Privacy Policy

Last updated: May 4, 2026

Legal Entity & Ownership

Nexcord is currently owned and operated by its founder (Aoun Abu Hassan) as an individual and is not currently operated through a registered company. Payments are processed by Paddle acting as merchant of record under an individual account.

Who We Are

Nexcord ("we", "us", "our") is a Discord community management platform owned and operated by its founder (Aoun Abu Hassan) as an individual and is not currently operated through a registered company. The service is accessible at nexcord.app.

Information We Collect

When you sign in with Discord:
We receive your Discord user ID, username, display name, avatar URL, and email address from Discord's OAuth system. We store this to create and manage your Nexcord account.

When you use the transcript feature:
We collect and store the content of Discord messages from channels you choose to transcript. This includes message text, author names, timestamps, and attachments. Individual messages are stored in our database to enable AI-powered summarization (Pro plan only). AI summarization is processed entirely locally — no message content is sent to external AI services or third parties.

When you use the message logging feature (Pro only):
If a server administrator enables message logging and posts a /notice in your server, we collect and store every message sent, edited, or deleted in the configured channels. This includes message content, author information, timestamps, edit history, and deleted message content where available. Message logs are retained for the period configured by the server administrator (7 days, 30 days, 90 days, or 1 year). You will always be informed via a server notice before message logging is active in a server you participate in.

When you use the verification feature:
When you complete verification, we collect your IP address to check against VPN and proxy databases (Pro servers only). We store verification logs including your Discord user ID, verification timestamp, and result. Your IP address is checked against IPHub (a third-party VPN detection service) but is not stored by Nexcord beyond the verification request.

When you use the moderation features:
When a server administrator uses Nexcord's moderation tools (warn, mute, kick, ban, unban), we collect and store moderation records including the target Discord user ID, the moderating user ID, the action type, reason, duration (where applicable), and timestamp. These records are stored in our database and are accessible to server administrators via the dashboard. Moderation warnings are stored per-member and used to power the Automation Builder's warning threshold triggers.

When you use the Role Manager:
When a Role Manager action is performed in Discord (assigning or removing a role via the context menu), we log the action including the performing user's Discord ID, the target member's Discord ID, the role affected, and the timestamp. This audit log is accessible to server administrators via the dashboard.

When you join a server using Welcome & Leave messages:
When you join or leave a Discord server using Nexcord's Welcome & Leave feature, your Discord username and display name are used to generate a welcome or leave message. No additional data is stored beyond what is already collected for your Nexcord account.

Server information:
When you add Nexcord to a Discord server, we store the server ID, name, and icon to display in your dashboard.

Usage data:
We collect basic usage information such as when you log in, which servers you manage, and how many transcripts you generate. We do not sell this data.

Admin Panel & Internal Monitoring:
Nexcord maintains an internal admin panel accessible only to Nexcord staff with an explicitly assigned admin role. Through this panel, we can view server and user records, audit log entries, system events, and error logs for the purpose of service integrity, abuse prevention, and debugging. Access to the admin panel is protected by JWT authentication and role verification on every request.

We log the following data for operational purposes:

  • Event logs: API requests, bot command usage, and feature activity (e.g. verification, transcripts, moderation actions). Retained for 90 days.
  • Error logs: Application errors from the bot and API, including error type, message, and context. Retained for 6 months.
  • Admin audit log: Every action taken by a Nexcord admin through the admin panel, including who took the action, what was changed, and when.

Servers or users that trigger abuse thresholds (command spam, moderation spikes, verification abuse) may be automatically flagged for review. Flagged records are visible to Nexcord admins and may result in suspension or termination of access to the Service.

Payment information:
Payments are processed by Paddle, acting as merchant of record under an individual account. We do not store your credit card details. Paddle's privacy policy applies to payment processing.

How We Use Your Information

  • To provide and maintain the Nexcord service
  • To authenticate you via Discord OAuth
  • To store and display your transcripts
  • To send transactional emails (welcome, billing notifications)
  • To send product updates if you subscribed to our newsletter
  • To improve the service based on usage patterns
  • To detect and prevent abuse of the Service through automated monitoring and flagging

Legal Basis for Processing

  • Contractual necessity
  • Legitimate interests
  • Consent

Data Storage

Your data is stored on Supabase infrastructure hosted in the European Union (West region). Transcript files are stored in private cloud storage and are not publicly accessible without a unique shareable link you generate.

Data Retention

  • Free plan transcripts: retained for 30 days
  • Pro plan transcripts: retained indefinitely until you delete them
  • Verification logs: 30 days (Free), unlimited (Pro)
  • Message logs: 7–365 days depending on server administrator configuration (Pro only)
  • transcript_messages (AI summarization data): retained for the same period as the parent transcript
  • Event logs: retained for 90 days
  • Error logs: retained for 6 months
  • Admin audit log: retained indefinitely
  • Account data: retained until you request deletion
  • Newsletter subscriptions: retained until you unsubscribe

Your Rights

You have the right to:

  • Access the data we hold about you
  • Request deletion of your account and all associated data
  • Export your transcript data
  • Withdraw consent at any time

To exercise these rights, contact us at privacy@nexcord.app

Sharing Your Data

We do not sell your data. We share data only with:

  • Supabase (database and storage infrastructure)
  • Paddle (payment processing — acting as individual-account merchant of record)
  • Upstash (session caching)
  • Resend (transactional email delivery)
  • Cloudflare (CDN and security)
  • IPHub (VPN and proxy detection — IP addresses are checked during verification on Pro servers. IP addresses are not stored by Nexcord.)

Server Administrator Responsibilities

If you are a server administrator using Nexcord's message logging feature, you are required to:

  • Run the /notice command in your server before enabling message logging
  • Ensure your server members are aware that their messages may be logged
  • Comply with applicable privacy laws in your jurisdiction regarding data collection from your community members

Nexcord enforces this requirement technically — message logging will not function unless a valid /notice message is active in your server.

Cookies

We use essential cookies for authentication (your login session). We may use optional analytics cookies only with your explicit consent. See our Cookie Policy for details.

Children

Nexcord is not intended for users under 13 years of age, consistent with Discord's own terms of service.

Changes

We may update this policy from time to time. The last updated date at the top of this page reflects when changes were last made.

Contact

privacy@nexcord.app