Privacy Policy
Last Updated: May 15, 2026
1. Data Collection
We collect only the minimum data required to provide our services:
- Discord User ID: To uniquely identify users across bot commands, settings, and premium access
- Discord Email Address: Collected during website sign-in via Discord OAuth 2.0 solely for account verification and identity confirmation purposes
- Server IDs: To provide server-specific features and settings
- Command Usage: To improve bot performance, fix issues, and understand usage patterns
- Temporary Data: Some commands may temporarily process data (such as images or text) for the duration of the request - this is never stored permanently
- Premium Status: To track and validate premium feature access for users with active licenses
2. What We Do NOT Collect
- We do NOT store your Discord messages or conversation history
- We do NOT collect personal information beyond your Discord User ID and email address, used solely for account verification
- We do NOT store passwords or payment card details - payments are processed exclusively by third-party processors
- We do NOT share your data with third parties for marketing, advertising, or profiling
- We do NOT use cookies or third-party tracking technologies
3. Data Usage
Collected data is used solely for:
- Providing and improving bot functionality
- Fixing bugs and technical issues
- Understanding usage patterns to enhance user experience
- Ensuring compliance with our Terms of Service
- Preventing abuse and malicious activity
- Providing premium features to eligible users
3b. Website Login and Authentication Security
When you sign in to shiver.one using your Discord account, we use the official Discord OAuth 2.0 protocol. This process is secure and transparent:
- No password access: We never see or store your Discord password. Authentication is handled entirely by Discord's servers.
- Data received: We receive your Discord User ID, username, display name, avatar URL, and email address. Your email is used exclusively for account verification and identity confirmation - it is never used for marketing or shared with third parties.
- Encrypted transmission: All data exchanged during login is transmitted over HTTPS (TLS 1.2/1.3), preventing interception.
- Local session only: Your session data (username, avatar) is stored exclusively in your browser's localStorage. We do not maintain server-side sessions or session cookies.
- No third-party sharing: Login data is never shared with third parties, advertisers, or analytics providers.
- Token scope: The OAuth token requested has the identify scope only - we cannot read your messages, join servers, or take any action on your behalf.
- Revocable access: You can revoke our access at any time via Discord Settings > Authorized Apps > shiver > Deauthorize.
4. Data Storage and Security
We implement appropriate technical and organizational measures to protect your data:
- Data is stored on secure servers with limited access
- Access is restricted to authorized personnel only
- Regular security assessments are conducted
- Data is encrypted in transit using SSL/TLS
5. Third-Party Services
Our bot may interact with third-party services (e.g. APIs, image processing, or AI providers). These services have their own privacy policies. We only share data necessary for functionality. Payment processing is handled by third-party processors; we do not store payment details.
6. Data Retention
We retain data only as long as necessary for the purposes outlined in this policy:
- User IDs and server IDs are retained while the bot is in use
- Command usage logs are retained for up to 90 days for debugging purposes
- Temporary processing data is deleted immediately after command execution
- You can request deletion of your data at any time
7. Your Rights
You have the right to:
- Request access to your data
- Request correction of inaccurate data
- Request deletion of your data
- Opt-out of data collection (by ceasing to use the bot)
- Withdraw consent where applicable
To exercise these rights, contact us through our Discord server.
8. Children's Privacy
Our services are not directed to individuals under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
9. International Data Transfers
Our servers are located in the European Union. If you are accessing our services from outside the EU, your data may be transferred to and processed in the EU.
10. Changes to This Policy
We may update this privacy policy from time to time. We will notify users of significant changes through our Discord server and by updating the "Last Updated" date at the top of this policy.
11. Refunds
We do not offer refunds for subscriptions, one-time purchases, or any other paid products. All sales are final. See our Terms of Service for details.
12. Contact Us
For privacy-related questions, requests, or concerns, contact us on our Discord server: discord.gg/K47SerTSMY