Get Valt
Legal

Privacy Policy

Last updated: March 30, 2026

This Privacy Policy explains how Valt ("we", "us", "our") collects, uses, and protects your personal data when you use our Discord bot and web dashboard at dash.valt.gg (together, the "Service").

We are based in the Netherlands and process data in accordance with the General Data Protection Regulation (GDPR/AVG).

For questions about this policy or your data, contact us at [email protected].

1. What data we collect

Account data (via Discord OAuth)

  • Discord user ID, username, and avatar
  • List of Discord servers (guilds) you are a member of

Service data

  • Messages sent in Discord servers where the bot is active
  • Moderation actions (warns, mutes, kicks, bans) and case history
  • Ticket conversations
  • XP, levels, and activity statistics
  • Server configuration and module settings
  • Application forms and responses
  • Feedback survey responses

Technical data

  • IP addresses of dashboard visitors
  • Browser type and operating system

2. Why we collect data

We process your data for the following purposes:

  • Providing the Service:displaying messages, moderation tools, tickets, stats, and other features in the dashboard (legal basis: contract performance)
  • Authentication:verifying your identity via Discord OAuth (legal basis: contract performance)
  • Payment processing:handling subscriptions for Pro and Max plans (legal basis: contract performance)
  • Security:protecting against abuse, spam, and unauthorized access (legal basis: legitimate interest)
  • Internal monitoring:tracking feature usage and performance to improve the Service (legal basis: legitimate interest)

3. Data retention

How long we store your data depends on your plan:

  • Messages: 7 days (Free), 30 days (Pro), 90 days (Max)
  • Moderation cases, tickets, and other records: retained while your team is active on the Service
  • Statistics: after 365 days, data is anonymized and converted to aggregate numbers that can no longer be linked to individual users
  • Account data: retained until you request deletion or your team is removed

When the bot is removed from a server, data is retained until the retention period for your plan expires. After that, it is automatically deleted.

4. Third-party processors

We share data with the following third parties, solely for operating the Service:

  • Discord (San Francisco, USA). Authentication via OAuth, bot functionality. Privacy Policy
  • Stripe (San Francisco, USA). Payment processing for paid plans. All prices are inclusive of VAT. We do not store your credit card details. Privacy Policy
  • Hostinger (Kaunas, Lithuania). Server hosting and data storage. Privacy Policy

We do not sell your data to third parties. We do not use tracking cookies or third-party analytics scripts on our website.

5. Data transfers outside the EU

Discord and Stripe are based in the United States. Data transferred to these parties is protected by Standard Contractual Clauses (SCCs) as approved by the European Commission.

6. Your rights under GDPR

You have the following rights regarding your personal data:

  • Access:view your data in the dashboard, or request a copy via email
  • Rectification:request correction of inaccurate data
  • Erasure:request deletion of your data
  • Restriction:request that we limit processing of your data
  • Portability:receive your data in a machine-readable format (CSV export is available on Pro and Max plans)
  • Objection:object to processing based on legitimate interest

To exercise any of these rights, email [email protected]. We will respond within 30 days.

Data deletion for server members

If you are a member of a Discord server that uses Valt and want your data removed, you can submit a deletion request through the dashboard. If you are unable to access the dashboard, you can email [email protected] instead. We may ask for additional information to verify your identity. We will process your request within 30 days.

Data deletion for team owners

Team owners can request full deletion of their team's data by contacting [email protected].

7. Cookies

The dashboard uses a session cookie that is strictly necessary for authentication. This cookie is:

  • HttpOnly and Secure
  • SameSite=Lax
  • Expires after 7 days

We do not use tracking cookies, advertising cookies, or third-party analytics cookies on our website or dashboard.

8. Security

We take appropriate measures to protect your data, including:

  • HTTPS encryption on all connections
  • Parameterized SQL queries to prevent injection
  • CSRF protection on all form submissions
  • Rate limiting to prevent abuse
  • Server-side session management
  • Security headers (HSTS, CSP, X-Frame-Options)

9. Changes to this policy

We may update this Privacy Policy from time to time. Significant changes will be announced via our Discord support server. The "Last updated" date at the top reflects the most recent revision.

10. Governing law

This Privacy Policy is governed by Dutch law. If any issues come up, we'll try to resolve them together first, but if needed, Dutch courts have jurisdiction.

11. Complaints

If you believe we are not handling your data correctly, you have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.