Privacy Policy — Project Vertical Staff Status Bot

Last updated: 25 January 2026

This Privacy Policy explains how Project Vertical (“we”, “us”, “our”) handles information when you use the Project Vertical Staff Status Bot (“Bot”) in Discord.

1) Scope

This policy applies to the Bot’s operation inside Discord servers where it is installed and configured by Project Vertical.

2) Information the Bot may process

Depending on configuration and enabled features, the Bot may process:

Discord data

  • Server, channel, and message identifiers (IDs) needed to post updates and rename channels.

  • User IDs only when needed for staff pings (e.g., violation notifications).

  • Command interaction metadata (e.g., who ran a command), where applicable.

Google Sheets data (via OAuth)

  • Spreadsheet ID, worksheet name, and cell values necessary to compute operational metrics (e.g., “To Take”).

  • OAuth token data stored locally on the host running the Bot (e.g., token.json) to maintain authorised access.

TikTok LIVE Backstage data

  • Dashboard/violation information displayed on configured Backstage pages (e.g., violation reason, restoration time, manager email as shown by Backstage).

  • A locally stored authenticated browser session state (e.g., a Playwright storage state file) used to access Backstage without re-logging in each run.

3) What the Bot does not do

The Bot is not designed to:

  • Read your private Discord DMs.

  • Collect passwords.

  • Sell or rent any data.

  • Track users across servers for advertising purposes.

4) How we use information

We use processed information solely to:

  • Update operational status channel names.

  • Generate internal operational counts (e.g., remaining “To Take” entries).

  • Post relevant internal alerts (e.g., TikTok Backstage violation notifications).

  • Troubleshoot errors and maintain the Bot.

5) Data storage and retention

The Bot may store limited operational data on the machine where it runs, such as:

  • Cached “last seen” violation state (to prevent duplicate alerts).

  • Logs for debugging and monitoring.

  • OAuth tokens and session state required for ongoing authorised access.

Retention is typically:

  • Operational state: kept until replaced by newer state or deleted by admins.

  • Logs: retained for a reasonable period determined by your internal ops needs, then rotated/deleted.

6) Data sharing

We do not share data with third parties except:

  • Where necessary to operate the Bot through integrated services (Discord, Google, TikTok).

  • When required by law or to protect our rights and safety.

7) Security

We take reasonable measures to protect data used by the Bot, including:

  • Restricting access to the machine hosting the Bot.

  • Limiting Discord permissions to only what is necessary.

  • Using AllowedMentions settings to prevent unintended mass pings.

  • Keeping OAuth tokens and session state files private and accessible only to authorised operators.

No system is 100% secure. If you suspect compromise, notify Project Vertical leadership immediately and rotate credentials/session files.

8) International transfers

Discord, Google, and TikTok may process data in jurisdictions outside the UK. Use of the Bot may involve such transfers as part of those services’ normal operations.

9) Your choices and rights

If you are a staff member with questions or requests relating to data handled by the Bot (e.g., removal of stored logs on the host), contact Project Vertical leadership. Where applicable, we will support reasonable requests.

10) Changes to this policy

We may update this Privacy Policy from time to time. Continued use of the Bot after updates means you accept the revised policy.

11) Contact

For privacy questions about the Bot, contact Project Vertical staff leadership through internal channels..