privacy policy (global compliance)
last updated: december 16, 2025
cryptic bot ("service provider," "we," "us," or "our") is committed to the protection of personal information in accordance with applicable privacy laws and regulations worldwide, including but not limited to: the new zealand privacy act 2020, the european union's general data protection regulation (gdpr), the california consumer privacy act (ccpa), and other us state privacy laws. this privacy policy ("policy") sets forth the principles and practices governing the collection, use, storage, disclosure, access, correction, and security of personal information collected through the provision of our discord bot service ("service"). this policy applies to all users, regardless of geographic location, and we comply with the highest privacy standards required by your jurisdiction.
we collect personal information only where such collection is necessary, proportionate, and lawful. we collect the following categories of information:
personal information is used and disclosed only for lawful purposes directly related to the provision of our service, including:
we do not sell, lease, or commercially trade personal information. disclosure to third parties occurs only where legally required or where a user has provided explicit consent.
we take reasonable steps to ensure that personal information collected is accurate, complete, and up-to-date. where inaccuracy is identified, we shall correct such information promptly. users may request verification and correction of their personal information at any time by contacting us through official channels.
we implement industry-standard technical, administrative, and physical safeguards to protect personal information from unauthorized access, modification, disclosure, or destruction. these measures include encryption, secure data storage, access controls, and regular security audits. notwithstanding these measures, no security system is impenetrable. in the event of a data breach, we shall notify affected users in accordance with applicable privacy legislation without unreasonable delay.
we maintain transparent practices regarding the collection and use of personal information. this policy clearly outlines our data handling practices. users are entitled to request information about what personal data we hold and how it is being used. we are committed to transparency and shall respond to all reasonable requests for information.
users have the right to:
requests must be submitted in writing to our official discord server. we shall respond to such requests within thirty (30) calendar days or provide notice of delay with reasonable justification, in accordance with gdpr (45 days) and ccpa (45 days) requirements.
we utilize discord-assigned user identifiers as the primary means of tracking personal information. these identifiers are used solely to maintain the integrity and functionality of our service. we do not use such identifiers for purposes of offline identification or tracking.
users may utilize the service with minimal personal information disclosure. however, certain features and functionality may require collection of specified information. users who wish to maintain anonymity should note that such limitation may restrict access to certain advanced features.
we accept full responsibility and accountability for the handling of personal information in accordance with this policy and applicable privacy legislation. we maintain systems and processes to ensure compliance with privacy principles. internal audits are conducted regularly to ensure adherence to stated practices.
personal information is retained only for so long as necessary to fulfill the purposes for which it was collected. general usage data is retained for a maximum of twelve (12) months following last service interaction. legal retention obligations may necessitate extended retention periods. upon termination of the service, user data shall be deleted or de-identified within ninety (90) days unless legal retention requirements apply.
personal information may be transferred to, stored in, or processed in jurisdictions outside new zealand, including the united states, in connection with the operation of our discord-based service. by using the service, you consent to such transfers. we ensure that such transfers are conducted in accordance with applicable privacy legislation and with appropriate safeguards in place.
the service is not directed to individuals under the age of thirteen (13). we do not knowingly collect personal information from children under thirteen. if we become aware that a child under thirteen has provided personal information, we shall delete such information immediately and notify the user.
we reserve the right to modify this policy at any time. material modifications shall be communicated to users through our official discord server. your continued use of the service following such modifications constitutes acceptance of the amended policy. users should review this policy periodically to remain informed of any changes.
european union (gdpr): if you are located in the eu, your personal data is protected under the gdpr. we comply with all requirements including lawful basis for processing, data protection impact assessments, and appointment of a data protection officer where required. transfers outside the eu are made with appropriate safeguards in place.
united states (ccpa/cpra and state laws): if you are a california resident, you have rights under the ccpa, including the right to know, delete, and opt-out. we comply with all us state privacy laws including laws in virginia, colorado, connecticut, utah, and montana. we do not sell personal information as defined by these statutes.
new zealand (privacy act 2020): if you are located in new zealand, your information is protected under the privacy act 2020. we comply with all privacy principles outlined in that legislation.
we apply the highest standard of protection required by your jurisdiction's laws.
if you believe we have not complied with this policy or applicable privacy legislation, you may lodge a complaint by contacting us through our discord server. we shall investigate the matter in good faith and respond within thirty (30) days with our findings and any remedial actions undertaken.
eu users: you may lodge a complaint with your local data protection authority (dpa) or the european data protection board (edpb).
us users: you may lodge a complaint with the federal trade commission (ftc) at www.ftc.gov or your state's attorney general.
new zealand users: you may lodge a complaint with the privacy commissioner of new zealand at www.privacy.org.nz.
for inquiries regarding this privacy policy, requests for access to personal information, complaints, or other privacy-related matters, please contact us through our official discord server. correspondence shall be responded to within ten (10) working days.