Introduction

Thank you for choosing EsportBot ("Company," "we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Discord bot services, website, and related services (collectively, the "Services").If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: esportbot.eu@gmail.com Data controller: Prepperen AS (Norway), under brand name "EsportBot".

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with any part of this Privacy Policy, please discontinue use of our Services immediately.

1. Information we collect

1.1 Information You Provide Voluntarily We collect personal information that you voluntarily provide to us when you: - Register or use our Discord bot services - Create an account on our dashboard - Contact us for support - Subscribe to our services - Use Google Calendar integration features The personal information we collect may include: - Discord Account Information: Discord user ID, username, server IDs, channel IDs - Contact Information: Email addresses, names (if provided) - Payment Information: Payment method details (processed securely through third-party payment processors like Stripe) - Google Calendar Data: When you connect your Google Calendar, we access: - Calendar events (read/write access) - Calendar metadata (calendar names, IDs) - Event details (titles, descriptions, dates, times, locations, attendees) - Usage Data: Commands used, features accessed, interaction logs - Server Configuration: Server settings, preferences, custom configurations 1.2 Information Collected Automatically When you use our Services, we automatically collect certain information: - **Discord Activity:** Messages sent to the bot, commands executed, server interactions - **Technical Data:** IP addresses, device information, browser type, operating system - **Usage Analytics:** Feature usage patterns, error logs, performance metrics - **Cookies and Tracking Technologies:** We use cookies and similar tracking technologies to track activity on our website and store certain information 1.3 Information from Third-Party Services - Google Calendar API: When you authorize Google Calendar integration, we receive calendar data as described in Section 1.1 - Discord API: User and server information provided by Discord's API - Payment Processors: Transaction information from Stripe or other payment processors

2. How do we use your information?

We process your information based on the following legal bases under GDPR: - Consent: When you explicitly consent to data processing (e.g., Google Calendar integration) - Contract Performance: To provide and maintain our Services - Legitimate Interests: To improve our Services, ensure security, and prevent fraud - Legal Obligations: To comply with applicable laws and regulations 2.1 Service Provision We use your information to: - Provide, operate, and maintain our Discord bot services - Process transactions and manage subscriptions - Sync Discord events with Google Calendar (when authorized) - Send RSVP requests and manage team calendar events - Respond to your inquiries and provide customer support - Send administrative information, updates, and service notifications 2.2 Google Calendar Integration When you connect your Google Calendar: - Purpose: To sync Discord events with your Google Calendar and enable team calendar features - Data Accessed: Calendar events, calendar metadata, event details - How We Use It: a) Create events in your Google Calendar based on Discord events, b) Read calendar events to display in our dashboard, c) Send calendar invitations to team members (for team calendar features), d) Sync event changes between Discord and Google Calendar - Data Sharing: Calendar data is only accessed with your explicit authorization and is not shared with third parties except as necessary to provide the service 2.3 Marketing and Communications We may use your information to: - Send you marketing and promotional communications (with your consent) - Deliver targeted advertising (you can opt-out at any time) - Notify you about updates, new features, or changes to our Services You can opt-out of marketing emails at any time by: - Clicking the unsubscribe link in marketing emails - Contacting us at support@esportbot.eu - Adjusting your preferences in the dashboard settings 2.4 Legal and Security We may use your information to: - Detect, prevent, and address technical issues and security threats - Comply with legal obligations and respond to legal requests - Enforce our terms of service and protect our rights - Prevent fraud and abuse

3. Data sharing and disclosure

We do not sell your personal information. We may share your information only in the following circumstances: 3.1 Service Providers We may share your information with third-party service providers who perform services on our behalf: - Google LLC: For Google Calendar API integration (subject to Google's Privacy Policy) - Discord Inc.: For Discord bot functionality (subject to Discord's Privacy Policy) - Payment Processors: Stripe and other payment processors for transaction processing - Hosting Providers: Cloud hosting services for data storage and processing - Analytics Providers: To analyze usage and improve our Services All service providers are contractually obligated to protect your information and use it only for the purposes we specify. 3.2 Legal Requirements We may disclose your information if required by law or in response to: - Court orders, subpoenas, or legal processes - Government requests or regulatory requirements - Protection of our rights, property, or safety - Prevention of fraud or abuse 3.3 Business Transfers In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

4. Data retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. - Account Data: Retained while your account is active and for 30 days after account deletion - Google Calendar Data: Retained only while the integration is active; deleted immediately upon disconnection - Transaction Records: Retained for 7 years as required by tax and accounting laws - Usage Logs: Retained for 90 days for security and troubleshooting purposes - Marketing Data: Retained until you opt-out or withdraw consent When we delete your data, we use secure deletion methods to ensure it cannot be recovered.

5. Your rights under GDPR

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights: 5.1 Right of Access You have the right to request access to your personal information and receive a copy of the data we hold about you. 5.2 Right to Rectification You have the right to request correction of inaccurate or incomplete personal information. 5.3 Right to Erasure ("Right to be Forgotten") You have the right to request deletion of your personal information when: - The data is no longer necessary for the original purpose - You withdraw consent and there's no other legal basis - The data has been unlawfully processed - Erasure is required for legal compliance 5.4 Right to Restrict Processing You have the right to request restriction of processing when: - You contest the accuracy of the data - Processing is unlawful but you don't want erasure - We no longer need the data but you need it for legal claims 5.5 Right to Data Portability You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller. 5.6 Right to Object You have the right to object to processing based on legitimate interests or for direct marketing purposes. 5.7 Right to Withdraw Consent Where processing is based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing before withdrawal. 5.8 How to Exercise Your Rights To exercise any of these rights, please contact us at: - Email: esportbot.eu@gmail.com - Subject Line: "GDPR Data Request - [Your Right]" We will respond to your request within 30 days. We may require verification of your identity before processing your request.

6. Google Calendar API data usage

6.1 Scope of Access When you authorize Google Calendar integration, we request the following OAuth scopes: - `https://www.googleapis.com/auth/calendar` - Full read/write access to your calendars 6.2 How We Use Google Calendar Data - Read Access: To display your calendar events in our dashboard and sync Discord events - Write Access: To create events in your calendar, update events, and send invitations - Data Storage: Calendar event data is stored temporarily in our database to enable synchronization 6.3 Your Control - You can revoke Google Calendar access at any time through: - Our dashboard settings - Your Google Account security settings (https://myaccount.google.com/permissions) - Revoking access immediately stops all calendar data collection and deletes stored calendar data 6.4 Google's Privacy Policy Google Calendar integration is subject to Google's Privacy Policy: https://policies.google.com/privacy

7. Data security

We implement appropriate technical and organizational measures to protect your personal information: - Encryption: Data in transit is encrypted using TLS/SSL - Access Controls: Limited access to personal information on a need-to-know basis - Secure Storage: Data stored in secure, encrypted databases - Regular Audits: Security audits and vulnerability assessments - Incident Response: Procedures for detecting and responding to security breaches However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. When we transfer data internationally, we ensure appropriate safeguards are in place: - Standard Contractual Clauses: We use EU-approved standard contractual clauses with service providers - Adequacy Decisions: We rely on adequacy decisions where applicable - Your Consent: We obtain your explicit consent for transfers where required

9. Children's privacy

Our Services are not intended for individuals under the age of 16 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately, and we will delete such information.

10. Cookies and tracking technologies

We use cookies and similar tracking technologies to: - Remember your preferences and settings - Analyze usage patterns and improve our Services - Provide personalized content You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Services.

11. Third-party links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. The updated version will be indicated by a revised "Last Updated" date at the top of this page. We will notify you of material changes by: - Posting a prominent notice on our website - Sending an email notification (if you have provided your email) - Displaying a notice in our Discord bot or dashboard We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Your right to lodge a complaint

If you believe we have violated your privacy rights, you have the right to lodge a complaint with your local data protection authority: - EU Users: Contact your local data protection authority (list available at: https://edpb.europa.eu/about-edpb/board/members_en) - UK Users: Information Commissioner's Office (ICO) - https://ico.org.uk - Other Jurisdictions: Contact your local data protection authority We encourage you to contact us first at esportbot.eu@gmail.com so we can address your concerns directly.

Use of any and all services is furthermore regulated by Terms of Service.

Privacy policy