Privacy Policy

Last updated: May 25, 2026

1. Overview

Nexcord ("we", "us", "our") is a Discord community management platform accessible at nexcord.app. It is owned and operated by Aoun Abu Hassan as an individual. Payments are processed by Paddle as merchant of record under an individual account.

2. Information We Collect

When you sign in with Discord

We receive your Discord user ID, username, display name, avatar URL, and email address from Discord's OAuth system. We store this to create and manage your Nexcord account.

When you use the transcript feature

We collect and store the content of Discord messages from channels you choose to transcript. This includes message text, author names, timestamps, and attachments. Individual messages are stored in our database to enable AI-powered summarization (Pro only). Transcript AI summarization runs on local infrastructure — message content is not sent to external providers for this feature. AutoMod AI content analysis uses Together.ai (api.together.xyz) to scan message content for policy violations. Message content processed by AutoMod is sent to Together.ai solely for inference and is not used for training. Together.ai is bound by their privacy policy at together.ai/privacy.

When you use the message logging feature (Pro only)

If a server administrator enables message logging and posts a /notice in your server, we collect and store every message sent, edited, or deleted in the configured channels. This includes message content, author information, timestamps, edit history, and deleted message content where available. Reply-to content and display names may also be stored to show context. Message logs are retained for the period configured by the server administrator (7 days, 30 days, 90 days, or 1 year). You will always be informed via a server notice before message logging is active in a server you participate in.

When AutoMod is enabled (Pro only)

Messages in monitored channels are scanned by AI for policy violations. Message content, author ID, channel ID, and confidence scores are stored for moderation review. Flagged messages are stored temporarily in a review queue. AutoMod will not run without an active /notice in your server.

When AutoMod Rate Limit is active (Pro only)

Message frequency counters are stored temporarily in Redis using a per-user, per-channel rolling window key. These keys expire automatically after the configured window (5–300 seconds). Offense counters are also stored in Redis and expire after the configured reset period (1–168 hours). No message content is stored by the rate limit system — only counters keyed by guild ID, channel ID, and user ID.

When you use the verification feature

When you complete verification, we collect your IP address to check against VPN and proxy databases (Pro servers only). We store verification logs including your Discord user ID, verification timestamp, and result. Your IP address is checked against IPHub but is not stored by Nexcord beyond the verification request. For In-Discord Captcha, session data including guild ID, user ID, and attempt count is stored in Redis temporarily and deleted after verification completes or expires.

When you use the moderation features

When a server administrator uses Nexcord's moderation tools (warn, mute, kick, ban, unban), we collect and store moderation records including the target Discord user ID, the moderating user ID, the action type, reason, duration where applicable, and timestamp. These records are accessible to server administrators via the dashboard.

When you use the Role Manager

When a Role Manager action is performed (assigning or removing a role via the context menu), we log the action including the performing user's Discord ID, the target member's Discord ID, the role affected, and the timestamp. This audit log is accessible to server administrators via the dashboard.

When you join a server using Welcome & Leave messages

Your Discord username and display name are used to generate a welcome or leave message. No additional data is stored beyond what is already collected for your Nexcord account.

Server information

When you add Nexcord to a Discord server, we store the server ID, name, and icon to display in your dashboard.

Usage data

We collect basic usage information such as when you log in, which servers you manage, and how many transcripts you generate. We do not sell this data.

Admin Panel & Internal Monitoring

Nexcord maintains an internal admin panel accessible only to Nexcord staff with an explicitly assigned admin role. Through this panel, we can view server and user records, audit log entries, system events, and error logs for the purpose of service integrity, abuse prevention, and debugging. Access is protected by JWT authentication and role verification on every request.

We log the following data for operational purposes:

  • Event logs: API requests, bot command usage, and feature activity. Retained for 30 days.
  • Error logs:Application errors from the bot, API, and dashboard, including error type, message, and context. Retained per Sentry's data retention policy.
  • Admin audit log: Every action taken by a Nexcord admin through the admin panel, including who took the action, what was changed, and when.

Servers or users that trigger abuse thresholds may be automatically flagged for review. Flagged records are visible to Nexcord admins and may result in suspension or termination of access to the Service.

Payment information

Payments are processed by Paddle as merchant of record under an individual account. We do not store your credit card details. Paddle's privacy policy applies to payment processing.

3. How We Use Your Information

  • To provide and maintain the Nexcord service
  • To authenticate you via Discord OAuth
  • To store and display your transcripts
  • To send transactional emails (welcome, billing notifications)
  • To send product updates if you subscribed to our newsletter
  • To improve the service based on usage patterns
  • To detect and prevent abuse through automated monitoring and flagging

4. Legal Basis for Processing

  • Contractual necessity
  • Legitimate interests
  • Consent

5. Data Storage

Your data is stored on Supabase infrastructure hosted in the European Union (West region). Transcript HTML files and message attachments are stored in private cloud storage. Transcript content is accessible only via a unique shareable link or through the authenticated dashboard. Attachments are served through Nexcord's own servers and are not directly exposed from storage.

6. Data Retention

  • Free plan transcripts: 30 days
  • Pro plan transcripts: retained indefinitely until you delete them
  • Verification logs: 30 days (Free), unlimited (Pro)
  • Message logs: 7–365 days depending on server administrator configuration (Pro only)
  • Transcript messages (AI summarization data): same period as the parent transcript
  • Event logs: 30 days
  • Error logs: retained per Sentry's data retention policy
  • Admin audit log: indefinitely
  • Account data: until you request deletion
  • Newsletter subscriptions: until you unsubscribe

7. Your Rights

You have the right to:

  • Access the data we hold about you
  • Request deletion of your account and all associated data
  • Export your transcript data
  • Withdraw consent at any time

To exercise these rights, contact us at [email protected].

8. Sharing Your Data

We do not sell your data. We share data only with:

  • Supabase (database and storage infrastructure)
  • Paddle (payment processing — individual-account merchant of record)
  • Upstash (session caching)
  • Resend (transactional email delivery)
  • Cloudflare (CDN and security)
  • Together.ai (AutoMod AI inference) — api.together.xyz
  • IPHub (VPN and proxy detection — IP addresses are checked during verification on Pro servers and are not stored by Nexcord)
  • Sentry (error monitoring — application errors from the bot and API are sent to Sentry for tracking and alerting) — sentry.io
  • Axiom (event logging — API request and bot activity logs are sent to Axiom for operational monitoring) — axiom.co

9. Server Administrator Responsibilities

If you are a server administrator using Nexcord's message logging or AutoMod features, you are required to:

  • Run the /notice command in your server before enabling message logging or AutoMod
  • Ensure your server members are aware that their messages may be logged and analyzed
  • Comply with applicable privacy laws in your jurisdiction

Nexcord enforces this requirement technically — message logging and AutoMod will not function without an active /notice message in your server.

10. Cookies

We use essential cookies for authentication (your login session). We may use optional analytics cookies only with your explicit consent. See our Cookie Policy for details.

11. Children

Nexcord is not intended for users under 13 years of age, consistent with Discord's own terms of service.

12. Governing Law

This policy is governed by the laws of England and Wales, consistent with our Terms of Service.

13. Changes

We may update this policy from time to time. The last updated date at the top of this page reflects when changes were last made.

Contact

[email protected]