Invite Bot
Legal · Privacy

Privacy Policy

How Strom collects, uses, and protects your information. Written in plain English — no legal gymnastics.

Last updated: January 15, 2025Effective: February 1, 2025
01

Overview

Strom ("we", "our", or "us") is a Discord bot service operated by Strom Inc. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you add our bot to your Discord server or visit our website. By using Strom, you agree to the collection and use of information in accordance with this policy. If you disagree with any part of these terms, please discontinue use of the service.

Plain-English summary: We only collect the minimum data necessary to run the bot. We do not sell your data. You can request deletion at any time.
02

Data We Collect

We collect information that is strictly necessary to provide and improve the Strom service. Below is a complete breakdown of every category of data we process.

Information from Discord

When you add Strom to your server, Discord grants our bot access to specific data through its API. We only request the permissions required for bot functionality:

User ID
Identify users for XP, leveling, and moderation records
RetainedUntil deletion requested
Username & discriminator
Display in leaderboards and logs
RetainedUntil deletion requested
Server (Guild) ID
Associate configuration with your server
RetainedUntil bot is removed
Channel IDs
Route bot responses to correct channels
RetainedUntil bot is removed
Message metadata
Track XP gain and command usage (not message content)
Retained90 days
Role IDs
Assign and remove auto-roles
RetainedUntil bot is removed

Information from our website

When you visit strombot.com we may collect standard web analytics data including IP address (anonymised), browser type, pages visited, and referral source. This data is aggregated and never linked to your Discord identity.

We never read message content. Our bot only receives message events to calculate XP and process slash commands. Raw message text is never stored or transmitted to our servers.
03

How We Use Your Data

We use the information we collect exclusively to:

  • Operate and maintain the Strom bot and its features
  • Track XP, levels, and leaderboard rankings across your server
  • Store server configuration (prefix, welcome messages, auto-roles)
  • Apply moderation actions and maintain audit logs
  • Send transactional emails (receipts, subscription notices)
  • Detect abuse, fraud, and violations of our Terms of Service
  • Improve the product through aggregated, anonymised analytics
  • Respond to support requests and bug reports

We do not use your data for advertising, we do not build user profiles for sale, and we do not engage in any form of automated decision-making that produces legal or similarly significant effects.

04

Data Sharing & Disclosure

We do not sell your personal information. We may share limited data with trusted third parties only in the following circumstances:

Stripe
Payment processing
Billing info only
Privacy policy ↗
AWS
Cloud hosting & storage
Encrypted server data
Privacy policy ↗
Resend
Transactional email
Email address only
Privacy policy ↗
Sentry
Error monitoring
Anonymised error traces
Privacy policy ↗

We may also disclose information when required by law, to protect our legal rights, or to prevent harm to users or third parties.

05

Data Retention

We retain your data only for as long as necessary to provide the service or as required by law. Specific retention periods are as follows:

90 daysMessage metadata & command logs
1 yearModeration audit logs
Active subscriptionBilling & payment records
Bot removalServer configuration data
On requestUser XP and level data
7 yearsFinancial records (legal requirement)

When you remove Strom from your server, all associated configuration data is scheduled for deletion within 30 days. Backups are purged on a rolling 90-day cycle.

06

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access

Request a copy of all data we hold about you.

Rectification

Ask us to correct inaccurate or incomplete data.

Erasure

Request deletion of your personal data ("right to be forgotten").

Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing of your data for certain purposes.

Restriction

Ask us to limit processing while a dispute is resolved.

To exercise any of these rights, contact us at privacy@strombot.com. We will respond within 30 days. Identity verification may be required.

07

Cookies

Our website uses cookies and similar tracking technologies to provide essential functionality and improve your experience.

sessionEssentialKeeps you logged in to the dashboardSession
__stripe_midEssentialStripe fraud prevention1 year
_gaAnalyticsAnonymised usage analytics (Google Analytics)2 years

You can control cookies through your browser settings. Disabling non-essential cookies will not affect bot functionality.

08

Security

We implement industry-standard technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction:

  • All data is encrypted in transit using TLS 1.3
  • Data at rest is encrypted using AES-256
  • Database access is restricted by IP allowlist and requires MFA
  • API keys and secrets are stored in a dedicated secrets manager
  • We undergo annual third-party app audits
  • Employees receive regular app awareness training
  • Incident response plan with 72-hour breach notification

No method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

09

Children's Privacy

Strom is not directed at children under 13 years of age (or the relevant minimum age in your jurisdiction). We do not knowingly collect personal information from children.

Discord itself requires users to be at least 13 years old. If you believe a child has provided us with personal information, please contact us at privacy@strombot.com and we will promptly delete the information.

10

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, notify server administrators via a bot message or email.

Your continued use of Strom after changes become effective constitutes your acceptance of the revised policy. We encourage you to review this page periodically.

11

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out:

Privacy requestsprivacy@strombot.com
General supportsupports@strombot.com
Discord support serverhttps://discord.gg/2Dy5JHSj

We are based in Delaware, USA. For EU/EEA residents, our data processing is governed by GDPR. For California residents, your rights under CCPA apply.

Questions about your data?

We're happy to walk you through anything in this policy or action any data requests you have.

Contact our privacy team