions. Admin actions can be logged for accountability.
The web dashboard uses technically required session cookies to keep users signed in and protect authenticated actions. These cookies are not used for advertising tracking.
Discord bot tokens, OAuth secrets, database credentials and session secrets are sensitive operational secrets and must be stored securely by the operator.
GuildProtect communicates with Discord to perform OAuth login, bot actions, audit-log related checks, role assignment, guild joins, channel messages, moderation actions and other Discord API operations.
Additional hosting providers, database providers or infrastructure processors may be involved depending on how the operator hosts this instance. The operator is responsible for documenting those processors.
Data is retained for as long as required to provide security, auditability, backups, verification, premium features, administration and abuse prevention.
Users may request access, correction or deletion from the operator. Server owners or authorized administrators can remove certain configuration, backup, whitelist, report and verification data using the dashboard or by contacting the operator.
Depending on applicable law, users may have rights to access, rectification, erasure, restriction of processing, data portability, objection and complaint to a supervisory authority.
The operator should verify which legal framework applies to their instance and provide the required contact and authority information.
GuildProtect is designed to limit access through Discord login, server ownership checks, administrator checks, bot-role hierarchy checks and app-admin permissions.
The operator should use strong database credentials, private environment variables, HTTPS, secure cookies, restricted server access, regular updates and careful Discord permission configuration.
This Privacy Policy may be updated when GuildProtect features, data flows or legal requirements change. The operator should review this page after enabling new features or changing infrastructure.