Privacy Policy

Version: 2.0

1. Introduction

Your privacy is important to us. This Privacy Policy explains how OptiDesk collects, uses, discloses, retains, and safeguards your information when you or a Discord guild you are a member of uses the OptiDesk Service ("Service").

OptiDesk is a Discord-verified, license-based ticketing service operated by a small volunteer team. We are committed to data minimisation: we collect only what we need to operate the Service, secure it, and meet our legal obligations.

This Policy applies to all use of the Service, including the OptiDesk bot, the OptiDesk Utilities bot, the Interactive Support Service, our website, our public status page, and our support channels.

This Policy should be read alongside our Terms of Service. Where we act as a processor on behalf of a Discord Guild Owner (for example, when handling ticket content created in their guild), the Guild Owner is the controller of that data and their own privacy practices also apply.

2. Definitions

• "Discord User" — any individual who interacts with the Service through Discord, including guild members, ticket participants, and Server Staff.

• "Guild Owner" — the Discord account designated as the owner of a Discord guild using the Service.

• "Server Staff" — support agents within a Guild assigned the configured Support Member Role.

• "Personal Information" — information about an identified or identifiable individual, as defined under the Australian Privacy Principles ("APP") and the EU/UK General Data Protection Regulation ("GDPR").

• "Service" — collectively, all OptiDesk software, bots, websites, status pages, and support functions.

3. Information We Collect

We collect only what is needed to operate, secure, and improve the Service. Categories below correspond to the actual systems we run.

3.1 Discord identifiers

For every Discord User who interacts with the Service, we may process:

• Discord User ID (a numeric identifier)

• Discord username and display name

• Discord guild (server) ID

• Discord channel and message IDs relevant to a ticket or invite

These are the minimum identifiers required for the Service to function on the Discord platform.

3.2 Guild configuration data

For each guild using the Service, we store configuration data the Guild Owner provides, including:

• Customisation assets (uploaded images, icons, accent colours, emojis, configured text)

• Role IDs designated for staff or safety roles

• Channel IDs configured for ticketing functions

• Licensing parameters

This information is stored in AWS.

3.3 Licensing data

For licensed installations we record license identifiers, the guilds a license is active in (server name and ID), license status, issuance and expiry information, and the contact tied to the license. This information is stored in AWS.

3.4 Ticket and transcript data

When the Service is used to operate a support ticket, we process:

• Messages, attachments, and metadata posted in that ticket

• Identifiers of participants and timestamps of activity

• Transcripts of completed tickets

• Live ticket state

This information is stored in AWS.

For ticket content, the Guild Owner is the controller and OptiDesk is the processor. We process this content on behalf of the Guild Owner under the Terms of Service.

3.5 Interactive Support callouts

When Server Staff trigger a callout to OptiDesk Interactive Support, we additionally collect the reason given for the callout and a record of the support agent who responded. Refer to the Interactive Support Terms for full handling, confidentiality terms, and the limited circumstances in which confidentiality may be broken.

3.6 Enforcement records

Where an Enforcement Action is taken against a Discord User or guild, we record:

• The Discord User ID and/or guild ID concerned

• The reason for the action

• Related identifiers (alternative usernames, known associates) where relevant

• Cross-platform identifiers where they directly support the enforcement matter

• The date and outcome of the action

This information is stored in AWS. Where enforcement records contain Personal Information beyond a Discord identifier, that information is held under stricter access controls and is recorded with a justification for its retention, in accordance with our APP and GDPR obligations.

3.7 Invite and operational data

We hold short-lived invite identifiers used to facilitate Interactive Support callouts, and other sensitive per-guild operational data. These contain identifiers only and are stored in AWS.

3.8 Product analytics, telemetry, and operational traces

We use PostHog to collect product analytics and operational traces from the OptiDesk bot. PostHog data may include:

• Anonymous and pseudonymous event data describing how the Service is used (for example, command invocations, feature interactions, success or error states)

• Discord Guild IDs as event identifiers, used to debug issues and improve the Service

• Performance traces and error stack traces emitted by the bot

We use these analytics to understand how the Service is used in aggregate, identify and resolve bugs, and prioritise improvements. We do not sell or share this analytics data, and we do not use it for advertising.

3.9 Monitoring and incident data

We use Uptime Kuma to monitor whether the Service is online, and PagerDuty to receive alerts when monitoring or PostHog detects an incident. Where we publish incident updates to our community, those updates are operational only (incident summaries and timestamps) and do not include Personal Information about end users.

3.10 Email correspondence

When you contact us by email, your email address, the contents of your message, and any attachments are processed by our email provider, Migadu (operated by Migadu Mail Sàrl, Switzerland). We may also maintain a denylist of email addresses associated with abuse of our email systems.

3.11 Website data

Our website is a static informational site that loads assets from its hosting provider (Framer). We do not run PostHog or other product analytics on the website, and we do not knowingly use third-party advertising or social-media trackers.

4. How We Use Your Information

We use the information listed in Section 3 to:

• Provide the Service — operating the OptiDesk bot, ticketing system, licensing system, and Interactive Support function for Guild Owners and their members.

• Authenticate and license — verifying that a guild holds a valid licence and that requests originate from authorised staff.

• Maintain safety and integrity — preventing fraud, abuse, harassment, and misuse of the Service; protecting our users, staff, and infrastructure.

• Operate enforcement — investigating and recording violations of our Terms of Service, the OptiDesk Partnership Agreement, and other policies.

• Monitor and improve — detecting outages, debugging errors, understanding usage patterns, and improving reliability and features.

• Communicate — responding to support requests, sending service-critical notifications (including via our status page and Discord), and replying to enforcement appeals.

• Comply with law — meeting obligations under the Australian Privacy Act 1988 (Cth), the GDPR, applicable Discord Developer Terms, and any lawful request issued under Australian law.

Lawful bases under the GDPR

Where the GDPR applies, we rely on the following lawful bases:

• Performance of a contract — to operate the Service for the Guild Owner who has registered for it and for users who have agreed to our Terms of Service.

• Legitimate interests — to secure the Service, prevent abuse, conduct enforcement, monitor performance, and improve the product. Where we rely on legitimate interests, we have balanced our interests against the rights and freedoms of the individuals concerned.

• Legal obligation — where we are required by law to retain or disclose information.

• Consent — where you have explicitly opted in (for example, by accepting Interactive Support Terms before triggering a callout). You may withdraw consent at any time, though doing so may end your access to the relevant feature.

5. Sharing Your Information

We do not sell your data, and we never will. We do not share your data with advertisers, data brokers, or analytics aggregators.

We do disclose information to a limited set of trusted parties strictly to operate the Service:

These providers act as our data processors (or, in Discord's case, as a separate controller of the underlying platform). They are bound by their own terms and security obligations. We choose providers that publish current security and privacy documentation.

Customer Service access

A small number of trusted OptiDesk Customer Service representatives can, in the course of supporting you, view:

• The guilds for which you currently hold a licence (name and ID)

• Your active license information

Broader internal access is governed by a tiered model:

• Standard staff access covers operational data needed for day-to-day support (enforcement records, configuration, licensing).

• Elevated access is restricted to staff with a specific operational need.

• Sudo access to any expanded Personal Information (e.g. contact details collected for enforcement purposes) is restricted to the Founder/DPO, recorded with a justification, and used only where directly relevant to enforcement, OSINT, or legal obligations.

Disclosures we may be compelled to make

We may disclose information where:

• Australian law compels us to (for example, under a valid subpoena, warrant, or APP-permitted request);

• A regulator, court, or law enforcement body lawfully requires it;

• We believe in good faith that disclosure is necessary to prevent imminent risk to life or serious harm; or

• It is necessary to investigate, establish, exercise, or defend a legal claim involving OptiDesk.

Where the law permits, we will notify you as soon as practicable when such a disclosure occurs.

6. International Data Transfers

OptiDesk is operated from Australia. Several of our processors store data outside Australia, including in the United States, the European Union/EEA, and Switzerland. Where we transfer Personal Information internationally, we rely on the lawful transfer mechanisms available under the GDPR (such as Standard Contractual Clauses or adequacy decisions) and meet the cross-border disclosure requirements of APP 8 under the Australian Privacy Act.

7. Data Retention

We keep Personal Information only for as long as we need it for the purposes set out in this Policy.

• Guild configuration and licensing data — retained for the lifetime of the guild's use of the Service, plus a reasonable period afterwards for billing, fraud, and dispute purposes.

• Live ticket data — retained while the ticket is active.

• Ticket transcripts — retained on behalf of the Guild Owner, who controls the retention period for content within their guild. Where a Guild Owner is no longer a customer, transcripts are deleted within a reasonable period unless a legal hold applies.

• Interactive Support transcripts (Director/Founder review copies) — deleted immediately after review, per our Interactive Support Terms.

• Enforcement records — retained indefinitely while the enforcement action remains operationally relevant. See Section 9.2 below.

• PostHog analytics and traces — retained per PostHog's default retention applicable to our project; aggregate event data may be retained for product analysis. Trace data is retained only as long as needed to investigate the relevant issue.

• Email correspondence — retained for as long as needed to handle the matter and for a reasonable period for record-keeping.

• Backups — copies of data may exist in routine backups for a short period after deletion from primary systems.

8. Security

We take security seriously and apply controls proportionate to the volunteer-operated, non-commercial scale of the Service:

• Access to production systems is restricted on a need-to-know basis.

• Sensitive operational data (including enforcement records and any sudo-tier Personal Information) sits behind tiered access controls.

• We use a "safety role" model in our community spaces so that unvetted members cannot post media that could expose other users to harmful third-party content.

• We monitor the Service via Uptime Kuma, PostHog, and PagerDuty so that incidents are detected and responded to quickly.

• Staff credentials are protected by strong passwords and, where supported, multi-factor authentication.

You can read more about our security practices in the FAQ entry "Is OptiDesk Secure?" on our website.

No system is perfectly secure. If we become aware of a data breach affecting Personal Information, we will assess and notify in line with our obligations under the Notifiable Data Breaches scheme (Australian Privacy Act) and the GDPR.

9. Your Rights and Choices

9.1 Rights you can exercise

Subject to verification of your identity and to the exceptions in Section 9.2, you may request that we:

• Access the Personal Information we hold about you;

• Correct Personal Information that is inaccurate, out of date, incomplete, or misleading;

• Delete your Personal Information (the "right to erasure" under the GDPR);

• Port your Personal Information to another service in a structured, commonly used format, where the GDPR right to data portability applies;

• Restrict or object to processing of your Personal Information in specified circumstances;

• Withdraw consent where we rely on consent as the lawful basis;

• Lodge a complaint with a supervisory authority — in Australia, the Office of the Australian Information Commissioner (OAIC); in the EU/UK, your local data protection authority.

In particular, you may request removal of:

• Your customer data (with the express acknowledgement that doing so will permanently and irrecoverably end any active licences);

• Transcripts containing your Personally Identifying Information (with notification to the relevant Guild Owner, who is the controller of that content);

• Infringing material inside a guild using OptiDesk;

• Data from users who are under the legal age of digital consent in their jurisdiction (see Section 10);

• Any data we are legally obligated to remove.

9.2 Requests we will decline or limit

We will refuse, restrict, or partially decline a request where:

• The request relates to Enforcement Actions or Enforcement Data — including the Discord User ID, guild IDs subject to enforcement, and the reason the enforcement action was taken — because we need this data to securely operate the Service for the rest of our community. We will not remove enforcement data on request, except where we are legally obligated to (for example, where the request relates to a user under the age of digital consent, or where a competent regulator or court compels removal).

• The request is not made in good faith, is repetitive, manifestly unfounded, or excessive.

• The request would unreasonably affect the privacy or rights of other individuals.

• We are required by law to retain the data, or have an overriding legitimate interest that we have weighed against your rights.

Where we decline a request in part or in full, we will tell you why.

9.3 How to exercise your rights

To make a request, contact us by:

• Opening a ticket in the OptiDesk support Discord;

• Emailing takedown@optidesk.dev for general takedown and removal requests;

• Emailing dpo@optidesk.dev for GDPR-specific requests (right to access, erasure, portability, restriction, objection); or

• Emailing app@optidesk.dev for Australian Privacy Principles requests.

Clearly state what you would like removed or actioned, why, and any information that helps us locate the relevant records. You will receive a response within 30 days, including a description of what action was taken and what (if anything) was removed.

10. Children's Data

The Service is not directed at children. Discord's own Terms of Service require users to be at least 13 years old (or the minimum age of digital consent in their country, whichever is higher).

We do not knowingly collect Personal Information from children below the applicable minimum age. If we discover we hold such information, we will delete it promptly. If you believe we hold information about a child below the minimum age, please contact dpo@optidesk.dev.

11. Cookies and Tracking on Our Website

We do not run product analytics, advertising cookies, third-party retargeting pixels, or social-media trackers on our website. Our hosting provider (Framer) may set strictly necessary cookies required to deliver the site. PostHog analytics described in Section 3.8 apply only to interactions with the OptiDesk bot, not to browsing our website.

12. Disclaimer, Limitation of Liability, and Statutory Rights

We work hard to handle your data responsibly. That said, you should understand the following — written plainly, on the understanding that nothing here removes your rights under laws that we cannot lawfully exclude.

12.1 Service provided "as is"

The Service is provided on an "as is" and "as available" basis. To the maximum extent permitted by law, OptiDesk makes no representations or warranties of any kind, express or implied, regarding the Service's privacy or security beyond what is expressly stated in this Policy, and we do not guarantee that the Service will be uninterrupted, error-free, or free from third-party interference.

12.2 Limitation of liability

To the maximum extent permitted by law:

• OptiDesk is not liable for any indirect, incidental, special, consequential, exemplary, or punitive damages — including loss of data, loss of profits, loss of goodwill, loss of opportunity, or business interruption — arising out of or relating to this Privacy Policy or the Service.

• OptiDesk's total aggregate liability in connection with this Privacy Policy is limited to the greater of (a) the total fees paid by you to OptiDesk in the twelve (12) months preceding the event giving rise to the claim, or (b) AUD $25.

• Where the Australian Consumer Law implies a guarantee that cannot be excluded but can be limited, OptiDesk's liability for breach of that guarantee is limited, at OptiDesk's option, to the re-supply of the Service or the cost of having the Service re-supplied.

12.3 What this clause does not do

For complete transparency:

• Nothing in this Policy excludes, restricts, or modifies any right or remedy available to you under the Australian Consumer Law (Schedule 2 to the Competition and Consumer Act 2010 (Cth)) that cannot lawfully be excluded.

• Nothing in this Policy limits OptiDesk's obligations under the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles, the Notifiable Data Breaches scheme, or — where it applies — the EU/UK General Data Protection Regulation.

• Nothing in this Policy excludes liability for fraud, wilful misconduct, or anything else that cannot lawfully be excluded under applicable law.

13. Changes to This Policy

We may update this Policy from time to time. When we do, we will:

• Update the Effective Date and Version at the top of this Policy;

• Maintain a change log of material changes;

• Where the change is material, give reasonable notice via our community channels (Discord announcements and/or our status page) before it takes effect.

Continued use of the Service after a revised Policy takes effect constitutes acceptance of the revised Policy, to the extent the law permits.

14. Contact Us

For privacy questions, requests, or concerns:

• General privacy / takedown: takedown@optidesk.dev

• GDPR-specific requests: dpo@optidesk.dev

• Australian Privacy Principles requests: app@optidesk.dev

• Founder / Data Protection Officer: Liam — liam@optidesk.dev

• Discord: open a ticket in the OptiDesk support Discord

We aim to respond within 30 days.