Privacy Policy

The data controller is DayronLabs LLC, a company organized in the United States. For any privacy matter you can reach us at [email protected].

We collect only the data necessary to provide the features of the Service:

• Discord identifiers: user ID, username, avatar, and the IDs of the servers (guilds) where the bot is installed.
• Server data: module configuration, channel and role IDs, moderation records (warns, sanctions), tickets and their transcripts, experience levels, and audit logs.
• Dashboard account data: email address, name and, if configured, an encrypted password and second factor.
• Billing data: Stripe customer and subscription identifiers, purchased plan, and renewal dates. Card data is processed exclusively by Stripe and never reaches our servers.
• Technical data: IP addresses and user agents associated with dashboard sessions, and error logs (via Sentry) for diagnostic purposes.

We use the data to: operate the bot and dashboard features; authenticate users and protect accounts; process payments and manage subscriptions; provide support; prevent abuse and fraud; and comply with legal obligations. We do not use your data for advertising, nor do we share it with data brokers.

For users in the European Economic Area and the United Kingdom, we process data on the following bases: performance of a contract (Art. 6(1)(b) GDPR) to provide the Service; legitimate interest (Art. 6(1)(f)) for security, abuse prevention, and Service improvement; legal obligation (Art. 6(1)(c)) for tax and accounting records; and consent (Art. 6(1)(a)) where expressly requested.

If the GDPR applies to you, you may at any time exercise your rights of access, rectification, erasure ("right to be forgotten"), restriction of processing, portability, and objection, as well as withdraw your consent. To exercise them, write to [email protected]; we will respond within 30 days. You also have the right to lodge a complaint with your supervisory authority.

If you reside in California, you have the right to know the categories of personal information we collect, request its deletion, correct inaccurate data, and not be discriminated against for exercising your rights. DayronLabs does not sell or "share" (within the meaning of the CPRA) personal information. You may exercise these rights by writing to [email protected].

We apply retention periods proportional to each category of data:

• Server configuration and data: while the bot remains in the server and up to 90 days after removal, to allow reinstalls without configuration loss.
• Audit and moderation records: a maximum of 12 months from creation.
• Dashboard account data: until the user requests deletion of their account.
• Billing records: as long as required by applicable tax regulations (generally 7 years).
• Technical and error logs: a maximum of 90 days.

We share data only with providers that help us operate the Service, under data processing agreements: Discord Inc. (platform), Stripe Inc. (payments), Supabase Inc. (PostgreSQL database hosting), Functional Software Inc. / Sentry (error monitoring), and our transactional email provider. We will also disclose data where required by law or a valid court order.

Our providers may process data in the United States and other countries. Where data of EEA users is transferred, we rely on standard contractual clauses approved by the European Commission or other valid transfer mechanisms.

We apply appropriate technical and organizational measures: encryption in transit (TLS), password hashing with modern algorithms, session-based access control, optional second factor, least-privilege internal access, and audit logging of data exports.

The Service is not directed at children under 13. If we become aware that we have collected data from a child under that age, we will delete it without delay.

We will publish any changes to this Policy on this page, updating the revision date. Material changes will additionally be announced on our Discord server. Contact: [email protected].