Privacy Policy

1. Who we are

"Phantom", "we", "us", and "our" mean the operators of the Phantom Discord bot and the dashboard at this site. We're the data controller for the personal data described in this policy. To exercise any of the rights in Section 7, contact us in the Phantom support server — open a ticket so the request stays private.

2. What we collect

From Discord, when you sign in

• Your Discord user ID, username, global display name, and avatar.
• Your email address as provided by Discord (we use this only to contact you about service-related matters).
• An OAuth access token and refresh token, so we can list the servers you're an admin in.
• The list of Discord servers you're a member of (refreshed periodically while you're signed in).

From Discord, while the bot is in your server

• Server (guild) IDs, channel IDs, role IDs, and the structural metadata Discord exposes — names, positions, permission overwrites — for the modules you've enabled.
• Member IDs and the timestamps of events Discord delivers to the bot (joins, leaves, role changes, voice state changes, message events) only for the modules that need them.
• Message content for messages that are processed by an enabled module — for example, automod scans messages while automod is on, snipe stores recently-deleted messages briefly, and logging records the changes you've configured. Messages outside enabled modules are not stored.
• Audit-log entries from Discord that the bot uses to attribute moderation actions correctly.

From you, when you configure Phantom

• Settings you choose on the dashboard (channel selections, module toggles, custom command text, embed layouts, welcome message templates, ticket panels, levelling formulas, and so on).
• Files you upload — for example, a custom welcome background image or a bot avatar.
• For Custom Branding: your bot application ID and bot token. The token is encrypted at rest using AES-256 and is decrypted only in-process to operate your bot.

From you, automatically

• Standard server logs when you load dashboard pages — IP address, user-agent, the page you requested, the referer, and the response status. Logs are retained for a short period (see Section 6).
• A session cookie when you sign in (see the Cookies Policy).

What we don't collect

• We don't read DMs.
• We don't read messages in channels Phantom isn't actively processing.
• We don't sell personal data to anyone, ever.
• We don't profile you for advertising. We don't run ads.

3. Why we collect it

We collect each category for one or more of these specific purposes:

• Operate the service. Discord IDs and tokens let you sign in and let the bot act in your servers. Settings you save let the bot do the things you've configured.
• Provide moderation features. Moderation cases, tempbans, and audit-log entries are stored so /pmod history works, scheduled actions fire on time, and appeals flow through correctly.
• Detect abuse. Automod scans messages against rules you set and stores hits so moderators can review them.
• Show you what's happening. Logging writes to the channel you choose; dashboard analytics roll up activity so you can see trends.
• Communicate with you. Service-critical messages — outages, security advisories, important policy changes.
• Improve the service. Aggregated, non-identifying usage statistics tell us what works and what doesn't. We don't profile individuals for this.
• Comply with the law. We retain limited records to respond to lawful requests and to comply with our own legal obligations (see Content Safety Policy).

4. Legal basis (for users in the EEA / UK)

If you're in the European Economic Area, the United Kingdom, or somewhere with similar law, we rely on the following bases under the GDPR:

• Performance of a contract for the data needed to operate the service after you sign in or add the bot.
• Legitimate interests for security logging, abuse prevention, aggregate analytics, and communicating service-critical information. You may object to processing on this basis at any time.
• Consent where the law specifically requires it — for example, certain non-essential cookies (see Cookies Policy).
• Legal obligation for retention of records needed to respond to law enforcement, comply with tax law, or comply with content-safety obligations.

5. Who we share data with

We share personal data only with the parties below, and only for the stated purposes:

• Subprocessors. Hosting, database, error-monitoring, and email-delivery providers we contract with to run Phantom. The current list is on the Subprocessors page.
• Discord. Discord receives whatever the bot sends through its API and is, separately, the controller for data you generate inside Discord itself. Discord's privacy policy applies to that side of the relationship.
• Law enforcement and regulators where we receive a valid legal request, or where we need to disclose information to comply with the law, prevent illegal activity, or protect the rights and safety of users — including the National Center for Missing & Exploited Children (NCMEC), as described in the Content Safety Policy.
• Successors in interest. If we're acquired, merge with another company, or sell substantially all of our assets, your data may be transferred to the successor under continued protections at least as strong as these.

We don't sell, rent, or trade personal data, and we don't share it for cross-context behavioural advertising.

6. How long we keep it

7. Your rights

Wherever you are, you can:

• Access the data we hold about you. Open a ticket in the Phantom support server from the Discord account whose data you're requesting so we can verify the request.
• Correct inaccurate data — most of it is changeable directly in Discord or the dashboard.
• Delete your data. Server admins can wipe data for a server from the Guild Settings page. Individual users can request deletion of their personal data through the support server.
• Export your data in a machine-readable format on request through the support server.
• Object to processing on legitimate-interest grounds.
• Restrict processing while a dispute is being resolved.
• Withdraw consent for any processing that relies on consent, without affecting prior processing.
• Complain to your local data-protection authority (in the EEA, the supervisory authority of your country; in the UK, the ICO).

We aim to respond to rights requests within 30 days. We may ask you to verify identity before acting, especially for deletion or export requests.

8. California residents (CCPA / CPRA)

If you're a California resident, the categories above describe what we collect. In the last 12 months we've collected the categories of personal information described in Section 2 for the purposes described in Section 3. We don't sell or share personal information for cross-context behavioural advertising as those terms are defined under the CCPA/CPRA. You have the right to know, delete, correct, and opt out of any sale or sharing — open a ticket in the Phantom support server to exercise any of these. We don't discriminate against you for exercising these rights.

9. Children's privacy

Phantom is not intended for children under 13 (or higher minimum ages where Discord enforces them — for example, 16 in some EU member states). Discord's own Terms of Service prohibit accounts under 13, so anyone signed in to the bot through Discord has already represented they meet that age. If you believe we have inadvertently collected data from a child below the relevant minimum age, open a ticket in the Phantom support server and we'll delete it.

10. International transfers

We're based in the operator's principal place of business and process data in the regions our hosting providers operate. When personal data is transferred from the EEA, UK, or Switzerland to a country without an adequacy decision, we rely on the European Commission's Standard Contractual Clauses or an equivalent transfer mechanism with our subprocessors. The list of subprocessors and their primary processing regions is at Subprocessors.

11. Security

We protect your data with measures appropriate to the risk: encrypted transport (TLS) for everything on the wire, encryption at rest for sensitive fields including OAuth refresh tokens and Custom Branding bot tokens, role-based access for our team's tooling, and isolated environments for production data. No system is 100% secure — if you discover a vulnerability, please open a private ticket in the Phantom support server rather than disclosing publicly, and we'll respond promptly.

12. Changes to this policy

We update this policy as the service changes. The "Effective" date at the top reflects the latest version. For material changes that affect your rights or expand the categories of data we collect, we'll give reasonable notice (e.g. through the dashboard, email, or the support server) before the changes take effect.

13. Contact

Privacy enquiries and general legal questions go to the Phantom support server. Open a ticket if it's about your own data — that keeps the conversation private and routes it directly to the team.