Terms of Service and Privacy Notice

Effective date: 2025-10-11
Applies to: the Liforra website (the “Website”) and the Liforra Discord bot (the “Bot”). Collectively, the “Services”.

Accept and Continue

By clicking “Accept and continue,” you acknowledge that you have read and agree to these Terms of Service and Privacy Notice.

Accept and continue

Who We Are

Controller: Liforra ([email protected]). If you are in the EU/EEA or UK, Liforra is the controller of your personal data processed in connection with the Services.

Scope and Acceptance

By accessing or using the Services, you agree to these Terms of Service and this Privacy Notice (collectively, the “Terms”). If you do not agree, do not use the Services.

Summary

• We collect certain data when you authenticate with the Bot via Discord OAuth to prevent spam and abuse.
• Routine logs are kept for a limited period; incident-related data is kept as long as necessary to enforce bans and protect the Services, with periodic reviews.
• The Website collects aggregated, non-identifiable analytics. Analytics can be disabled by blocking scripts (for example, via uBlock Origin) or by blocking all scripts for our domain.
• We do not use cookies for tracking. A single functional cookie may be set only to remember that you have accepted this notice so it does not reappear.
• You have GDPR/UK GDPR rights such as access, rectification, erasure, restriction, objection, and portability.

Data We Collect (Bot via Discord OAuth)

When you authenticate with the Bot, we may process:

• Discord account identifiers (e.g., user ID, username)
• E-mail address (if provided via approved OAuth scope)
• IP address and timestamp of authentication
• User agent/device information
• Other Discord account metadata provided by the scopes you approve during OAuth

Purposes and Legal Bases

• Security and abuse prevention (anti-spam, rate limiting, ban enforcement, fraud prevention). Legal basis: legitimate interests (GDPR Art. 6(1)(f)).
• Operating the Bot and providing requested functionality. Legal basis: contract necessity (GDPR Art. 6(1)(b)) where applicable.
• Compliance with legal obligations. Legal basis: GDPR Art. 6(1)(c) where applicable.

Retention (Bot)

• Routine security/authentication logs (including IP, user ID, timestamp): retained for up to 90 days, then deleted or anonymized.
• Incident/abuse records (e.g., data tied to confirmed spam, ban evasion, security incidents): retained for the duration of the ban or investigation and reviewed at least every 12 months; deleted when no longer necessary.
• Backups: relevant data may persist in encrypted backups for up to 60 days after deletion from active systems.

Data We Collect (Website)

The Website may collect aggregated usage data to understand service performance and prevent abuse. This may include:

• Browser and device type
• Country/region (coarse location)
• Visited pages and referrers
• Request volumes and timing

You can disable analytics by blocking scripts (e.g., via uBlock Origin) or by blocking all scripts for our domain. Where data is truly anonymized and not reasonably linkable to a person, GDPR does not apply. Where personal data could be involved (e.g., raw IPs in server access logs), we apply the retention rules and legal bases above and minimize collection.

Cookies

We do not use cookies for tracking or analytics. A single functional cookie may be set solely to remember that you have accepted this ToS/Privacy Notice so that it does not reappear on subsequent visits.

Use of Third-Party Services

For security purposes, we may query ip-api.com about an IP address to determine coarse geolocation or network information (e.g., ISP, ASN) to help detect abuse. You should review their terms and privacy policy: ip-api.com legal.

Data Sharing and International Transfers

We do not sell personal data. We may share personal data with:

• Service providers who assist with hosting, security, operations
• Law enforcement or authorities when required by law or to protect our rights, users, or the public

If personal data is transferred outside the EU/EEA/UK, we will rely on appropriate safeguards (e.g., adequacy decisions or Standard Contractual Clauses) as required by law.

Your Rights (GDPR/UK GDPR)

Subject to conditions and applicable law, you have the right to request access, rectification, erasure, restriction, objection (including to processing based on legitimate interests), and data portability. You also have the right to lodge a complaint with your local supervisory authority.

To exercise your rights, contact: [email protected]. You may also contact us on Signal at @liforra.01. We will respond without undue delay and within one month of receipt of a valid request. If more time is needed due to complexity or number of requests, we may extend by up to two further months and will inform you of the extension and reasons. We may need to verify your identity.

Prohibited Use and Enforcement

You must not use the Services to harass, spam, abuse, infringe intellectual property, or violate law or platform policies (including Discord’s Terms and Guidelines). We may suspend or ban users and retain incident-related data as described above to enforce these Terms.

Changes to These Terms

We may update these Terms from time to time. If we make material changes, we will take appropriate steps to notify you (e.g., via the Website or Bot). Continued use of the Services after changes take effect constitutes acceptance of the updated Terms.

Accept and Continue

By clicking “Accept and continue,” you acknowledge that you have read and agree to these Terms of Service and Privacy Notice.

Accept and continue