Privacy Policy

Last updated: 2026-05-21

What we collect

We keep the minimum data needed to run the site.

  • Account identity: When you sign in via Discord, Microsoft, or Google, we receive your provider user ID and your email (if the provider releases it). We do not store your provider-supplied display name or avatar — until you set a nickname during onboarding, the site assigns you a randomly generated placeholder (e.g., BraveOtter) for display. We do not receive your provider password and we do not store OAuth access or refresh tokens.
  • Content you create: Guilds, events, schedule polls, RSVPs, invites, reports, and roster data. These persist until you delete them or close your account.
  • Session + traffic: A session cookie (HttpOnly, SameSite=Lax) and your IP address as seen by Cloudflare. Used for authentication, rate limiting, and abuse mitigation.
  • Push notification subscriptions (optional): If you opt in to browser push reminders, we store a per-device subscription record: the push-service endpoint URL your browser issued, and the public crypto keys (p256dh + auth) needed to encrypt notifications so only your browser can read them. We do not store any IDP-issued device identifier. You can remove a subscription any time at Account → Notification settings, or by revoking the permission in your browser.
  • Diagnostic logs: Operational logs (HTTP method + path + status, error traces, IP addresses for rate-limiting) are written to the application's log directory and rotated daily. Retention is 14 days by default and configured in code, not by external system policy. Logs are not used for analytics or marketing and are not shared with third parties.

What we don't collect

  • No third-party analytics or ad trackers.
  • No social-network pixels.
  • No selling, renting, or sharing your data with marketers.

Why we collect it

  • Authenticate you and remember you across sessions.
  • Show you only the guilds, events, and polls you have access to.
  • Detect and stop abuse — rate limits, block lists, moderation reports.
  • Diagnose bugs from anonymous error reports.

Who we share it with

  • Auth providers (Discord, Microsoft, Google) — only the OAuth handshake. They learn that you signed into raid.rsvp; they do not see what you do here.
  • Cloudflare — terminates TLS and tunnels traffic to our origin. Sees your IP and request URL.
  • Browser push services (Mozilla autopush, Google FCM, etc., depending on your browser) — only if you opt in to push reminders. We send each notification directly to the endpoint URL your browser issued; the push service relays it to your device. Notification payloads are encrypted end-to-end between us and your browser's service worker, so the push service can't read them.
  • No one else. We do not sell or rent personal data.

Your rights

If you're in the EU, UK, or California, you have legal rights to access, export, and delete your data. Everyone gets these rights here regardless of jurisdiction:

  • Export: Account → "Export my data" returns a JSON dump of everything tied to your account.
  • Delete: Account → "Delete my account" hard-deletes your row, your linked OAuth records, and all content you authored.
  • Correct: Edit your display name and timezone in Account settings. Email is set by your auth provider — change it there.

Cookies

One cookie: the session ID. HttpOnly, SameSite=Lax, marked Secure in production. Lifetime: 14 days, rolling. No tracking cookies.

Data retention

  • Account data: until you delete the account.
  • Sessions: 14 days of inactivity, then expire.
  • Logs: rotated daily, 14-day retention enforced in application code.
  • Reports + moderation records: kept indefinitely (audit trail).
  • Database backups: The database is dumped nightly and stored encrypted at rest on operator-owned infrastructure. Local copies are pruned after 7 days; an off-box copy on an encrypted NAS volume is pruned after 30 days, with a further ~30 days in that NAS's recycle bin before final purge (~60 days maximum window). When you delete your account or specific content, the deletion takes effect on live data immediately; backup copies that were taken before the deletion roll off automatically within that retention window. We do not access backups to fulfill new requests during that window.

Contact

Privacy questions or data requests: [email protected]

Terms of Service · Home