Privacy

Last revised: August 30, 2022

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

This privacy policy describes how we might use your information if you:

  • Visit our website at https://bentobot.xyz;
  • Use our Discord application(s) (a.k.a. "Discord Bot(s)" — Bento#3548);
  • Engage with us in other related ways ― including any sales, marketing, or events.

In this privacy policy, if we refer to:

  • "Website", we are referring to any website of ours that references or links to this policy;
  • "Bot" or "App", we are referring to any Discord application of ours that references or links to this policy, including any listed above;
  • "Service(s)", we are referring to our Website, Bot, and other related services, including any sales, marketing, or events;
  • "Data", we are referring to any data, content, and information (including personal information) owned, held, used or created by you (or on your behalf) that may be stored using, or processed by, our Services;
  • "Discord", we are referring to Discord Inc. and its related companies;
  • "Discord End User", we are referring to you, as someone who is using Discord-related services according to the Discord privacy policies and terms of service;
  • "Discord End User Data", we are referring to the data you provide to Discord through the Discord App;
  • "Discord App", we are referring to the client(s) (desktop, mobile, web, …) that Discord offers to their End User(s) to access their services;
  • "Discord API" we are referring to the API (Application Programming Interfaces) Discord provides to developers, that enables us to access your Discord End User Data according to the Discord privacy policies and terms of service.
  • "Message XP" we are referring to a number value that increments for every sent message by a Discord End User

The purpose of this privacy policy is to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it.

Please read this privacy policy carefully, as it will help you understand what we do with the information that we collect.

What information is collected

We may collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services or otherwise when you contact us.

Simultaneously, through our Bot, we may collect personal information related to you that Discord provides to us through the use of the Discord API (in this case, we refer to Discord End User Data).

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make and the products and features you use within our Service and within the Discord servers that you share with Bento.

By adding Bento or joining a server with Bento, the following information we collect may include the following:

Automatically collected data

  • User ID
  • Username
  • Discriminator
  • Avatar URL
  • Messages for XP (Not the content of messages, only its initiation saved as message XP)

How your information is used

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We use the information we collect or receive:

  • To offer our services to you. Our Service may need your data, specifically obtained through the Discord API (in that case, we’re referring to Discord End User Data) or voluntarily and directly provided to us.
  • Request feedback. We may use your information to request feedback and to contact you about your use of our Services.
  • To send administrative information to you We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
  • To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
  • To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
  • To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

The personal information we process may be used for the following purposes:

  • Discord ID: We use your Discord ID to identify you among the different Services, and in relation to your "Discord End User Data".
  • Partial Discord Message Content: With partial Discord message content, we refer to the content of messages that let you directly interact with our Bot, such as when using commands and keyword notifications. We use your partial Discord message content to provide you with the output of such commands.
  • Full Discord Message Content: With full Discord message content, we refer to the full content of messages that you send using the Discord App, even when the message is not related to a direct interaction with our Bot. We use your full Discord message content to provide specific features that may be offered through our Bot to you, or to other users, such as Notifications.
  • Other Identifiers: We may collect other types of identifiers, or contact details, other than your Discord ID if you are directly interacting with us; these identifiers will only be used to process specific inquiries, and may be deleted after the inquiry is complete.
  • Other Discord End User Data: We may collect, store, and process other types of content you share with Discord, and that is further provided to us through the Discord API, to provide specific features related to our Services.

Hereafter, we also provide some additional remarks on how we process your data in relation to some specific use cases:

  • Discord User Profile: Your username, profile picture, and any data related to your Discord user profile is provided from the Discord API based on your Discord ID, only when needed;
  • Statistics: When statistics are provided by our Services, we only keep aggregated and anonymized data into our database.

How your information may be shared

In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

In general, we have no business needs that justify, nor direct interests in, sharing your information with other entities.

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

How long information is kept

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate business need to process your personal information, we will automatically delete your data if you're out of the scope of our services, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

How we keep your information secure

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.

Hereafter, you’ll find an exemplary and not exhaustive list of measures we implemented to keep your data safe:

  • User Identification and Discord End User Data Processing: Wherever possible, the only identification key related to you that is stored on our system is your "Discord ID". Your "Discord ID" is a number provided by the Discord API and linked to your Discord End User Data. Your username, message content, data you provide to Discord, etc. is accessed by requesting such data through the Discord API using your Discord ID, while a minimal amount of data is stored in our Services.
  • Encryption at Rest: Data stored by our Services is encrypted at rest (when saved in our database, or any data storage media we may be using) using best-in-class algorithms (e.g. AES-256-GCM) and following the most diffuse security guidelines. In some cases, data may be encrypted through multiple levels of encryption using different encryption keys; this approach is applied to all and any custom input we receive from the Discord API related to your Discord message content.
  • Encryption in Transit: Data processed by our Services, or transferred between different components of our infrastructure, is encrypted using best-in-class algorithms (e.g. TLS 1.2+ with Mutual Authentication) and following the most diffuse security guidelines.
  • Authentication, Authorization, Auditing: Our Services implement security measures that only allow authorized users to access any stored data.
  • Infrastructure Security: Data is segregated into different components of the infrastructure that provides our Services. Technical and organizational security measures are in place to minimize the chance of an intruder having access to our infrastructure.

Your privacy rights

If you are a resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.

Children's privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.

Policy updates

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

Data removal

To request your data to be removed, please contact us in the following section.

Contact us

If you have any questions about this Privacy Policy, You can contact us: