Privacy Policy

Last Updated: October 23, 2025

Introduction

Moon Beatz ("the Bot", "we", "us", or "our") is a Discord music bot that provides music playback and related services. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Bot.

By using Moon Beatz, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

Automatically Collected Data

When you use Moon Beatz, we automatically collect:

Guild (Server) Information

  • Guild ID, Guild Name, Owner ID, Member Count
  • Removal Status: Timestamp when bot is removed from server

User Information

  • User ID, Username, Avatar, Discriminator

Voice Channel Data

  • Voice Channel ID, Voice State

Usage Data

We collect data about how you interact with the Bot:

  • Track Play Counts, Artist Statistics, User Statistics
  • Command Names, Command Timestamps, Guild Context
  • Custom Prefix, Channel Restrictions, Music Panel Settings

Third-Party Integration Data

When you connect Spotify:

  • Spotify User ID, Access Tokens (encrypted), Refresh Tokens (encrypted)
  • Playlist Data, Currently Playing information

2. How We Use Your Information

  • Service Provision: Play music, maintain queues, display tracks, apply filters
  • Personalization: Remember preferences, display leaderboards, maintain integrations
  • Server Management: Track statistics, generate leaderboards, enforce restrictions
  • Bot Operation: Monitor performance, log errors, track usage, enforce rate limits
  • Security & Moderation: Prevent abuse, enforce restrictions, detect spam, monitor violations

3. Data Storage

Database Storage (MongoDB)

We store the following data persistently:

  • Guild configurations (indefinitely while bot is in server)
  • User statistics, Track and artist statistics
  • Favorite tracks, Spotify authentication tokens
  • 24/7 mode settings, Music panel configurations

Cache Storage (Redis)

We temporarily cache:

  • Spotify session data (5 minutes)
  • Search results (5 minutes)
  • Channel restrictions (5 minutes)
  • Filter states (5 minutes)

Log Storage

Logs are stored for a maximum of 30 days for debugging purposes.

4. Data Retention

Active Servers

Data is retained indefinitely while the bot is active in your server.

Removed Servers

When the bot is removed from a server:

  1. Data is marked with a removal timestamp
  2. Data is retained for 3 days as a grace period
  3. After 3 days, all server data is permanently deleted

User Data

User-specific data is deleted when the bot is removed from all shared servers or upon request.

5. Data Sharing

We Do Not Sell Your Data

We will never sell, rent, or trade your personal information to third parties.

Third-Party Services We Use

Lavalink (Music Streaming)

Purpose: Stream music from YouTube, Spotify, and other sources

Spotify API

Purpose: Search Spotify tracks, access playlists

Discord API

Purpose: Bot functionality and interactions

Top.gg (Optional)

Purpose: Vote tracking and bot statistics

6. Data Security

Security Measures

We implement industry-standard security practices:

  • Encryption: Sensitive data (Spotify tokens) is encrypted
  • Access Control: Database access restricted to bot operations
  • Rate Limiting: Prevents abuse and spam
  • Input Validation: Prevents injection attacks
  • Secure Connections: All API communications use HTTPS/WSS
  • Environment Variables: Sensitive credentials stored securely

Data Breach Protocol

In the unlikely event of a data breach:

  1. We will investigate the incident immediately
  2. Affected users will be notified within 72 hours
  3. We will take steps to prevent future breaches
  4. A public disclosure will be made if required by law

7. Your Rights

Access Your Data

You can view your data through bot commands like /myfav and /leaderboard user.

Delete Your Data

You have the right to request data deletion by contacting us via the support server.

Opt-Out

You can opt out of certain features by not using specific commands or integrations.

Data Portability

Request a copy of your data by contacting us through the support server.

8. Children's Privacy

Moon Beatz is not intended for users under the age of 13. We do not knowingly collect information from children under 13. If you are under 13, do not use this Bot.

If we learn we have collected information from a child under 13, we will delete that information immediately. Parents or guardians who believe we have collected information from a child under 13 should contact us.

9. GDPR and CCPA Rights

GDPR (European Economic Area)

If you are a resident of the EEA, you have certain data protection rights:

  • Right to Access: Request a copy of your data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing of your data
  • Right to Withdraw Consent: Withdraw consent at any time

CCPA (California)

If you are a California resident, you have the right to:

  • Know what personal information we collect
  • Know whether we sell or disclose personal information
  • Say no to the sale of personal information (we don't sell data)
  • Access your personal information
  • Request deletion of your personal information

10. Contact Us

If you have questions about this Privacy Policy or your data:

Support Server: https://discord.gg/n32EH9bPU7

Response time: Usually within 48 hours

By using Moon Beatz, you acknowledge that you have read and agree to these terms.

Join Support Server