Legal
Privacy Policy
This policy describes what data Autodisc collects, how we use it, and which third-party services process your information. We believe in transparency — no legalese, just plain language.
Last updated: February 15, 2026
1. Information We Collect
Account Information
Email address, username, and profile data provided by your sign-in provider (Discord, GitHub, or Google).
Project Data
Bot source code, configuration files, environment variables (encrypted at rest), and deployment logs for projects you create.
Usage Data
Basic analytics such as page views and feature usage, collected to improve the product. We do not sell this data to third parties.
Payment Information
Billing details are processed entirely by Stripe. We store only your subscription status and plan type — never your card number.
2. How We Use Your Data
Service Delivery
To authenticate your account, deploy and manage your bots, process payments, and provide customer support.
Product Improvement
Aggregated, anonymized usage data helps us understand how features are used and where to invest engineering effort.
Communication
We may send transactional emails related to your account (e.g., billing receipts, security alerts). We do not send marketing emails without your opt-in.
3. Data Retention
Account Data
Retained while your account is active. You can request full deletion of your account and all associated data at any time by contacting support.
Deployment Logs
Build and runtime logs are retained for 30 days, then automatically purged.
Project Artifacts
Deployed code and configuration are retained until you explicitly delete the project.
4. Security
Encryption
All environment variables and secrets are encrypted at rest using AES-256. Data in transit is protected via TLS 1.2+.
Isolation
Each deployed bot runs in an isolated container with strict resource limits and no shared filesystem access between users.
Access Control
Internal access to production infrastructure is restricted to essential personnel and protected by multi-factor authentication.
5. Your Rights
Access & Portability
You can request a copy of all data associated with your account at any time.
Deletion
You can request complete deletion of your account, projects, and all associated data. We will process deletion requests within 30 days.
Correction
If any of your personal information is inaccurate, you can update it directly in your account settings or contact support.
6. Third-Party Services
Your use of Autodisc is also subject to the privacy policies of these providers.
| Service | Purpose | Details |
|---|---|---|
| Supabase | Authentication & database | Handles user authentication, session management, and stores account data. |
| Discord | OAuth sign-in | If you sign in with Discord, we receive your Discord user ID, username, and email. |
| GitHub | OAuth & repository access | If you sign in with GitHub or connect repositories, we access your public profile and authorized repos. |
| OAuth sign-in | If you sign in with Google, we receive your Google user ID, name, and email. | |
| Stripe | Payment processing | Handles all payment transactions and billing. We never store your payment card details. |
| Amazon Web Services | Hosting infrastructure | Your hosted bots run on AWS infrastructure (EC2, S3). Logs and artifacts may be stored on AWS. |
| OpenRouter | AI-assisted deployment | Used as a fallback to detect build commands and start commands when they cannot be inferred from your project. Your project metadata may be sent to AI models via OpenRouter. |
7. Contact
Questions about this policy or your data? Reach out via our support page. We aim to respond to all privacy-related requests within 5 business days.