Privacy Policy

Last Updated: September 13, 2025

1. Introduction

At Confessionly, we are committed to protecting your privacy and being transparent about how we collect, use, and protect your information. This Privacy Policy explains our data practices when you use our Discord bot and web dashboard services.

2. Information We Collect

2.1 Discord Account Information

When you authenticate with Discord, we collect:

  • Discord User ID: Unique identifier from Discord
  • Username: Your Discord username
  • Email Address: Your Discord account email (if available)
  • Avatar: Your Discord profile picture
  • Server Memberships: Information about Discord servers where you have administrative permissions
  • OAuth Tokens: Access and refresh tokens to interact with Discord on your behalf

2.2 Confession Data

When confessions are submitted through our bot, we collect:

  • Confession Content: The text content of submitted confessions
  • Discord User ID: Identifier of the user who submitted the confession (stored securely)
  • Server Information: Which Discord server the confession was submitted to
  • Message IDs: Discord message identifiers for tracking and moderation
  • Channel Information: Which Discord channels are involved in the confession process
  • Timestamps: When confessions were submitted, reviewed, and published

2.3 Moderation Data

For moderation purposes, we collect:

  • Reviewer Information: Which moderator reviewed each confession
  • Review Actions: Whether confessions were approved, rejected, or blocked
  • Review Notes: Any notes added by moderators during the review process
  • Moderation Timestamps: When moderation actions were taken

2.4 Server Configuration Data

We store:

  • Server Settings: Configuration preferences for Discord servers
  • Channel Assignments: Which channels are designated for confessions and moderation
  • Bot Permissions: Information about bot permissions in servers

2.5 Technical Data

We automatically collect:

  • Log Data: System logs for debugging and security purposes
  • Usage Statistics: Anonymous metrics about bot usage and performance
  • Error Reports: Technical information when issues occur

3. How We Use Your Information

3.1 Service Provision

We use your information to:

  • Authenticate your access to the web dashboard
  • Enable confession submission and moderation through Discord
  • Synchronize data between the Discord bot and web application
  • Provide server administration features
  • Maintain service functionality and reliability

3.2 Moderation and Safety

We use data for:

  • Reviewing confessions before publication
  • Preventing abuse and enforcing our Terms of Service
  • Blocking users who violate our policies
  • Maintaining logs for accountability and safety

3.3 Service Improvement

We may use anonymized data to:

  • Analyze usage patterns to improve the service
  • Debug technical issues
  • Develop new features
  • Optimize performance

4. How We Share Your Information

4.1 Limited Sharing

We do not sell your personal information. We may share information only in these circumstances:

Discord Integration: We share necessary data with Discord's API to provide bot functionality, subject to Discord's Privacy Policy.

Server Moderators: Confession content is shared with authorized server moderators for review purposes. User identities are only revealed to moderators in specific moderation contexts.

Legal Requirements: We may disclose information if required by law, court order, or to protect the rights, property, or safety of our users or others.

Service Providers: We may use trusted third-party services for hosting, analytics, or other operational purposes, subject to appropriate data protection agreements.

4.2 Anonymous Data

We may share aggregated, anonymized usage statistics that cannot identify individual users.

5. Data Security

5.1 Security Measures

We implement appropriate security measures including:

  • Encryption of sensitive data in transit and at rest
  • Secure API authentication between services
  • Access controls limiting who can view user data
  • Regular security reviews and updates
  • Secure storage of Discord tokens and user information

5.2 Data Access

Access to personal information is limited to:

  • Authorized personnel who need access to provide the service
  • Server administrators for their own servers' data
  • Automated systems necessary for service operation

6. Data Retention

6.1 Account Data

  • User account information is retained while you use the service
  • Discord tokens are refreshed automatically to maintain functionality
  • Account data is deleted when you permanently remove the bot from all your servers

6.2 Confession Data

  • Approved confessions are retained indefinitely as they become part of the server's content
  • Rejected confessions are retained for moderation purposes for up to 1 year
  • Confession metadata (non-content data) may be retained longer for safety and analytics

6.3 Log Data

  • System logs are typically retained for 90 days
  • Security logs may be retained longer for safety purposes

7. Your Rights and Choices

7.1 Access and Control

You have the right to:

  • Access information we have about you
  • Update your Discord account information (through Discord)
  • Remove the bot from your Discord servers
  • Request deletion of your account data

7.2 Data Portability

You may request a copy of your data in a structured format, subject to technical and legal limitations.

7.3 Correction

If you believe we have incorrect information about you, please contact us and we will work to correct it.

8. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to remove such information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information during such transfers.

10. Third-Party Services

10.1 Discord

Our service integrates with Discord, which has its own privacy policy. Please review Discord's Privacy Policy to understand how Discord handles your information.

10.2 Other Integrations

We may integrate with other third-party services in the future. We will update this policy and notify users of any significant new integrations.

11. Cookies and Tracking

11.1 Web Dashboard

Our web dashboard may use:

  • Session cookies for authentication
  • Essential cookies for service functionality
  • Analytics cookies (if implemented) for service improvement

11.2 Discord Bot

The Discord bot does not use cookies but may store temporary data for operational purposes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify users of material changes through the service or other communication methods
  • We will post the updated policy on our website or service
  • Continued use of the service after changes constitutes acceptance of the updated policy

13. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

  • Investigate the incident promptly
  • Notify affected users as soon as reasonably possible
  • Take immediate steps to contain and remediate the breach
  • Cooperate with law enforcement if necessary
  • Review and improve our security measures

14. Your Rights Under GDPR (EU Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request information about personal data we process
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request a copy of your data in machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for data processing

To exercise these rights, please contact us using the information below.

15. California Privacy Rights (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Information about personal information we collect and how it's used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising privacy rights

16. Contact Information

If you have questions about this Privacy Policy or want to exercise your rights, please contact us at:

For GDPR-related inquiries, please include "GDPR Request" in your subject line.
For CCPA-related inquiries, please include "CCPA Request" in your subject line.

17. Legal Basis for Processing (EU Users)

We process your personal information based on the following legal bases:

  • Contractual Necessity: To provide the service you've requested
  • Legitimate Interests: To improve our service, ensure security, and prevent abuse
  • Consent: Where you have explicitly consented to data processing
  • Legal Obligation: To comply with applicable laws and regulations

By using Confessionly, you acknowledge that you have read and understood this Privacy Policy and consent to the data practices described herein.

Home Terms of Service Contact
© 2025 Confessionly. All rights reserved.