TERMS OF SERVICE

Last Updated: August 27, 2025

1. Introduction

Welcome to CIRKUITBREAKER.env! These Terms of Service ("Terms") govern your use of our website, applications, and services (collectively, the "Services"). By accessing or using our Services, you agree to be bound by these Terms. If you do not agree to these Terms, please do not use our Services.

2. Use of Our Services

You must follow any policies made available to you within the Services. Don't misuse our Services. For example, don't interfere with our Services, try to access them using a method other than the interface and the instructions that we provide, or attempt to exploit any features in a manner not intended by the platform.

Certain features may require access to your device's hardware, such as the microphone (e.g., for the voice assistant interactions). You will be prompted for permission before such access is granted.

Security Violations: Our platform employs advanced security monitoring systems that automatically detect and respond to suspicious activity, abuse, and security threats. Violations may result in account restrictions. Repeated violations may result in permanent account termination.

Content Moderation: We reserve the right to moderate all user-generated content, including messages on message boards and private messages, and may remove content that violates our community guidelines or terms of service. Users who repeatedly violate content policies may face restrictions or account termination.

Private Messaging: Our private messaging system allows authenticated users to communicate privately. By using the private messaging feature, you agree that your messages may be monitored for security and abuse prevention purposes. You are responsible for the content of your private messages and must not use the messaging system for harassment, spam, illegal activities, or to violate these terms.

Group Chats and Notifications: Authenticated users may create direct and group chats. When you receive new direct or group messages, we may send push and/or email notifications related to message delivery and account communications.

Emergency Operator Access (Break-Glass): In rare, safety-critical, abuse-investigation, legal-compliance, or security-incident scenarios, designated operators may access private or group message content only when absolutely necessary. Each emergency access request requires a documented reason and is logged in security audit records.

3. Your Account

You may need an account to use some of our Services. Account creation may involve authentication through third-party services such as Discord. You can link your Discord account to your existing account through our OAuth integration. When you create an account with us, you agree to provide accurate and complete information, including a valid email address.

You are responsible for the activity that happens on or through your account, including maintaining the confidentiality of your account credentials. Try not to reuse your account password on third-party applications. Notify us immediately of any unauthorized use of your account.

Password Reset and Account Recovery: If you forget your password or lose access to your account, you may request a password reset or account recovery email. Password reset links are time-limited and can only be used once. We never store your Discord or platform password in plain text. Email verification is currently disabled for maintenance purposes. Password reset emails and login notification emails are operational and will be sent when requested.

Username and Email Changes: You may request to change your username or email address by contacting support. We may require verification before making changes to your account information.

Account Status: Your account may be subject to various statuses including active, suspended, or banned. Account restrictions may be temporary or permanent based on the severity of violations.

4. Privacy, Data Collection, and Use

Our commitment to your privacy is paramount. This section details how we collect, use, and protect your personal data when you use our Services. By using our Services, you agree that CIRKUITBREAKER.env can use such data in accordance with these terms.

4.1 Information We Collect

Account Information: When you register, we may collect your username, email address, and authentication tokens if you sign up via a third-party service like Discord. We may also collect your email address for password reset and account recovery purposes.
User-Generated Content: This includes any data you create or upload, such as messages on message boards, content for QR code generation, journal entries, and interactions within simulated environments.
Private Messages: Content, metadata, and conversation data from the private messaging system, including message histories, participant information, and communication patterns.
Usage Data: We collect information about how you interact with our Services, such as features accessed, time spent on pages, real IP addresses (extracted from multiple proxy headers), browser type, device information, session activity, and error logs. This helps us understand service usage, improve functionality, and maintain security across various network configurations.
Security Data: We collect and monitor security-related information including violation history, suspicious activity patterns, rate limiting data, security alert records, session activity monitoring, and enhanced IP address tracking (including real IP extraction from proxy headers) to maintain platform integrity and protect users.
Ban and Restriction Data: We maintain records of user bans, IP bans, account restrictions, and moderation actions to prevent abuse and maintain platform security.
Device Information for Specific Features: For features like voice-based interactions (e.g., `voice assistant` features), we may request access to your device's microphone. This access is only granted with your explicit permission and data is processed only for the duration and purpose of the feature's operation.
Preferences and Settings: We store your preferences, such as UI customizations, and other settings to personalize your experience.
Push Notification Data: If you subscribe to push notifications, we collect subscription tokens, device information, and notification preferences to deliver important updates and security alerts.
Email Notification Data: We collect email notification preferences, unsubscribe tokens, and category-specific settings to deliver personalized email communications based on your preferences.

4.2 How We Use Your Information

To Provide and Operate the Services: This includes user authentication, generating QR codes, displaying messages on boards, enabling access to unlocked features, and facilitating interactive experiences.
To Facilitate Private Messaging: To enable secure communication between users, deliver messages, maintain conversation histories, provide real-time messaging functionality, and ensure message delivery and notification systems work properly.
To Personalize Your Experience: We use your data to remember your preferences, customize content, and tailor the Services to your usage patterns.
To Improve Our Services: Analyzing usage data helps us identify areas for improvement, develop new features, and enhance the overall user experience.
For Security Purposes: To protect your account, detect and prevent fraudulent or unauthorized activity, and ensure the integrity of our Services.
For Automated Security Responses: To automatically respond to security violations, send alerts to security operators, and maintain comprehensive security violation databases for threat prevention and system protection.
For Content Moderation: To monitor and moderate user-generated content, enforce community guidelines, and maintain a safe environment for all users.
For Ban Management: To enforce user and IP bans, track violation history, and prevent repeat offenses across the platform.
To Communicate With You: We may send you service-related announcements, updates, security alerts, or support messages via email or push notifications.
For Email Notifications: To send personalized email notifications based on your preferences and categories, including custom notifications from administrators.

4.3 Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following limited circumstances:

With Third-Party Service Providers: We may use third-party vendors for hosting, analytics, authentication (e.g., Discord), and other services necessary to operate CIRKUITBREAKER.env. These providers are contractually obligated to protect your data and only use it for the services they provide to us.
With Discord for Security Operations: We may share security-related information with Discord for security notifications. Discord server administrators may receive notifications about security events affecting their servers.
With Security Operators: Security alerts and violation data may be shared with designated security operators via Discord direct messages for immediate attention and response to security threats.
For Legal Reasons: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
With Your Consent: We may share your information for other purposes with your explicit consent.

4.4 Data Security

We implement commercially reasonable technical and organizational measures to protect your personal data from unauthorized access, use, alteration, or disclosure. However, no internet-based service can be 100% secure, so we cannot guarantee absolute security.

4.5 Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Services. We may also retain data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Security Data Retention: Security violations and related security data may be retained for extended periods to prevent abuse and maintain platform security, even after account deletion. This includes violation history, security event logs, and operator notification records.

Ban and Restriction Data: User bans, IP bans, and account restrictions may be retained indefinitely to prevent repeat violations and maintain platform security.

Email Notification Data: Email notification preferences and unsubscribe tokens are retained until you unsubscribe or your account is deleted. Custom email notification content may be retained for audit purposes and to ensure delivery to intended recipients.

4.6 Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal data, including the right to access, correct, update, or request deletion of your information. You can typically manage your account information through your account settings. For other requests or if you have questions about your data, please contact us.

You can control permissions for device features like microphone access through your browser or device settings.

You can manage email notification preferences through your account settings, including category-specific preferences and unsubscribe functionality.

4.7 Copyright Protection

We respond to notices of alleged copyright infringement and terminate accounts of repeat infringers according to the process set out in applicable copyright laws, such as the U.S. Digital Millennium Copyright Act (DMCA). If you believe your copyright has been infringed by content on our Services, please contact us with the required information.

5. IP Address Collection and Session Tracking

By using our Services, you acknowledge and consent to our enhanced IP address collection and session tracking systems designed to improve security, prevent abuse, and maintain platform integrity.

5.1 Enhanced IP Address Collection

Our platform employs advanced IP address collection methods to ensure accurate user identification:

Real IP address extraction from multiple proxy headers (X-Forwarded-For, X-Real-IP, CF-Connecting-IP, X-Client-IP)
Fallback mechanisms for various network configurations and proxy setups
IP address tracking across VPNs, proxy networks, and cloud services
Session correlation using IP addresses for security analysis
Cross-session IP address monitoring for threat detection
IP ban enforcement and tracking

5.2 Session Activity Monitoring

We continuously track user session activity for security and service improvement:

Real-time session activity logging and analysis
User behavior pattern recognition and anomaly detection
Session state tracking across page navigation and feature usage
Device and browser fingerprinting for session correlation
Session termination and management capabilities
Admin session monitoring and audit trails

5.3 Data Usage and Retention

IP address and session data is used for security threat detection, user authentication, abuse prevention, service performance monitoring, and compliance with legal requirements. This data may be retained for extended periods for security purposes, even after account deletion.

6. Security and Account Protection

By using our Services, you acknowledge and consent to our security monitoring systems designed to protect users and maintain platform integrity.

6.1 Security Monitoring

Our platform monitors activity for security threats, including:

Suspicious IP addresses and malicious user agents
Rate limit violations and abuse patterns
Authentication breaches and unauthorized access attempts
Malicious activity patterns (SQL injection, XSS, CSRF attempts)
Unusual access patterns and admin action monitoring
Message board content moderation and abuse detection

6.2 Account Protection

Our platform includes account protection systems that may result in:

Account Restrictions: Temporary or permanent account limitations
IP Address Bans: Network-level restrictions for specific IP addresses
Content Moderation: Removal of violating content and user warnings
Ban Appeals: Process for appealing incorrect restrictions

6.3 Security Violation Consequences

Security violations may result in:

Account restrictions or temporary suspensions
Permanent account termination for repeated violations
IP address bans for network-level restrictions
Content removal and moderation actions
Legal action for serious security breaches

6.4 Appeal Process

If you believe you have been incorrectly flagged or actioned by our security system:

Contact support through Discord or the message board
Provide detailed explanation of the circumstances
We will review your case and may reverse actions if appropriate
Appeals are reviewed within reasonable timeframes

7. Push Notifications

Our platform may send push notifications for important updates, security alerts, and service announcements. By subscribing to push notifications, you consent to receive these communications.

7.1 Notification Types

We may send push notifications for:

Security alerts and account notifications
Important service updates and maintenance
Admin announcements and policy changes
Account status changes and restrictions
Emergency notifications and system alerts
Ban notifications and appeal updates

7.2 Notification Management

You can manage push notifications by:

Unsubscribing through your device settings
Managing preferences through your account settings
Contacting support to modify notification settings
Deleting your account to stop all notifications

8. User Reporting and Blocking System

Our platform provides comprehensive user reporting and blocking systems to maintain a safe and respectful community environment. These systems allow users to report inappropriate behavior and block users who violate community guidelines or engage in harassment.

8.1 User Reporting System

Users can report other users for various violations including:

Harassment: Bullying, threats, or targeted abuse
Spam: Unwanted promotional content or repetitive messages
Inappropriate Content: Content that violates community guidelines
Impersonation: Pretending to be another user or entity
Hate Speech: Discriminatory or prejudiced language
Threats: Violent or harmful language directed at others
Sexual Content: Inappropriate sexual material or behavior
Scam: Fraudulent activities or deceptive practices
Other: Any other behavior that violates our terms of service

8.2 Report Processing

When a report is submitted:

Reports are reviewed by our moderation team
Evidence is collected and analyzed
Appropriate action is taken based on severity
Users may be warned, restricted, or banned
Report status is tracked and updated

8.3 User Blocking System

Users have the right to block other users to prevent unwanted interactions:

Blocking Capabilities: Users can block others with optional reasons
Access Restrictions: Blocked users cannot view the blocker's ID card or profile
Communication Prevention: Blocked users cannot send messages or interact with blockers
IP-Based Blocking: Blocking persists across new accounts from the same IP address
Block Management: Users can view and manage their blocked users list

8.4 Blocking Consequences

When a user is blocked:

Blocked users cannot access the blocker's public profile or ID card
Private messaging between blocked users is prevented
Blocked users cannot see the blocker's message board posts
IP addresses are tracked to prevent circumvention
Blocking is reciprocal and affects both users

8.5 Blocking Limitations

Certain limitations apply to the blocking system:

Self-Blocking: Users cannot block themselves
Admin Protection: Site administrators cannot be blocked
Public Content: Blocked users may still see public platform content
Appeal Process: Users can appeal blocks through support channels

8.6 Report and Block Management

Users can manage their reports and blocks through:

Account settings and privacy controls
Dedicated blocked users management page
Support channels for complex issues
Appeal processes for incorrect actions

9. Email Notifications

Our platform may send email notifications for important updates, security alerts, service announcements, and custom notifications from administrators. By providing your email address and enabling email notifications, you consent to receive these communications.

9.1 Email Notification Categories

We may send email notifications in the following categories:

General Notifications: Account updates, password resets, and general service information
Marketing Emails: Promotional content, new features, and special announcements
Security Notifications: Security alerts, account security updates, and login notifications
System Updates: Platform updates, maintenance notifications, and policy changes
Custom Notifications: Admin-sent custom messages and announcements
Messaging Notifications: New direct and group chat message alerts

9.2 Email Preference Management

You can manage email notifications by:

Updating preferences in your account settings
Using unsubscribe links in email footers
Contacting support to modify notification settings
Deleting your account to stop all notifications

9.3 Unsubscribe Functionality

All email notifications include unsubscribe links that allow you to:

Unsubscribe from all email notifications
Manage category-specific preferences
Update your email notification settings
Contact support for additional assistance

Unsubscribe tokens are securely generated and stored to ensure only you can manage your email preferences.

9.4 Custom Email Notifications

Administrators may send custom email notifications to users. These notifications:

Respect your email notification preferences
Include unsubscribe links in the footer
May be sent to specific user categories or all users
Are logged for audit and delivery tracking purposes

10. E-commerce and Order Fulfillment

Our platform includes e-commerce functionality for purchasing merchandise and digital products. All payment processing is handled securely by Stripe, a trusted third-party payment processor. Order fulfillment is handled by Printify, our print-on-demand partner.

9.1 Payment Processing

All payments are processed securely by Stripe. By making a purchase, you agree to:

Provide accurate and complete payment information to Stripe
Authorize Stripe to charge your payment method for the total amount of your order
Pay all applicable taxes and fees associated with your purchase
Comply with Stripe's terms of service and privacy policy

Important: We do not store or process any payment information. All payment data is handled securely by Stripe and is never stored on our servers.

9.2 Shipping Information Storage

For your convenience, you may choose to save your shipping information to your account:

Shipping Addresses: You may save multiple shipping addresses for quick checkout
Contact Information: You may save billing and contact information for order processing
Security: All shipping data is encrypted and stored securely using industry-standard practices

9.3 Order Processing and Shipping

Orders are processed through our integration with Printify for merchandise fulfillment:

Order Confirmation: You will receive an email confirmation when your order is placed
Processing Time: Orders are typically processed within 1-3 business days
Shipping: Shipping times vary by location and shipping method selected
Tracking: You will receive tracking information once your order ships
International Shipping: Available to most countries; additional fees may apply

9.4 Returns and Refunds

Our return and refund policy is as follows:

Return Window: 30 days from delivery date for most items
Return Conditions: Items must be unused and in original packaging
Refund Processing: Refunds are processed within 5-10 business days
Shipping Costs: Return shipping costs are the responsibility of the customer unless the item is defective
Digital Products: Digital products are non-refundable once delivered

9.5 Account Management

You can manage your saved shipping information through your account settings:

Add, edit, or remove saved shipping addresses
Set default shipping options
View order history and tracking information
Update billing and contact information

9.6 Data Retention for E-commerce

E-commerce-related data is retained as follows:

Order History: Retained for 7 years for tax and accounting purposes
Shipping Addresses: Retained until you remove them or close your account
Transaction Records: Retained for 7 years for compliance and dispute resolution

11. Data Protection for E-commerce Information

We implement comprehensive security measures to protect your personal and shipping information:

10.1 E-commerce Data Security

Encryption: All sensitive data is encrypted in transit and at rest
Access Control: Limited access to shipping information on a need-to-know basis
Regular Audits: Security audits conducted regularly to ensure compliance

10.2 Third-Party E-commerce Partners

We use trusted third-party e-commerce partners:

Printify: Handles all order fulfillment and shipping
Security Standards: All third-party partners maintain industry-standard security
Data Sharing: Only necessary information is shared with partners

12. Modifying and Terminating our Services

We are constantly changing and improving our Services. We may add or remove functionalities or features, and we may suspend or stop a Service altogether.

You can stop using our Services at any time, although we'll be sorry to see you go. We may also stop providing Services to you, or add or create new limits to our Services at any time.

Account Termination: We reserve the right to terminate accounts that violate these terms, engage in abusive behavior, or pose security threats to the platform or other users.

13. Disclaimers and Limitations of Liability

We provide our Services using a commercially reasonable level of skill and care and we hope that you will enjoy using them. But there are certain things that we don't promise about our Services.

OTHER THAN AS EXPRESSLY SET OUT IN THESE TERMS OR ADDITIONAL TERMS, NEITHER CIRKUITBREAKER NOR ITS SUPPLIERS OR DISTRIBUTORS MAKE ANY SPECIFIC PROMISES ABOUT THE SERVICES. FOR EXAMPLE, WE DON'T MAKE ANY COMMITMENTS ABOUT THE CONTENT WITHIN THE SERVICES, THE SPECIFIC FUNCTIONS OF THE SERVICES, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE THE SERVICES "AS IS".

TO THE EXTENT PERMITTED BY LAW, THE TOTAL LIABILITY OF CIRKUITBREAKER, AND ITS SUPPLIERS AND DISTRIBUTORS, FOR ANY CLAIMS UNDER THESE TERMS, INCLUDING FOR ANY IMPLIED WARRANTIES, IS LIMITED TO THE AMOUNT YOU PAID US TO USE THE SERVICES (OR, IF WE CHOOSE, TO SUPPLYING YOU THE SERVICES AGAIN).

14. About these Terms

We may modify these terms or any additional terms that apply to a Service to, for example, reflect changes to the law or changes to our Services. You should look at the terms regularly. We'll post notice of modifications to these terms on this page.

If you do not agree to the modified terms for a Service, you should discontinue your use of that Service.

These terms control the relationship between CIRKUITBREAKER and you. They do not create any third party beneficiary rights.

Home Privacy Policy