This privacy policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. Introduction
CIRKUITBREAKER.env ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect about you and how we use it. By using our website and services, you consent to the data practices described in this policy.
We take your privacy seriously and implement security measures to protect your information. This includes logging unauthorized access attempts to maintain system security.
2. Information We Collect
2.1 Account Information
When you authenticate with our service through Discord OAuth or link your Discord account, we collect:
- Discord user ID
- Discord username
- Discord discriminator
- Email address (if provided by Discord or entered for password/account recovery)
- Profile image URL
- Account creation date
- Last login date and time
- Password reset tokens and timestamps (for account recovery)
- Discord account linking data and OAuth tokens
- Admin status and permissions
- Account status (active, banned, suspended)
2.2 Authentication and Security Data
For security purposes, we collect and log:
- IP addresses of all user activity and login attempts (successful and unsuccessful)
- Real IP addresses extracted from multiple proxy headers (X-Forwarded-For, X-Real-IP, CF-Connecting-IP, X-Client-IP)
- Authentication timestamps
- Browser user agent information
- Device information and session tracking
- Session data including active session management
- Security violation history and patterns
- Suspicious activity detection data
- Rate limiting and abuse prevention metrics
- Session activity monitoring and user behavior patterns
- User ban records (temporary and permanent)
- IP ban records and associated data
- Admin action logs and moderation history
2.3 User-Generated Content
We collect content you create while using the platform:
- Messages posted to message boards
- Security violation reports and appeals
- Admin action logs and audit trails
- Message board content and moderation actions
- User reports and feedback
2.4 Private Messaging Data
Our private messaging system collects and stores:
- Message Content: The text content of private messages you send and receive
- Conversation Metadata: Participant lists, conversation creation dates, and last activity timestamps
- Message Metadata: Sender information, timestamps, message delivery status, and read receipts
- Chat Management Data: Conversation settings, participant management, and deletion records
- Message History: Complete conversation histories for as long as conversations are active
- Unread Message Counts: Tracking of unread messages for notification purposes
- Message Search Data: Indexed message content for in-app search functionality
Privacy Notice: Private messages are stored securely in our database with appropriate access controls. Only conversation participants and authorized system administrators can access message content. Messages may be subject to automated content scanning for security and abuse prevention purposes.
Emergency Operator Access: In rare break-glass cases (such as serious abuse reports, legal obligations, security incidents, or imminent safety concerns), designated operators may access private and group chat content only when absolutely necessary. Each event requires a stated reason and is recorded in security audit logs.
2.5 User Preferences
We store preferences to enhance your experience:
- Interface mode preferences (GUI/CLI)
- Radial menu shortcuts and customizations
- Feature unlock status
- Display settings
- Security notification preferences
- Admin dashboard settings
- Push notification subscription data
- UI theme and color preferences
- Email notification preferences (general, marketing, security, updates)
- Email unsubscribe tokens for managing email preferences
2.5 Push Notification Data
If you subscribe to push notifications, we collect:
- Push notification subscription tokens
- Device information for notification delivery
- Notification preferences and settings
- Notification delivery status and analytics
- Subscription management data
2.6 Email Notification Data
For email notifications, we collect and manage:
- Email notification preferences (enabled/disabled by category)
- Email unsubscribe tokens for secure unsubscription
- Email delivery status and analytics
- Category-specific notification settings (marketing, security, updates, general)
- Custom email notification content and delivery logs
2.7 Terminal File System Data
When you use our terminal interface, we collect and store:
- Files and directories you create in your personal workspace
- File content including text files, scripts, and documents
- Directory structures and organizational preferences
- Terminal command history and usage patterns
- Journal entries and personal notes
- File system activity logs and timestamps
- Terminal interface preferences and customizations
2.8 Age Verification Data
To comply with age verification requirements and local regulations, we collect:
- Your date of birth (birthday) for age verification purposes
- Your country or region for determining applicable age requirements
- IP address geolocation data to detect your approximate location
- Age verification status and compliance records
- Account deletion records for users who don't meet age requirements
Important: Birthday information is required for all users to ensure compliance with age of consent laws in your region. We use this information solely for age verification and compliance purposes.
3. How We Use Your Information
We use your information for the following purposes:
- To provide and maintain our service
- To authenticate you and secure your account
- To enable features like message boards and skill progression
- Private Messaging Services: To facilitate secure communication between users, deliver messages, maintain conversation histories, provide search functionality, and send message notifications
- Messaging Notifications: To send email and push alerts for new direct and group chat messages
- To detect and prevent unauthorized access and potential security threats
- To send security alerts to designated operators for immediate attention
- To maintain comprehensive security violation databases and audit trails
- To send password reset and account recovery emails when requested
- To notify you of important account changes (such as username or email updates)
- To improve our platform and user experience
- To personalize your experience and remember your preferences
- To monitor service performance and troubleshoot issues
- To manage user bans and IP restrictions
- To provide admin functionality and user management
- To send push notifications for important updates and security alerts
- To send email notifications based on your preferences and categories
- To moderate content and enforce community guidelines
- To send custom email notifications from the admin panel
- To verify your age and ensure compliance with local age of consent laws
- To detect your location for compliance and regulatory purposes
- To enforce age verification requirements and manage non-compliant accounts
- To provide terminal file system functionality and persistent storage
- To enable file sharing and collaboration features within the terminal
- To backup and recover terminal data in case of system issues
- To monitor terminal activity for security and abuse prevention
- To improve terminal functionality and user experience
4. Data Retention and Security
We retain your data for as long as your account is active or as needed to provide you with our services. We may retain certain information as required by applicable laws.
4.1 Private Messaging Data Retention
Private messaging data is retained according to the following policy:
- Active Conversations: Message content and metadata are retained for the duration of active conversations
- Deleted Messages: When users delete messages, they are removed from the active conversation but may be retained in system backups for up to 30 days
- Deleted Conversations: When conversations are deleted by users, all message content is permanently removed within 7 days
- Account Deletion: When an account is deleted, all private messages sent or received by that user are permanently deleted within 30 days
- Security Violations: Messages involved in security violations may be retained longer for investigation and evidence purposes
- System Backups: Message data may exist in encrypted system backups for up to 90 days for disaster recovery purposes
We implement appropriate security measures, including encryption, to protect your personal information. We log IP addresses of all user activity and unauthorized access attempts to enhance security and protect our systems. Our enhanced IP address collection system extracts real IP addresses from multiple proxy headers to ensure accurate security monitoring and session tracking across various network configurations.
Password and Email Security: Password reset tokens and email addresses are securely stored and encrypted. Password reset links are time-limited and can only be used once. We never store your Discord or platform password in plain text. Email verification is currently disabled for maintenance purposes. Password reset emails and login notification emails are operational and will be sent when requested.
Security Violation Data: Security violations and related data are retained for extended periods to maintain system integrity and prevent repeat offenses. This includes violation history, and security alert records. Such data may be retained even after account deletion to prevent abuse and maintain platform security.
Ban and Restriction Data: User bans, IP bans, and account restrictions are retained to prevent repeat violations and maintain platform security. This data may be retained indefinitely to prevent abuse and protect other users.
Operator Notifications: Security alerts are sent to designated operators via Discord direct messages for immediate attention. These notifications include event details, IP addresses, and user information necessary for security response. Operator notifications are logged for audit purposes and may be retained as part of our security records.
Push Notification Data: Push notification subscription data is retained until you unsubscribe or your account is deleted. Notification delivery logs may be retained for service improvement and troubleshooting purposes.
Email Notification Data: Email notification preferences and unsubscribe tokens are retained until you unsubscribe or your account is deleted. Email delivery logs may be retained for service improvement and troubleshooting purposes. Custom email notification content may be retained for audit purposes and to ensure delivery to intended recipients.
Age Verification Data: Birthday information and country detection data are retained for the duration of your account for compliance purposes. Age verification records and compliance status are retained indefinitely for legal compliance and audit purposes. Account deletion records for non-compliance are retained permanently as required by law.
5. Your Data Protection Rights (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, you have specific rights under the General Data Protection Regulation (GDPR). We also extend these rights to all users regardless of location.
5.1 Your Rights
You have the following rights regarding your personal information:
- Right to Access: You can request a copy of all personal data we hold about you.Request your data export
- Right to Rectification: You can request correction of inaccurate personal information (including username and email)
- Right to Erasure (Right to be Forgotten): You can request deletion of your personal information.Request account deletion
- Right to Restrict Processing: You can request that we limit how we use your personal data
- Right to Data Portability: You can receive your data in a structured, machine-readable format.Download your data
- Right to Object: You can object to certain types of data processing, including direct marketing
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
- The right to unsubscribe from push notifications
- The right to unsubscribe from email notifications
- The right to manage email notification preferences by category
- The right to appeal account bans or restrictions
- The right to update or correct your birthday information if entered incorrectly
- The right to request information about age verification data we hold
- The right to appeal account deletion due to age verification issues
Exercise Your Rights:
You can exercise most of these rights directly through ourGDPR Data Rights page. For other requests, please contact us atour contact page.
We will respond to your request within one month (30 days) as required by GDPR. If your request is complex, we may extend this period by up to two additional months, and we will inform you of any such extension.
Note: Some data, particularly security violation records and ban information, may be retained even after account deletion to maintain platform security and prevent abuse, as permitted by GDPR Article 17(3).
5.2 Legal Basis for Processing (GDPR Article 6)
We process your personal data based on the following legal bases:
- Consent (Article 6(1)(a)): For marketing communications, non-essential cookies, and optional features. You can withdraw consent at any time.
- Contract Performance (Article 6(1)(b)): To provide our services, authenticate users, and fulfill our terms of service.
- Legal Obligation (Article 6(1)(c)): To comply with age verification requirements, tax obligations, and law enforcement requests.
- Legitimate Interests (Article 6(1)(f)): For security monitoring, fraud prevention, abuse detection, and maintaining platform integrity. We balance these interests against your privacy rights.
5.3 Data Transfers Outside the EEA
Our services are hosted in the United States. When we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data processing agreements with third-party service providers
- Encryption of data in transit and at rest
By using our services, you consent to the transfer of your data to the United States and other countries where our service providers operate.
5.4 Data Protection Officer
While we are not required to appoint a Data Protection Officer (DPO) under GDPR, we have designated a data protection contact person. For GDPR-related inquiries, please contact us throughour contact page.
5.5 Supervisory Authority
If you are located in the EEA and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority. You can find your supervisory authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
6. Age Verification and Compliance
Our platform implements age verification systems to ensure compliance with local age of consent laws and regulations. This system is designed to protect minors and ensure all users meet the legal requirements for using our services.
6.1 Age Verification Requirements
To use our services, you must:
- Be at least 13 years old (global minimum requirement)
- Meet the age of consent requirements for your country or region
- Provide accurate birthday information during account creation or update
- Allow us to detect your approximate location for compliance purposes
6.2 How Age Verification Works
Our age verification system operates as follows:
- Birthday Collection: All users must provide their date of birth during registration or account update
- Country Detection: We automatically detect your country using IP geolocation and other methods
- Age Calculation: We calculate your age based on your birthday and current date
- Compliance Check: We verify you meet the age requirements for your detected region
- Account Management: Accounts that don't meet requirements are automatically deleted
6.3 Data Collection for Age Verification
To perform age verification, we collect:
- Birthday Information: Your exact date of birth for age calculation
- Location Data: Country/region detection through IP geolocation
- Verification Records: Logs of verification attempts and results
- Compliance Status: Records of whether you meet age requirements
6.4 Age of Consent by Region
Age of consent requirements vary by country and region. Our system includes a comprehensive database of these requirements and automatically applies the appropriate age limit for your detected location. If we cannot determine your location, we apply a default 18+ age requirement.
6.5 Account Deletion for Non-Compliance
If your account does not meet age verification requirements:
- Your account will be automatically deleted
- All associated data will be permanently removed
- You will not be able to create a new account until you meet age requirements
- Deletion actions are logged for audit and compliance purposes
6.6 Data Retention for Age Verification
Age verification data is retained as follows:
- Birthday Information: Retained for the duration of your account
- Verification Records: Retained for compliance and audit purposes
- Deletion Records: Retained indefinitely for legal compliance
- Location Data: Retained for security and compliance purposes
6.7 Your Rights Regarding Age Verification
You have the right to:
- Update your birthday information if it was entered incorrectly
- Request information about what age verification data we hold
- Appeal account deletion if you believe it was done in error
- Contact us with questions about age verification requirements
Note: We cannot and will not lower age verification requirements or allow users who do not meet the legal age requirements to access our services. This is a legal compliance requirement that we strictly enforce.
7. Cookies and Tracking
We use cookies and similar technologies to maintain your session, remember your preferences, and provide our services. These include:
- Authentication cookies to keep you logged in
- Preference cookies to remember your settings
- Session state cookies to enable site functionality
- Security cookies for session validation
7.1 Website Analytics and User Behavior Tracking
Our platform employs comprehensive analytics and user behavior tracking systems to understand how users interact with our services, improve user experience, and maintain platform security. By using our services, you consent to the collection and processing of analytics data as described in this section.
7.1.1 Analytics Technology and Implementation
We use a custom-built analytics system that operates entirely on our infrastructure:
- Client-Side Tracking: JavaScript-based tracking code runs in your browser to collect analytics data
- Session Management: Unique session identifiers stored in browser sessionStorage and localStorage
- Server-Side Processing: Analytics data is processed and stored securely on our servers
- Real-Time Tracking: Page views and events are tracked in real-time as you navigate our platform
- Bot Detection: Automated systems filter out bot traffic and invalid sessions
7.1.2 Data Collected Through Analytics
Our analytics system collects the following types of data:
Page View Data
- Page Paths: URLs and paths of pages you visit
- View Duration: Time spent on each page (measured in seconds)
- Referrer Information: Websites or sources that directed you to our platform
- Page Load Timestamps: When pages are viewed and how long they remain active
- Navigation Patterns: How you move between pages and features
Session Data
- Session Identifiers: Unique session IDs generated for each browsing session
- Session Duration: Total time spent during a session
- Session Start/End Times: When sessions begin and end
- Session Activity: Number of pages viewed per session
- Session Continuity: Tracking of returning visitors across sessions
Device and Browser Information
- User Agent: Browser type, version, and operating system information
- Device Type: Desktop, mobile, or tablet classification
- Browser Details: Browser name and version
- Operating System: OS type and version
- Screen Resolution: Display dimensions (if available)
Geographic and Network Data
- IP Address: Your IP address for geographic detection and security
- Country Detection: Country/region determined from IP geolocation
- Region Information: Geographic region for analytics and compliance
- Network Information: Proxy headers and connection metadata
User Interaction Events
- Content Clicks: Clicks on music releases, news articles, gallery images, and other content
- External Link Clicks: Clicks on streaming platforms, ticket links, and external articles
- Download Events: EPK downloads, rider downloads, and digital item downloads
- E-commerce Activity: Shop orders and purchase interactions
- Game Activity: Data Bounce game scores and leaderboard participation
- Feature Usage: Use of specific platform features and tools
- Admin Actions: Administrative actions performed by authorized users
Content-Specific Tracking
- Release Interactions: Which music releases are viewed and clicked
- News Article Clicks: Which news and press articles are accessed
- Gallery Image Views: Which gallery images are viewed
- Streaming Platform Clicks: Which platforms (Spotify, Apple Music, etc.) are accessed
- Radio Station Plays: Which radio stations are listened to
- Ticket Link Clicks: Which event ticket pages are accessed
7.1.3 How Analytics Data is Collected
Analytics data is collected through multiple methods:
- Automatic Page View Tracking: Every page navigation automatically triggers analytics collection
- Event Listeners: JavaScript event listeners capture user interactions (clicks, downloads, etc.)
- Session Storage: Session IDs stored in browser sessionStorage for session continuity
- Local Storage: Persistent session identifiers in localStorage for returning visitor tracking
- Visibility API: Tracks when pages are visible/hidden to measure accurate view duration
- BeforeUnload Events: Captures session end data when users leave the platform
- API Endpoints: All analytics data is sent to secure API endpoints for processing
7.1.4 How We Use Analytics Data
Analytics data is used for the following purposes:
- Service Improvement: Understanding user behavior to improve platform functionality and user experience
- Content Optimization: Identifying popular content and optimizing content delivery
- Performance Monitoring: Tracking site performance, load times, and technical issues
- Security Analysis: Detecting suspicious activity, bot traffic, and security threats
- Traffic Analysis: Understanding where visitors come from and how they discover our platform
- Geographic Insights: Understanding our global audience and regional preferences
- Feature Usage: Measuring which features are most popular and which need improvement
- Business Intelligence: Generating reports for administrative decision-making
- Compliance: Maintaining records for legal and regulatory compliance
7.1.5 Analytics Data Storage and Retention
Analytics data is stored and retained as follows:
- Database Storage: All analytics data is stored securely in our database
- Data Aggregation: Raw data is aggregated into daily, weekly, and monthly statistics
- Retention Period: Detailed analytics data is retained for extended periods for trend analysis
- Aggregated Reports: Summary statistics and reports are retained indefinitely for historical analysis
- Anonymization: IP addresses and personal identifiers may be anonymized in aggregated reports
- Backup Storage: Analytics data may exist in encrypted backups for disaster recovery
7.1.6 Bot Detection and Filtering
Our analytics system includes sophisticated bot detection to ensure accurate data:
- User Agent Analysis: Detection of known bot user agents and crawlers
- Behavioral Analysis: Identification of non-human browsing patterns
- Session Validation: Filtering of sessions with suspiciously short durations or patterns
- Traffic Filtering: Exclusion of bot traffic from analytics reports and statistics
- Security Monitoring: Bot detection data used for security threat identification
7.1.7 Analytics Data Sharing
Analytics data is used internally and may be shared in the following circumstances:
- Internal Use: Analytics data is primarily used by our team for service improvement
- Aggregated Reports: Summary statistics may be shared in public reports (without personal identifiers)
- Administrative Access: Authorized administrators have access to analytics dashboards
- Legal Requirements: Analytics data may be shared if required by law or legal process
- Service Providers: Third-party hosting and database providers may have technical access to stored data
Important: We do not sell analytics data to third parties. All analytics data remains under our control and is used solely for the purposes described in this policy.
7.1.8 Your Rights Regarding Analytics Data
You have the following rights regarding analytics data:
- Transparency: Right to know what analytics data is collected (this section provides that information)
- Access: Right to request information about analytics data collected about your sessions
- Opt-Out: You can disable JavaScript or use browser extensions to block analytics tracking
- Data Deletion: Analytics data associated with your account may be deleted upon account deletion
- Privacy Controls: Browser privacy settings can limit some analytics data collection
Note: Some analytics data collection is essential for platform functionality and security. Disabling analytics tracking may affect your ability to use certain features. Anonymous session data may still be collected for security purposes even if you opt out of detailed analytics.
7.1.9 Analytics and Privacy
We are committed to protecting your privacy while collecting analytics data:
- Minimal Data Collection: We only collect data necessary for analytics purposes
- No Personal Identification: Analytics data is not used to personally identify individual users
- Aggregated Analysis: Most analytics reports use aggregated, anonymized data
- Secure Storage: All analytics data is encrypted and stored securely
- Access Controls: Strict access controls limit who can view detailed analytics data
- GDPR Compliance: Analytics data collection complies with GDPR and other privacy regulations
7.1.10 Analytics Technology Details
Technical details about our analytics implementation:
- Client-Side Library: Custom-built React component (`AnalyticsTracker`) for page view tracking
- Event Tracking: Custom JavaScript functions for tracking clicks and interactions
- Session Management: Browser-based session ID generation and storage
- API Endpoints: RESTful API endpoints (`/api/analytics/track`) for data submission
- Database: Prisma ORM with PostgreSQL for data storage
- Processing: Server-side processing and aggregation of analytics events
- Reporting: Custom admin dashboard for viewing analytics reports and statistics
Open Source: Our analytics system is custom-built and operates entirely on our infrastructure. We do not use third-party analytics services like Google Analytics. All analytics data remains under our control.
8. Third-Party Services
Our service integrates with Discord for authentication, account linking, and security operations. When you use Discord to log in or link your account, their Privacy Policy also applies to the information they collect. We encourage you to review Discord's Privacy Policy.
Discord Security Integration: Our security system integrates with Discord servers to automatically respond to security violations. This may include kicking, banning, muting, or warning users based on detected security threats. These actions are logged and may be shared with Discord for security purposes. Discord server administrators may also receive notifications about security events affecting their servers.
Discord Account Linking: You can link your Discord account to your existing CIRKUITBREAKER.env account through our OAuth integration. When you link your Discord account, we collect and store your Discord user ID, username, discriminator, and profile image. This linking allows for enhanced authentication and security features. You can unlink your Discord account at any time through your account settings.
Operator Notifications: Security alerts are sent to designated operators via Discord direct messages. These notifications include detailed information about security events, including IP addresses, user details, and event context necessary for security response.
Push Notification Services: We use third-party push notification services to deliver notifications to your device. These services may collect device information and delivery analytics to improve notification delivery.
Email Services: We use Resend for email delivery services. Resend may collect delivery analytics and technical information to improve email delivery. All emails include unsubscribe links and respect your email notification preferences.
Geolocation Services: We use ipapi.co for IP geolocation to detect your country for age verification compliance. This service may collect IP addresses and location data to provide accurate country detection. We also use fallback methods including user agent analysis and accept-language header parsing when geolocation services are unavailable.
9. IP Address Collection and Session Tracking
Our platform employs advanced IP address collection and session tracking systems to enhance security and provide comprehensive user activity monitoring. By using our services, you acknowledge and consent to these enhanced tracking capabilities.
8.1 Enhanced IP Address Collection
We collect and track IP addresses using multiple methods to ensure accurate identification:
- Real IP address extraction from multiple proxy headers (X-Forwarded-For, X-Real-IP, CF-Connecting-IP, X-Client-IP)
- Fallback mechanisms to handle various network configurations and proxy setups
- IP address tracking across VPNs, proxy networks, and cloud services
- Session correlation using IP addresses for security analysis
- Cross-session IP address monitoring for threat detection
- IP ban enforcement and tracking
8.2 Session Activity Monitoring
We continuously track user session activity for security and service improvement:
- Real-time session activity logging and analysis
- User behavior pattern recognition and anomaly detection
- Session state tracking across page navigation and feature usage
- Device and browser fingerprinting for session correlation
- Session termination and management capabilities
- Admin session monitoring and audit trails
8.3 IP-Based User Blocking
Our platform implements IP-based blocking to enhance user privacy and prevent harassment:
- User Blocking: When users block others, their IP addresses are tracked and stored
- IP Persistence: Blocking persists across new accounts created from the same IP address
- Access Control: Blocked users cannot access the blocker's ID card or profile information
- Circumvention Prevention: IP tracking prevents users from creating new accounts to bypass blocks
- Privacy Protection: Blocked users are completely prevented from viewing blocked content
- Cross-Platform Blocking: Blocks apply across all platform features and services
8.4 Data Usage and Retention
IP address and session data is used for:
- Security threat detection and prevention
- User authentication and session management
- Abuse prevention and rate limiting
- Service performance monitoring and optimization
- Compliance with legal and regulatory requirements
- IP ban enforcement and management
- User blocking and privacy protection
- Harassment prevention and community safety
IP address and session data may be retained for extended periods for security purposes, even after account deletion, to prevent abuse and maintain platform security. IP addresses associated with user blocking are retained to maintain the effectiveness of blocking systems and prevent circumvention attempts.
10. Push Notifications
Our platform may send push notifications for important updates, security alerts, and service announcements. By subscribing to push notifications, you consent to receive these communications.
10.1 Notification Types
We may send push notifications for:
- Security alerts and account notifications
- Important service updates and maintenance
- Admin announcements and policy changes
- Account status changes and restrictions
- Emergency notifications and system alerts
10.2 Notification Management
You can manage push notifications by:
- Unsubscribing through your device settings
- Managing preferences through your account settings
- Contacting support to modify notification settings
- Deleting your account to stop all notifications
11. Email Notifications
Our platform may send email notifications for important updates, security alerts, service announcements, and custom notifications from administrators. By providing your email address and enabling email notifications, you consent to receive these communications.
11.1 Email Notification Categories
We may send email notifications in the following categories:
- General Notifications: Account updates, password resets, and general service information
- Marketing Emails: Promotional content, new features, and special announcements
- Security Notifications: Security alerts, account security updates, and login notifications
- System Updates: Platform updates, maintenance notifications, and policy changes
- Custom Notifications: Admin-sent custom messages and announcements
- Messaging Notifications: New direct and group chat message alerts
11.2 Email Preference Management
You can manage email notifications by:
- Updating preferences in your account settings
- Using unsubscribe links in email footers
- Contacting support to modify notification settings
- Deleting your account to stop all notifications
11.3 Unsubscribe Functionality
All email notifications include unsubscribe links that allow you to:
- Unsubscribe from all email notifications
- Manage category-specific preferences
- Update your email notification settings
- Contact support for additional assistance
Unsubscribe tokens are securely generated and stored to ensure only you can manage your email preferences.
12. E-commerce and Order Data
When you make purchases through our platform, we collect and process order-related information to complete your transactions and provide order management services. All payment processing is handled securely by Stripe, a third-party payment processor. Order fulfillment is handled by Printify, our print-on-demand partner.
12.1 Order Information Collection
When you make a purchase, we may collect:
- Billing Information: Name, address, email, phone number
- Shipping Information: Delivery address, shipping preferences
- Order Details: Products purchased, quantities, prices, discounts applied
- Transaction Data: Order confirmation, order status, tracking information
Important: We do not collect, store, or process any payment information. All payment data is handled securely by Stripe and is never stored on our servers. For payment processing, Stripe's terms of service and privacy policy apply.
12.2 Saved Shipping Information
For your convenience, you may choose to save shipping information to your account:
- Shipping Addresses: Multiple saved addresses for quick checkout
- Billing Addresses: Saved billing information for order processing
- Preferences: Default shipping options
You can manage, edit, or remove saved information at any time through your account settings.
12.3 How We Use Order Data
We use e-commerce and order data to:
- Process your orders and arrange fulfillment
- Fulfill your orders and arrange shipping
- Send order confirmations and tracking information
- Handle returns, refunds, and customer support
- Prevent fraud and ensure order security
- Comply with legal and tax obligations
- Improve our e-commerce services and user experience
12.4 Order Data Sharing
We share order information only with trusted third-party services:
- Stripe: Handles all payment processing
- Printify: Handles order fulfillment and shipping
- Shipping Carriers: Receive delivery information to ship your orders
- Legal Requirements: May be shared if required by law or for fraud prevention
All third-party partners are contractually obligated to protect your data and use it only for the services they provide to us.
12.5 Order Data Security
We implement comprehensive security measures to protect your order information:
- Encryption: All order data is encrypted in transit and at rest
- Access Control: Limited access to order information on a need-to-know basis
- Regular Security Audits: Conducted to ensure compliance and security
12.6 Order Data Retention
E-commerce and order data is retained as follows:
- Order History: Retained for 7 years for tax and accounting purposes
- Transaction Records: Retained for 7 years for compliance and dispute resolution
- Shipping Addresses: Retained until you remove them or close your account
- Order Logs: Retained for security and audit purposes
13. Terminal File System and User Data
Our platform includes an advanced terminal interface that provides users with a virtual file system for creating, storing, and managing personal content. By using the terminal features, you consent to the collection and processing of terminal-related data as described below.
13.1 Terminal File System Data Collection
When you use the terminal interface, we collect and store:
- User Directories: Personal directory structures within your terminal workspace
- File Content: Text files, documents, and scripts you create within the terminal
- Directory Metadata: Creation dates, permissions, file sizes, and organizational structure
- Terminal Commands: Command history and usage patterns for security and service improvement
- File System Activity: File creation, modification, deletion, and access logs
- Journal Entries: Personal journal content created through the terminal journal system
- Terminal Preferences: Interface settings, shortcuts, and customization data
13.2 Default Directory Structure
Each user receives a default directory structure that includes standard folders for organization:
- Documents/ - For storing text files and documentation
- Projects/ - For organizing coding projects and scripts
- Notes/ - For quick notes and temporary files
- README.txt - Welcome file with terminal instructions and user information
These default directories are automatically created when you first access your terminal workspace and are stored persistently in our database.
13.3 File Content and Privacy
Files you create in your terminal workspace are treated as follows:
- Visibility: Files are visible to other logged-in users when they navigate to your directory
- Editability: Only you can create, modify, or delete files in your workspace
- Content Storage: All file content is encrypted and stored securely in our database
- Backup and Recovery: Files are automatically backed up and can be recovered in case of system issues
- Cross-Session Persistence: Your files persist across sessions and device changes
13.4 Journal System
The terminal includes a personal journal system for creating timestamped entries:
- Journal Entries: Personal notes and entries with automatic timestamps
- Content Privacy: Journal entries are treated with the same privacy as other files
- Search Functionality: You can search through your journal entries using terminal commands
- Export Capabilities: Journal entries can be exported or backed up
13.5 How We Use Terminal Data
Terminal file system data is used for:
- Providing persistent file storage and retrieval
- Enabling collaboration and sharing features
- Maintaining file system integrity and preventing data loss
- Providing backup and recovery services
- Improving terminal functionality and user experience
- Monitoring for abuse and ensuring appropriate content
- Security analysis and threat detection
- Service performance optimization
13.6 Terminal Data Security
We implement comprehensive security measures for terminal data:
- Encryption: All file content is encrypted both in transit and at rest
- Access Control: Strict user-based access controls prevent unauthorized file access
- Activity Logging: All terminal activities are logged for security monitoring
- Regular Backups: Automated backups ensure data recovery capabilities
- Integrity Checks: Regular validation ensures file system consistency
13.7 Terminal Data Retention
Terminal file system data is retained as follows:
- Active Files: Retained for the duration of your account
- Deleted Files: May be retained in backups for 30 days for recovery purposes
- Command History: Retained for security analysis and service improvement
- Activity Logs: Retained for extended periods for security and audit purposes
- Journal Entries: Retained until manually deleted or account closure
13.8 Your Rights Regarding Terminal Data
You have the right to:
- Create, modify, and delete files in your terminal workspace
- Export or backup your terminal data
- Request complete deletion of your terminal data upon account closure
- Access information about what terminal data we store
- Report inappropriate content in other users' accessible files
- Request support for terminal functionality or data recovery
Note: While your files are visible to other users for transparency, only you have editing rights to your workspace. This design promotes an open, collaborative environment while maintaining individual control over personal content.
14. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We recommend reviewing this Privacy Policy periodically for any changes.
15. Contact Us
If you have any questions about this Privacy Policy, please contact us through the message board or Discord.
Security Concerns: If you believe you have been incorrectly flagged by our security system or have questions about security actions taken against your account, please contact our security operators through Discord or the message board. We will review your case and may reverse actions if appropriate.
Ban Appeals: If you believe you have been incorrectly banned or restricted, please contact our admin team through Discord or the message board with a detailed explanation of your situation. We will review your appeal and may reverse actions if appropriate.
Email Notification Issues: If you have questions about email notifications or unsubscribe functionality, please contact support through Discord or the message board. We can help you manage your email preferences and resolve any issues with notification delivery.
Age Verification Issues: If you have questions about age verification requirements, need to update your birthday information, or believe your account was incorrectly deleted due to age verification, please contact support through Discord or the message board. We can help you understand the requirements and resolve any verification issues.
Terminal and File System Issues: If you have questions about terminal functionality, file storage, data recovery, or privacy concerns related to your terminal workspace, please contact support through Discord or the message board. We can help you with file recovery, privacy settings, and terminal usage questions.