LogoDutiesBot

Last update: April 9, 2026

Privacy Policy

This Privacy Policy describes how DutiesBot collects, stores, and protects your data when you use the dutiesbot.com website, the Dashboard, or the Bot.
By accessing the Website, using the Bot, or accessing the Dashboard, you agree to this Privacy Policy.

If this Privacy Policy is updated, a notice will be posted on our Discord support server.
Changes to this Privacy Policy are effective immediately upon posting.

Table of Contents

About the Project, Operator, and Platform

  • DutiesBot refers to the project as a whole, including both the Dashboard and the Bot.
  • Application refers to DutiesBot as a whole (the Bot and the Dashboard together).
  • ArimDev is the project and team operating DutiesBot and the Website.
  • Discord is a widely known online communication platform for text, voice, and video chat, primarily used for community, gaming, and organizational purposes.
    Official website: https://discord.com/

Definitions

For the purpose of this Privacy Policy:

  • "Website" - all pages on the domain and subdomains of dutiesbot.com, except for the /app/ path.
  • "Dashboard" - the web application accessible at https://dutiesbot.com/app/.
  • "Bot" - the DutiesBot Discord application (bot), which can be invited to a Discord server.
  • "Team" - a database record created for each Discord server that a Client adds to the Application.
  • "Team Admin" - any Discord member who has at least one role configured as an admin role in Team settings by users with Discord Administrator permission.
  • "Member" - any Discord server member who has been explicitly added to the Dashboard by a Team admin.
  • "User" - any natural person or entity accessing or using the Website, Dashboard, or Bot, including but not limited to Team admins and Members.
  • "Client" - a User who either (a) authenticates (logs in) to the Dashboard, or (b) invites the Bot to a Discord server where they have administrator permissions.
  • "Operator", "we", or "us" - ArimDev, the creator and administrator of DutiesBot.

Access to Data

Stored data can be accessed only by Operators.
We do not sell, rent, or share your personal data with third parties for marketing purposes. We only share necessary data with trusted service providers (such as our cloud hosting and database providers) strictly for the purpose of operating the Service, or when required by law or to comply with Terms of Service.

Where and How Data is Stored

All data is stored securely in a third-party cloud database.
No backups of user data exist outside of this secure cloud infrastructure.
The database is protected against unauthorized external access using industry-standard security measures.
However, no system is 100% secure, and we cannot guarantee absolute security.
In the unlikely event of a data breach, we will inform affected users via our Discord support server.

We implement industry-standard security practices to protect your data, including:

  • Encrypted connections (HTTPS/TLS) for all data in transit
  • Encryption of sensitive tokens at rest
  • Session protection using secure cookie settings
  • OAuth2 state verification to reduce CSRF risk during login
  • Server-side authorization checks for guild-specific access to Dashboard and Discord API routes
  • Automatic invalidation of expired or invalid sessions
  • Role-based access control and audit logs for database access
  • Regular monitoring for unauthorized access attempts

Who's Data is Stored

DutiesBot stores data about:

  • Clients who authenticate to the Dashboard,
  • Discord Members explicitly added to Team records by Team Admins,
  • Team configuration records for Discord servers added to the Application.

Data is stored until a valid deletion request is received (see below).

What Data is Stored

Member data (Discord server member explicitly added to a Team):

  • Team ID (Discord guild ID reference)
  • Discord user ID (the only information from Discord)
  • Folder ID
  • Details (custom, as configured by Team admins)
  • Rank
  • Duties
  • Excuses
  • Invoices (if enabled by Team)
  • Strikes and warnings (if recorded by Team Admins)
  • Reputation
  • Rankups
  • Timestamps for creation and update

Team data (database record for Discord server added to the Application):

  • Discord server (guild) ID
  • Server name
  • Owner ID
  • Features
  • Settings
  • Member details
  • Member ranks
  • Timestamps for creation and update

Session data (when you log in to the Dashboard):

(session record is automatically removed after up to 7 days)

  • Session ID
  • Discord user ID
  • Encrypted Discord OAuth2 access token
  • Token type, expiration date
  • Session creation date

We also use temporary, strictly necessary cookies required for the bot setup process (e.g., temporarily storing guild IDs and required permissions during the OAuth2 authorization flow).

How We Use Your Data

We use the collected data exclusively to provide and improve the functionality of the DutiesBot Service. This includes:

  • Authenticating users on the Dashboard via Discord OAuth2.
  • Operating the bot's features (such as managing duties, excuses, folders, and rankups).
  • Customizing the bot's behavior according to the Team Admins' configurations.
  • Analyzing usage via Google Analytics to improve the user experience on the Website.

Data Retention

We retain personal data for as long as it is necessary to provide the Service, or until you request deletion of your data.
Session records are automatically deleted after up to 7 days and may be invalidated earlier when OAuth session validity expires.
Data will only be deleted upon verified user request or if the DutiesBot project is discontinued.

Data Deletion & User Rights

Any User, Client and Member can request deletion of their data at any time.
To request deletion, contact us via:

After verifying your identity and ownership, we will delete your data within a reasonable timeframe.

Age and Usage Policy

DutiesBot is not intended for use by persons prohibited under Discord's Terms of Service.
We do not knowingly store data of users who are not permitted to use Discord. If such a case is discovered, the data will be deleted.

Cookies and Analytics

The Website and Dashboard use Google Analytics to track anonymized usage.

  • If you accept cookies, anonymized analytics data is collected and stored by Google according to their own Privacy Policy.
  • If you deny cookies, your decision is stored in your browser's localStorage and no analytics are collected.

These cookies are not used for advertising or profiling.

Commitment to Your Privacy

We are committed to respecting your rights and privacy.
We do not share, sell, or disclose your data to any third parties except as required by law or for service maintenance and security.

If you are located in the European Union, you are entitled to the following rights under the General Data Protection Regulation (GDPR):

  • The right to access - You have the right to request copies of your personal data.
  • The right to rectification - You have the right to request correction of inaccurate or incomplete information.
  • The right to erasure - You have the right to request that we delete your personal data, subject to service functionality.
  • The right to restrict processing - You have the right to request that we limit the processing of your personal data.
  • The right to data portability - You have the right to request a copy of your personal data in a commonly used electronic format.
  • The right to object - You have the right to object to the processing of your personal data where it is based on our legitimate interests.

To exercise any of these rights, please contact us at [email protected] or via our Discord support server.
We may request verification of your identity before fulfilling your request.

Questions

If you have any questions about the Bot, Dashboard, Website, or this Privacy Policy, feel free to contact us via the Website contact page, [email protected], or our Discord support server.