Legal

Privacy Policy

What we collect, why we collect it, and what your rights are. Last updated: June 14, 2026.

01

Introduction

NOS ("NOS", "we", "us", "our") is a Discord bot that provides welcome messages, leaderboards, starboard highlights, lootable item drops, multiplayer fishing sessions, mini-games, and fun slash commands. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.

02

Data We Collect

When you add NOS to your Discord server or interact with it, we may collect and store:

  • Discord User IDs — to track leaderboard points, lootable drops, fishing catches, mini-game scores, and other bot interactions.
  • Discord Server (Guild) IDs — to store per-server configuration and settings.
  • Message metadata — message counts for XP and leaderboard purposes. We do not store message content.
  • Reaction metadata — reaction counts used for starboard triggers and leaderboard points. We do not store the content of reactions beyond the emoji identifier and the associated message ID.
  • Message IDs — for starboard entries, to reference the original message and track its highlight state.
  • Server configuration — settings you configure via the dashboard (welcome message rules, starboard rules, module toggles, enabled features, etc.).
  • OAuth2 data — when you log in to the dashboard, we receive your Discord username, avatar, and server list via Discord OAuth2. We use this solely for authentication and displaying your servers.
03

How We Use Your Data

  • To provide and operate bot features (welcome messages, leaderboards, starboard, lootables, fishing, mini-games, etc.).
  • To display leaderboard rankings and lootable inventories.
  • To power the web dashboard and allow server configuration.
  • To improve the bot's performance and fix bugs.

We do not sell, trade, or share your data with third parties. We do not use your data for advertising or profiling.

04

Third-Party Processors

4a. Payments & Stripe

When you subscribe to NOS (€1.99/month), payments are processed by Stripe, Inc., an independent payment processor. We do not receive or store your full credit card number, CVV, or bank details. We only receive the minimum information needed to manage your subscription:

  • A Stripe customer and subscription identifier (used to look up your plan).
  • Subscription status (active, past_due, cancelled), billing period, and renewal date.
  • The Discord user ID linked to the subscription.
  • The last 4 digits and brand of the payment method (for display in the billing portal), if returned by Stripe.
  • Country and tax status as required for tax compliance.

Full payment details are collected, stored, and processed by Stripe under their own privacy policy.

4b. Dashboard Cookies & Sessions

The NOS dashboard uses strictly necessary cookies to operate:

  • A session cookie to keep you logged in after you authenticate with Discord OAuth2.
  • A CSRF-protection token.

We do not use advertising cookies, cross-site tracking pixels, or third-party marketing trackers on the dashboard.

05

Data Storage & Security

Your data is stored in a PostgreSQL database on a secure, privately-managed server. We implement the following security measures:

  • Encryption in transit — All connections between the bot, API, and database use SSL/TLS encryption. No unencrypted connections are accepted.
  • Access controls — The database is not exposed publicly. Access is restricted using SSH with key-based authentication.
  • Regular backups — Database backups are performed regularly and stored securely.

However, no system is 100% secure. We encourage you to use strong passwords and report any security concerns to us immediately.

06

Data Retention

  • Server data is retained as long as NOS is in your server. When the bot is removed, server configuration is deleted within 30 days.
  • User data (leaderboard scores, lootable inventories, mini-game scores, etc.) is retained as long as you are a member of a server using NOS. You can request deletion at any time.
07

Your Rights

You have the right to:

  • Access your data — request a copy of all data we store about you.
  • Delete your data — request complete removal of your user data.
  • Object to processing — for processing based on legitimate interests, you may object at any time.
  • Portability — receive your personal data in a structured, commonly used, machine-readable format.

As the operator is based in Germany, you also have the right to lodge a complaint with the competent supervisory authority: Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW).

To exercise any of the above rights, contact us at hello@nos.bot or via our Discord support server.

08

Children's Privacy

NOS is intended for users who meet Discord's minimum age requirement (13 years or older, depending on jurisdiction). We do not knowingly collect data from children under 13.

09

Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be announced on our Discord support server. Continued use of NOS after changes constitutes acceptance of the updated policy.