๐Ÿ”’ Privacy Policy

In accordance with GDPR (EU) 2016/679

๐Ÿ›ก๏ธ Summary: We store no passwords in our database. Login is handled exclusively via Discord OAuth. We use no tracking or advertising cookies. Only technically necessary session data is stored.

1. Data Controller

NightShade Guild (non-commercial gaming community)
Contact: Discord server NightShade Guild

2. Data We Collect

Data Category Source Purpose Retention
Discord ID Discord OAuth User identification Until deleted by you
Username Discord OAuth Display name Until deleted by you
Avatar URL Discord OAuth Profile picture display Until deleted by you
Voluntary profile info Entered by you (bio, player type) Member profile Until deleted by you
Activity data Raid / GvG / Ladder sign-ups Event organisation Until event archival

3. Passwords

๐Ÿ” We do not store passwords.
Login on this website is handled exclusively via Discord OAuth 2.0. No passwords are stored or transmitted through our servers. Authentication is handled entirely through Discord's secure infrastructure.

4. Cookies & Session Data

This website uses only technically necessary cookies:

  • Session token (HttpOnly cookie) โ€” contains an encrypted JWT (JSON Web Token) for authentication. No password, just a temporary access token. Expires when the browser is closed or after 24 hours.
  • Cookie consent (localStorage) โ€” stores your consent to this privacy policy in your browser's local storage. Not transmitted to the server.

No tracking cookies, no analytics tools, no advertising networks.

5. Discord OAuth

For login we use Discord's OAuth 2.0 system. Upon signing in, Discord provides us with the following data (subject to your consent):

  • Discord user ID
  • Discord username
  • Avatar URL (a link to Discord's CDN, not a direct image copy)

Discord's own privacy policy can be found at: discord.com/privacy

6. Hosting & Third Parties

This website is hosted on a private server in Germany. No data is passed to third parties except to Discord as part of the OAuth authentication process.

Embedded Discord widgets load content directly from Discord's servers. Discord may set its own cookies in this context (third-party provider).

7. Your Rights

Under the GDPR you have the following rights:

  • Access โ€” you may request information about your stored data at any time
  • Rectification โ€” you may request correction of inaccurate data
  • Erasure โ€” you may request deletion of your data
  • Restriction โ€” you may request restricted processing of your data
  • Objection โ€” you may object to the processing of your data

To exercise any of these rights, contact the administration via the Discord server.

8. Data Security

All connections to this website are encrypted via HTTPS/TLS. Session tokens are transmitted as HttpOnly cookies and cannot be read by JavaScript. All database access is internal with no external connections.

9. Changes

We reserve the right to update this privacy policy as needed. The current version is always available on this page.

Last updated: January 2025

← Back to Home Legal Notice