ButzeBotButzeBotPrivacy Policy
← Back to Home

Privacy Policy

Last updated: March 2026 · In accordance with GDPR

1. Controller

The data controller responsible for this service is:

Julian Facklam

Winterhuder Weg 29, 7th Floor

22085 Hamburg, Germany

Email: [email protected]

2. Data We Collect

We collect and process the following data:

Discord OAuth (Web Panel Login)

When you log in to the ButzeBot web panel via Discord OAuth2, we receive and temporarily store:

  • Discord User ID
  • Username and discriminator
  • Avatar hash
  • List of Discord servers you are in

This data is stored in an encrypted session cookie (AES-256) on the server for up to 30 days. It is used solely to authenticate you and display your server list. We do not share this data with third parties.

Bot Data (Economy, Pets, etc.)

When you use ButzeBot commands in a Discord server, the following data may be stored in JSON files on the host server:

  • Discord User ID (for economy balances, XP, pet ownership)
  • Discord Server ID (for per-server configuration)
  • Economy data: coin balances, XP, transaction history
  • Pet data: pet names, stats, inventory
  • Leaderboard data: rankings per server

This data is stored on a private server. No User IDs are linked to real identities. Data is stored per-server and is not shared across servers.

Feedback Form

When you submit feedback via the feedback button, we collect:

  • First name
  • Email address
  • Discord username (optional)
  • Your message

This data is used solely to process your request and send a reply. It is forwarded via Brevo's transactional email API and received at [email protected]. We do not store feedback form submissions permanently after processing.

Server Logs

The web server may retain standard access logs (IP address, timestamp, requested path) for security and debugging purposes. These logs are kept for a maximum of 30 days and are stored encrypted. We do not use IP addresses to identify individual users.

3. Legal Basis (GDPR Art. 6)

  • Art. 6 (1)(b) – Processing necessary for the performance of a service you requested (Discord OAuth login, bot functionality)
  • Art. 6 (1)(f) – Legitimate interests (security logs, abuse prevention)
  • Art. 6 (1)(a) – Consent (feedback form submission)

4. Data Retention

  • Session data: up to 30 days, or until you log out
  • Bot data (economy, pets): retained until the bot is removed from your server or you request deletion
  • Feedback submissions: processed and not permanently stored
  • Server access logs: up to 30 days

5. Your Rights (GDPR Art. 15–22)

Under GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15) – Request a copy of data we hold about you
  • Right to rectification (Art. 16) – Request correction of inaccurate data
  • Right to erasure (Art. 17) – Request deletion of your data ("right to be forgotten")
  • Right to restriction (Art. 18) – Request restricted processing of your data
  • Right to data portability (Art. 20) – Receive your data in a structured format
  • Right to object (Art. 21) – Object to processing based on legitimate interests

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In Germany, this is the relevant data protection authority of the state of Hamburg.

6. Third-Party Services

  • Discord OAuth2 – Login is handled via Discord's OAuth2 service. Please refer to Discord's Privacy Policy for details on how Discord processes your data.
  • Brevo (Sendinblue) – Used for sending transactional emails (feedback replies). Data is transmitted via Brevo's API in accordance with GDPR.

7. Data Security

Session data is encrypted using AES-256 and stored on a private server located in Germany. The server is not publicly accessible except through the web application. We apply reasonable technical and organizational measures to protect your data.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service constitutes acceptance of the updated policy.

9. Contact

For privacy-related inquiries, contact us at [email protected] or see our Impressum.