This privacy policy informs you about the nature, scope, and purpose of the processing of personal data within our online offering and the websites, functions, and content associated with it (hereinafter collectively referred to as "ORBT" or "Service"). With regard to the terminology used, such as "personal data" or their "processing", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR / DSGVO).
§ 1 Controller
The controller within the meaning of Art. 4 (7) GDPR is: Connor Welge Grandweg 122c 22529 Hamburg Deutschland (Germany) Email: [email protected] Phone: +49 151 70526005
§ 2 Types of Data Processed
We process the following categories of personal data: • Discord account data: User ID, username, display name, avatar hash, and the list of Discord servers you manage (obtained via Discord OAuth2). • Server configuration data: Module settings, message templates, modal templates, custom commands, and other configurations you create within the dashboard. • Usage data: Access logs, IP addresses, browser type, referring URLs, date and time of access, and pages visited (collected automatically for security and operation). • Payment data: When purchasing premium subscriptions, transaction identifiers, subscription status, and your Discord user ID are stored. Payment details (credit card numbers, billing address) are exclusively processed by our Merchant of Record, Polar SH Inc., and are never stored on our servers. • Ticket transcripts: When the ticket module is enabled, transcript data including message content, user IDs, usernames, and timestamps of ticket interactions are stored. • Referral Program data: When you share a referral link and another user invites the bot through it, your Discord user ID is stored as the "referrer" on the referred guild after that guild upgrades to Premium. The referred guild's ID, the Polar subscription identifier, and a generated discount-code identifier are stored alongside, together with timestamps. See § 11a for details and § 11 for retention periods.
§ 3 Legal Bases for Processing
We process personal data in accordance with the following legal bases: • Art. 6 (1) (b) GDPR — Performance of contract: Processing is necessary to provide the ORBT service, including authenticating you via Discord OAuth2, storing your server configurations, and managing premium subscriptions. • Art. 6 (1) (f) GDPR — Legitimate interests: Processing is necessary for the purposes of our legitimate interests, including ensuring the security and stability of the service, preventing abuse, and improving the service. Your interests, fundamental rights, and freedoms do not override these interests. • Art. 6 (1) (a) GDPR — Consent: Where we rely on your consent, you have the right to withdraw it at any time with effect for the future.
§ 4 Discord OAuth2 Authentication
To use the ORBT dashboard, you must authenticate via Discord OAuth2. During this process, Discord transmits the following data to us: your Discord user ID, username, display name, avatar, and a list of servers where you have management permissions. This data is used exclusively to identify you, determine which servers you may manage, and display your profile in the dashboard. We do not access your Discord password, messages, or any data beyond the scopes explicitly requested during authorization. Legal basis: Art. 6 (1) (b) GDPR (performance of contract).
§ 5 Discord Bot Data Processing
The ORBT Discord bot processes data within Discord servers where it has been installed by an authorized administrator. This includes: • Message events: The bot processes message content in real time to execute configured modules (e.g., moderation, auto-moderation, leveling). Message content is not persistently stored unless explicitly configured (e.g., logging module, ticket transcripts). • Member events: Join/leave events, role changes, and username updates are processed for modules such as welcome messages, greetings, and logging. • Moderation actions: When moderation actions are taken, the target user ID, moderator user ID, reason, and timestamp are logged. Server administrators are responsible for informing their community members about the use of the ORBT bot in accordance with Art. 13/14 GDPR. Where ORBT processes personal data on behalf of a server administrator (e.g., storing ticket transcripts or logging data under the administrator's configuration), a data processing agreement pursuant to Art. 28 GDPR is available upon request at [email protected]. Legal basis: Art. 6 (1) (b) GDPR and Art. 6 (1) (f) GDPR.
§ 6 Cookies and Local Storage
The ORBT dashboard uses two categories of cookies / local storage: A. Strictly necessary (no consent required, § 25 Abs. 2 Nr. 2 TDDDG): • Session cookie (Auth.js): Maintains your authenticated session after Discord OAuth2 login. Essential for operating the service. • TikTok OAuth state cookie: Short-lived CSRF protection token (~10 minutes) for the TikTok Login Kit flow used by the Social Messages module. Only set when you initiate a TikTok connection. B. Functional user preferences (treated as necessary because they store choices you explicitly made): • `NEXT_LOCALE` (cookie, 1 year): Your selected dashboard language (en / de). • `theme` (local storage): Your selected colour scheme (light / dark). • `orbt:contentWidth` (local storage): Your dashboard content-width preference. • `orbt:sound` (local storage): Your landing-page audio preferences (mute / volume). • `orbt-servers-view` (local storage): Whether the server list is rendered as grid or list. • `votePromptShown` (session storage, current tab only): Suppresses repeat showings of the top.gg vote popup within one session. C. Requires consent (set only after you opt in): • `orbt-ref` (cookie, 30 days): Set when you visit a referral link `/invite?ref=<id>` AND click "Allow cookie" on the consent banner that appears before the bot-invite redirect. Stores the referrer's Discord user ID so a subsequent Premium purchase can credit them under the Referral Program (see § 11a). You can decline; the bot invite continues to work either way. Your decision is remembered in local storage (`orbt:cookie-consent`) so you are not asked again on subsequent referral-link clicks. No tracking cookies, analytics cookies, or advertising cookies are used. No third-party tracking scripts are embedded. The dashboard does not use Google Analytics, Meta Pixel, or comparable services. Legal basis: § 25 Abs. 1 TDDDG (consent) for the referral cookie; § 25 Abs. 2 Nr. 2 TDDDG (strictly necessary) for the session and CSRF cookies; the functional preferences are treated under § 25 Abs. 2 Nr. 2 TDDDG as necessary to deliver the dashboard in the configuration the user explicitly requested.
§ 7 Payment Processing
Premium subscriptions are processed by Polar SH Inc. ("Polar"), which acts as the Merchant of Record. When you purchase a premium subscription, Polar collects and processes your payment information (e.g., credit card details, billing address) directly. We do not have access to your full payment details. We receive and store the following data from Polar: your Polar customer ID, subscription ID, subscription status, and the Discord user ID associated with the purchase. This data is used to activate and manage premium features for your server. Polar processes data in accordance with their own privacy policy. We recommend reviewing their privacy policy before completing a purchase. Legal basis: Art. 6 (1) (b) GDPR (performance of contract).
§ 8 AI Assistant (Anthropic)
The ORBT dashboard includes an AI assistant feature that allows you to ask questions about your server configuration in natural language. When you use this feature, the content of your messages together with a system prompt and relevant server context is transmitted to Anthropic PBC ("Anthropic"), 548 Market St, PMB 90375, San Francisco, CA 94104, USA, for the sole purpose of generating a response. • Provider: Anthropic PBC (USA). • Third-country transfer: Processing takes place via the Anthropic API, which is hosted in the United States. Transfers are safeguarded by Anthropic's participation in the EU-U.S. Data Privacy Framework and by the Standard Contractual Clauses (Art. 46 (2) (c) GDPR) incorporated into Anthropic's Commercial Terms and Data Processing Addendum. • Model training: Anthropic does not use data submitted through the commercial API for training its foundation models. • Session retention: To maintain conversational context, the last up to 50 messages of a conversation are stored in our Redis cache under a key tied to your Discord user ID and the selected server. Session data is automatically deleted 7 days after the last activity. • Categories of data transmitted: the text you enter, the names and identifiers of Discord resources referenced by the assistant (e.g., server name, channel names, role names), and your selected locale. Legal basis: Art. 6 (1) (b) GDPR (performance of the contract for the dashboard feature you requested).
§ 9 Social Messages Module (Third-Party Platform Integrations)
The Social Messages module is an opt-in feature that posts a Discord notification in a designated channel when a configured creator publishes new content on YouTube, Twitch, Bluesky, or TikTok. For YouTube, Twitch, and Bluesky, ORBT polls only public information (channel feeds, livestream APIs, public posts) using either no authentication or app-level credentials we hold. No personal data of the creator is transmitted from your account to those platforms. For TikTok, the Display API requires the creator to grant ORBT access via TikTok Login Kit (per-user OAuth). The grant is initiated by the creator clicking "Connect TikTok account" in the dashboard and authorizing on TikTok's side. The following data is then stored and processed: • Scopes requested: user.info.basic (creator open ID, display name, avatar URL) and video.list (most recent videos). • Tokens stored: an access token (~24 h lifetime) and a refresh token (~365 days lifetime) along with their expiry timestamps. Tokens are encrypted at rest with AES-256-GCM before being written to our PostgreSQL database; the encryption key is held only on the bot server. • Refresh: the bot calls TikTok's /v2/oauth/token/ endpoint approximately every 24 hours to obtain a fresh access token; no further interaction with the creator is required. • Use: the bot polls /v2/video/list/ every 5 minutes to detect new uploads. When a new video is found, an embed (title, description, cover image, link back to TikTok) is posted in the configured Discord channel. ORBT does not download, redistribute, or modify TikTok video content. • Deletion: stored tokens are deleted permanently when (a) the creator removes the TikTok subscription from the dashboard, (b) the bot is removed from the Discord server, or (c) the creator revokes ORBT's grant from TikTok's privacy settings (https://www.tiktok.com/setting/privacy-and-data). In case (c) ORBT detects the revocation on the next refresh attempt and discards the tokens. Provider: TikTok Pte. Ltd. (Singapore) and, for users in the EEA, its affiliate TikTok Technology Limited (Ireland). Legal basis: Art. 6 (1) (a) GDPR (consent — the OAuth authorization is the creator's explicit consent for ORBT to access their TikTok data on their behalf) and Art. 6 (1) (b) GDPR (performance of the notification feature contracted by the server administrator).
§ 10 Hosting and Infrastructure
The ORBT application servers (bot, dashboard, PostgreSQL database, Redis cache) are hosted on a dedicated virtual server provided by OVH SAS, 2 rue Kellermann, 59100 Roubaix, France, located within the European Union. Deployment and orchestration on that server are managed with Dokploy, a self-hosted open-source tool operated by us. DNS resolution and traffic routing are handled by Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare acts as a reverse proxy and CDN; request data (including IP address, requested URL, HTTP headers, user agent) passes through Cloudflare's global network. Cloudflare participates in the EU-U.S. Data Privacy Framework. The domain orbt.gg is registered through Spaceship, Inc. Spaceship acts solely as domain registrar and does not process traffic or content data. Access logs (IP address, timestamp, requested URL, HTTP status code, user agent) are collected automatically by the web server for security purposes and to ensure the stability of the service. These logs are retained for a maximum of 14 days and are then automatically deleted. Encryption at rest: Personal data that constitutes Discord-Developer-Policy "potentially sensitive user information" is encrypted at the application layer with AES-256-GCM before being written to the PostgreSQL database. This applies to ticket transcripts (message content, author username and avatar URL), audit-log records of dashboard administrator actions (acting administrator's username and avatar hash), moderation case reasons, ticket close reasons, unban-request user submissions, and unban-request moderator decision reasons. Third-party OAuth credentials processed by the Social Messages module (TikTok access and refresh tokens) are likewise encrypted. The encryption key is held only on the bot server, separate from the database, and is never shared with any third party. Read paths transparently decrypt these values as part of the service-layer code, so the encryption is invisible to authorised users of the dashboard. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in security and stability of the service).
§ 11 Data Retention
• Server configurations: Retained for as long as the ORBT bot is installed on the respective Discord server. When the bot is removed from a server, associated configuration data is deleted within 30 days. • Account data: Retained for as long as you use the service. You may request deletion at any time. • Ticket transcripts: Retained for as long as the server remains active on ORBT. Server administrators may delete individual transcripts at any time. • AI assistant sessions: Automatically deleted 7 days after the last activity. • TikTok OAuth tokens: Encrypted at rest and continuously refreshed while the subscription is active. Permanently deleted within 24 hours of subscription removal, bot removal from the server, or grant revocation by the creator on TikTok's side. • Payment/subscription data: Subscription identifiers and status are retained for the duration of the subscription and for an additional period as required by applicable tax and commercial law (§ 147 AO, § 257 HGB — up to 10 years for invoicing records). • Server access logs: Automatically deleted after 14 days. • Referral attribution cookie: The `orbt-ref` cookie is stored on your device for 30 days from the last click on a referral link. You may delete it at any time via your browser's cookie settings. • Referral records (referrer ID, referred guild ID, Polar subscription ID, reward code identifier): Retained for as long as the underlying Premium subscription is active. Reward code records are kept for a minimum of 24 months from issue (matching Polar's refund/chargeback window) and then anonymised.
§ 11a Referral Program
ORBT operates an opt-in Referral Program that rewards registered users with discount codes when servers they refer upgrade to a paid Premium subscription. The rules of the program are set out in our Terms of Service (§ 5a). This section describes the personal-data aspect of that program. Attribution mechanism: When you visit `/invite?ref=<your-Discord-ID>`, you are taken to a consent interstitial that explains the cookie before any storage takes place. If you click "Allow cookie", a first-party cookie named `orbt-ref` containing the referrer's Discord user ID is set on your browser for 30 days. The cookie is sent only with first-party requests (`SameSite=Lax`). If you decline, no cookie is set and the bot invite proceeds normally — only the referrer's reward is forfeited. Your decision is remembered in local storage (`orbt:cookie-consent`) so the banner is shown at most once per browser. Server-side processing: When a logged-in user later initiates a Premium purchase through the dashboard, the cookie's value is forwarded as `metadata.referrerId` to our payment processor (Polar SH Inc.) as part of the checkout request. Upon receipt of the corresponding `subscription.created` event from Polar, we (a) verify that the referrer and the buyer are different Discord accounts (self-referrals are excluded), (b) generate a single-use Polar discount code, and (c) store a Referral record (referrer Discord user ID, referred guild ID, Polar subscription identifier, generated discount-code identifier, timestamps) together with a ReferralReward record (referrer Discord user ID, discount code, status, expiry). Purpose: Operate the Referral Program as described in the Terms of Service — specifically, identify which user is owed a reward, issue and track the discount code, and revoke the reward in case of refund. Legal basis: Art. 6 (1) (b) GDPR (performance of the contract for participation in the Referral Program, which forms part of the dashboard service). Recipients: Polar SH Inc. (USA) receives the `referrerId` field as checkout metadata in order to attach it to the resulting subscription record. No other third party receives referral data. Retention: See § 11 (“Referral attribution cookie” and “Referral records”). You may withdraw from the Referral Program by clearing the `orbt-ref` cookie or by contacting us at [email protected].
§ 12 Your Rights as a Data Subject
Under the GDPR, you have the following rights regarding your personal data: • Right of access (Art. 15 GDPR): You have the right to request confirmation as to whether personal data concerning you is being processed and, if so, to receive information about that data and a copy thereof. • Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate personal data and the completion of incomplete data. • Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data, provided no legal retention obligations or overriding legitimate interests apply. • Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data under certain conditions. • Right to data portability (Art. 20 GDPR): You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to transmit that data to another controller. • Right to object (Art. 21 GDPR): You have the right to object to the processing of your personal data based on Art. 6 (1) (f) GDPR at any time, on grounds relating to your particular situation. • Right to withdraw consent (Art. 7 (3) GDPR): Where processing is based on your consent, you may withdraw that consent at any time with effect for the future. To exercise any of these rights, please contact us at [email protected].
§ 13 Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR (Art. 77 GDPR). The competent supervisory authority for us is: Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit Ludwig-Erhard-Str. 22, 7. OG 20459 Hamburg https://datenschutz-hamburg.de Email: [email protected]
§ 14 Subprocessors
We use the following subprocessors to provide the Service. Each has been vetted for GDPR-adequate safeguards: • Discord Inc. (USA) — platform provider; processes OAuth2 authentication data and all bot interactions. Safeguard: EU-U.S. Data Privacy Framework. • Polar SH Inc. (USA) — Merchant of Record for premium subscriptions; processes payment and billing data. Safeguard: EU-U.S. Data Privacy Framework / Standard Contractual Clauses. • Anthropic PBC (USA) — AI provider for the dashboard assistant; processes conversation text. Safeguard: EU-U.S. Data Privacy Framework / Standard Contractual Clauses. • TikTok Pte. Ltd. (Singapore) and TikTok Technology Limited (Ireland) — Display API for the Social Messages module. Only invoked for creators who explicitly authorize ORBT via the TikTok OAuth flow; processes the creator's OAuth tokens, public profile fields and video metadata. Safeguard: Standard Contractual Clauses per TikTok's Developer Terms; primary processing for EEA users by TikTok's Irish entity. • Cloudflare, Inc. (USA) — DNS, CDN, reverse proxy; processes request metadata including IP addresses. Safeguard: EU-U.S. Data Privacy Framework. • OVH SAS (France, EU) — infrastructure hosting for application servers and databases. No third-country transfer. An up-to-date list is available on request at [email protected].
§ 15 Data Transfers to Third Countries
Processing of personal data takes place primarily within the European Union. Transfers to third countries occur only where necessary to provide the Service and are safeguarded as follows: • Discord Inc. (USA) — Discord OAuth2 authentication and bot interactions. Safeguard: EU-U.S. Data Privacy Framework (Art. 45 GDPR). • Polar SH Inc. (USA) — payment processing. Safeguard: EU-U.S. Data Privacy Framework and/or Standard Contractual Clauses (Art. 46 (2) (c) GDPR). • Anthropic PBC (USA) — AI assistant requests. Safeguard: EU-U.S. Data Privacy Framework and Standard Contractual Clauses. • TikTok Pte. Ltd. / TikTok Technology Limited — TikTok Display API. Primary processing for EEA users by the Irish entity; onward transfers to ByteDance affiliates outside the EU safeguarded by Standard Contractual Clauses per TikTok's published Developer Terms (Art. 46 (2) (c) GDPR). • Cloudflare, Inc. (USA) — DNS/CDN/reverse proxy. Safeguard: EU-U.S. Data Privacy Framework. A copy of the applicable Standard Contractual Clauses can be requested at [email protected]. Apart from the above, personal data is not transferred to countries outside the European Economic Area (EEA).
§ 16 Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our data processing practices or applicable law. The date of the most recent update is indicated at the top of this page. We encourage you to review this policy periodically. Material changes will be communicated through the dashboard or via email where appropriate.