Privacy Policy

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

lio.gg - Sven Rolnik
c/o Online-Impressum #3362
Europaring 90
53757 St Augustin
Deutschland

Email (support): support@lio.gg
Email (legal notice): svenrolnik@pm.me

A Data Protection Officer has not been appointed at this time, unless required by law.

Lio.gg is a hosted Discord bot with a modular web dashboard. Server administrators ("Users") configure the bot per Discord server. End users on Discord servers ("Server Members") may be affected by activated bot modules without logging into the dashboard.

We process personal data only to the extent necessary for operation, authentication, contract fulfillment, security, and — where activated — the bot functions configured by the server operator.

The bot "Lio" is an application for the Discord platform (Discord Inc.). It is hosted centrally by us and connects to servers on which it has been invited via the Discord API.

Data the bot may process (depending on activated modules and permissions):

• Discord IDs, display names, nicknames, avatars, and roles of server members
• Message content, edit and delete events (e.g. logging, leveling, moderation)
• Voice channel status (join/leave/move), where logging is enabled
• Configuration data of the server operator (channel IDs, thread IDs, role IDs, module settings)
• Content created by the server operator in the dashboard (embeds, rules, panel texts)

The server operator is responsible for the lawfulness of bot use on their server (e.g. information obligations toward server members, consents where required). We provide the technical platform.

The bot is not affiliated with or endorsed by Discord Inc. Discord is a trademark of Discord Inc.

We use Discord OAuth2 for the dashboard. Upon login, we receive from Discord (with your consent via the OAuth dialog) typically:

• Discord user ID, username, discriminator/global name
• Email address (where included in the OAuth scope and provided by Discord)
• Avatar URL
• List of Discord servers on which you have Manage Server permission

We store a session token (JWT) in your browser to keep you logged in. Technically necessary storage is based on Art. 6 para. 1 lit. b GDPR (contract/pre-contractual measures) and Art. 6 para. 1 lit. f GDPR (IT security).

Account data (dashboard users): Discord ID, profile data, plan status (Free/Plus/Premium), warnings/blocks by our team, registration timestamps.

Server configuration: guild ID, module status, JSON configurations (channels, roles, embeds, logging targets, etc.), stored in our database.

Bot operational data: temporary cache entries, API calls to Discord, error logs without unnecessary personal references where possible.

Server member data: processed by the bot only where modules are active and Discord events occur; scope depends on configuration by the server operator.

Discord Inc., 444 De Haro Street, Suite 200, San Francisco, CA 94107, USA, provides the platform through which the bot communicates. Data transfers to the USA may occur. Discord provides its own privacy information and, where applicable, standard contractual clauses.

Further information: discord.com/privacy

We have no influence over data processing by Discord outside of our bot and dashboard integration.

The bot, backend API, and dashboard are hosted by the following processor:

Processor: Hetzner Online GmbH
Industriestr. 25, 91710 Gunzenhausen, Deutschland

Location of data processing: Serverstandort: Rechenzentren in Deutschland (u. a. Nürnberg und Falkenstein)

Provider privacy information: https://www.hetzner.com/de/legal/privacy-policy

Payments are processed by Stripe, Inc. (510 Townsend Street, San Francisco, CA 94103, USA). We store only Stripe customer and subscription IDs — no card data on our servers.

Provider privacy information: stripe.com/privacy

Additional services (e.g. database, reverse proxy) may be used. We enter into agreements pursuant to Art. 28 GDPR where required. Questions: support@lio.gg.

We store account data for as long as your dashboard account exists and thereafter only to the extent required by statutory retention obligations.

Server configurations remain stored until the server operator removes the bot, deactivates modules, or requests deletion.

Log data and technical records are generally deleted on a rolling basis (typically a few days to weeks), unless longer retention is required for error analysis.

Messages posted by the bot in Discord channels are subject to Discord's retention and the server operator's settings.

Under the GDPR, you have in particular the following rights:

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction of processing (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent given (Art. 7 para. 3 GDPR)

Server members should primarily contact the administrator of the respective Discord server for bot-related requests. You may also contact support@lio.gg.

Right to lodge a complaint with a supervisory authority, e.g. for Deutschland the competent state data protection authority of your place of residence.

Providing Discord profile data is required for dashboard use. Without OAuth login, the dashboard cannot be used. Bot functions on Discord require the bot permissions set by the server operator.

We update this Privacy Policy when the legal situation, services, or data processing change. The current version is available at https://lio.gg/privacy. We inform registered users of material changes where appropriate.