Privacy Policy

1. Introduction and Beta Notice

Welcome to Guild Manager ("we", "us", "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our beta platform.

BETA WARNING: Guild Manager is currently in beta. While we implement strong security measures, please be aware that beta software may have unforeseen issues that could potentially affect data security or privacy. Use at your own discretion.

This policy applies to all information collected through our website (https://guildmanager.app), our application, and any related services, sales, marketing, or events.

2. Information We Collect

Personal Information You Provide

• Account Data: Email address, username, display name, profile picture
• Discord Integration: Discord ID, username, avatar, connected guilds/servers
• Payment Information: Processed securely through Polar.sh (we do not store credit card details)
• Communications: Information you provide when contacting support
• User Content: Guild configurations, character data, activity records, screenshots, and other content you create

Information Automatically Collected

• Usage Data: Pages visited, features used, actions taken within the platform
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies and Tracking: Session cookies, authentication tokens, analytics data
• Performance Data: Error logs, load times, and technical diagnostics

Guild and Community Data

• Guild settings, descriptions, and customizations
• Member rosters, roles, and permissions
• Activity schedules and participation records
• Character information and game-specific data
• Loot distribution and reward tracking
• Custom metrics and leaderboards
• Application submissions and responses
• Audit logs of all guild management actions

3. How We Use Your Information

Service Provision

• Create and manage your account
• Provide guild management functionality
• Process transactions and manage subscriptions
• Send administrative information and updates
• Respond to inquiries and provide support
• Monitor and prevent fraudulent activity

Service Improvement

• Analyze usage patterns to improve features
• Debug technical issues and optimize performance
• Develop new features based on user behavior
• Conduct internal research and analytics
• Test and deploy updates safely

Communications

• Send service-related announcements
• Notify about security incidents or breaches
• Provide customer support
• Send marketing communications (with consent)

4. Legal Basis for Processing (Chile - Law 19.628)

In accordance with Chilean Law 19.628 on Protection of Private Life, we process your personal data based on:

• Consent: You have given explicit consent for processing
• Contract: Processing is necessary to fulfill our service agreement
• Legal Obligations: We must process data to comply with Chilean law
• Legitimate Interests: Processing is necessary for our legitimate business interests, balanced against your rights

You may withdraw consent at any time by contacting us, though this may affect your ability to use certain features.

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information. We may share your information in these situations:

Service Providers

• Discord: For authentication and bot integration
• Polar.sh: For payment processing and subscription management
• UploadThing: For file storage and media hosting
• PostHog: For analytics and product insights
• Database Providers: For secure data storage

Other Disclosures

• Legal Requirements: When required by law or court order
• Vital Interests: To protect someone's life or safety
• Business Transfers: In connection with a merger or acquisition
• With Consent: When you explicitly agree to sharing

6. Data Security

We implement appropriate technical and organizational security measures, including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of sensitive data at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication requirements
• Input validation to prevent injection attacks
• Rate limiting to prevent abuse
• Regular backups with secure storage
• Incident response procedures

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security, especially during our beta phase.

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Maintain audit logs for security purposes

Specific retention periods:

• Account Data: Until account deletion + 30 days
• Audit Logs: Based on subscription tier (7-365 days)
• Financial Records: As required by Chilean tax law (5 years)
• Deleted Communities: Soft delete with 30-day recovery period

8. Your Rights Under Chilean Law

Under Law 19.628, you have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Cancellation: Request deletion of your data
• Opposition: Object to certain processing activities
• Information: Be informed about data collection and use
• Portability: Receive your data in a structured format

To exercise these rights, contact us at [email protected]. We will respond within 48 hours as required by Chilean law.

9. International Data Transfers

Your information may be transferred to and processed in countries other than Chile, including:

• United States (where some service providers are located)
• European Union (for certain infrastructure)

We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and ensuring service providers maintain adequate security measures.

10. Children's Privacy

Our service is not intended for children under 13 years of age (or under 18 as per our Terms of Service). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Cookies and Tracking Technologies

Essential Cookies

• Authentication tokens
• Session identifiers
• Security cookies

Analytics Cookies

• PostHog analytics for usage patterns
• Performance monitoring cookies
• Feature adoption tracking

Preference Cookies

• Language preferences
• Theme settings
• UI customizations

You can control cookies through your browser settings. Disabling certain cookies may limit functionality.

12. Beta-Specific Considerations

During our beta phase:

• We may collect additional diagnostic data to improve stability
• Data structures may change, requiring migrations
• New features may introduce new data collection practices
• We may need to reset certain data for testing purposes
• Beta feedback and bug reports become part of our development data

We will notify you of significant changes to data handling during the beta period.

13. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of changes by:

• Updating the "Last updated" date
• Sending email notifications for material changes
• Posting announcements in the application
• Requiring acknowledgment for significant changes

Continued use after changes constitutes acceptance of the updated policy.

14. Contact Information

For privacy-related questions, concerns, or to exercise your rights:

For complaints, you may also contact the Chilean Council for Transparency (Consejo para la Transparencia) at www.consejotransparencia.cl

15. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• Right to know what personal information we collect
• Right to delete personal information
• Right to opt-out of sale (we do not sell personal information)
• Right to non-discrimination

16. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have additional rights including:

• Right to data portability
• Right to restrict processing
• Right to object to processing
• Rights related to automated decision-making
• Right to lodge a complaint with supervisory authorities