GDPR Policy

Last updated: May 28, 2026 | Effective since: August 10, 2023

⚠️ IMPORTANT: This service is owned and operated by an individual developer.

We do not represent a registered business entity, company, or corporation.


Thrivebot follows GDPR principles in good faith. This policy outlines how we handle your personal data.

📋 At a Glance

  • Access, correct, or delete your data anytime
  • Data breach notification within 72 hours
  • We respond to requests within 30 days
  • Right to lodge complaint with supervisory authority

👤 Data Controller

Data Controller:

Note on Physical Address: As an individual operator providing a non-commercial service, we do not maintain a public business address. Contact is available exclusively via email and Discord for privacy and security reasons. This aligns with GDPR requirements for individual data controllers operating personal projects.

The individual operator is responsible for your personal data. For inquiries, please contact us via email at support@thrivebot.in or join our support server.

📊 "Personal Data" We Collect

We collect and process the following personal data when you interact with Thrivebot:

  • Personal Information: Discord username, user ID, avatar hash, server ID, channel ID.
  • Activity Data: Voice channel duration (for Insights), message counts, command usage statistics.
  • Economy Data: Virtual currency balances, inventory items, transaction logs.
  • Ticket Data: Ticket transcripts (message content, attachments, user IDs) for server admin archival.
  • Verification Data: User ID, Server ID, timestamps for captcha verification.
  • Giveaway Data: User ID and entry count for fair participation tracking.

We process your data based on these legal grounds:

Legal BasisArticlePurpose
Contractual NecessityArticle 6(1)(b)Processing is necessary to provide Thrivebot's core functionality as part of our service agreement with you.
Legitimate InterestsArticle 6(1)(f)Processing to ensure security, moderation, analytics, and abuse prevention, provided this does not override your fundamental rights.
ConsentArticle 6(1)(a)Used only for optional features. You may withdraw consent at any time.

🎯 Purposes of Data Processing

We process your personal data for the following purposes:

  • Providing and maintaining Thrivebot’s functionality.
  • Responding to your inquiries and support requests.
  • Enhancing and optimizing the bot’s performance and user experience.
  • Ensuring compliance with legal obligations, such as responding to data subject requests.

Data Subject Rights

You have the following rights regarding your personal data:

  • Right to Be Informed (Articles 13 & 14): The right to receive clear and transparent information about how your personal data is collected, used, stored, and shared.
  • Right of Access (Article 15): The right to obtain confirmation of whether your personal data is being processed and to receive a copy of that data along with related processing information.
  • Right to Rectification (Article 16): The right to request correction of inaccurate personal data and completion of incomplete personal data.
  • Right to Erasure (“Right to Be Forgotten”) (Article 17): The right to request deletion of your personal data under certain legal conditions.
  • Right to Restrict Processing (Article 18): The right to request that the processing of your personal data be limited under specific circumstances.
  • Right to Data Portability (Article 20): The right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.
  • Right to Object (Article 21): The right to object to the processing of your personal data, including processing based on legitimate interests and processing for direct marketing purposes.
  • Right to Withdraw Consent (Article 7(3)): The right to withdraw previously given consent at any time where processing is based on consent.
Right to Lodge a Complaint (Article 77): You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

To exercise these rights, please use one of the following methods:

  • Direct message the bot owner (Username: @ocyeanic).
  • Notify any staff member in our support server.
  • Use our Data Request Form to access your data.
  • Use our Account Deletion Form on the same page to submit a permanent deletion request. You will be notified via email or Discord DM from Thrivebot once complete. A 48-hour cooldown applies between requests.
  • Email support@thrivebot.in with your request, including your user ID, username, and details of the request. For security, a staff member or the bot owner will contact you for verification before processing.

We will respond to your request within one month, as required by GDPR, unless the request is complex or numerous, in which case we may extend the response time by an additional two months.


Certain data may be retained after a deletion request where necessary for:

  • Fraud prevention: Detecting and preventing fraudulent activity
  • Abuse prevention: Protecting platform integrity and preventing ban evasion
  • Legal compliance: Meeting tax, accounting, and regulatory obligations
  • Dispute resolution: Resolving conflicts and investigating claims

Data Minimization: Such data is restricted, access-limited, and retained only for as long as necessary to fulfill these specific purposes.

🌐 Data Sharing and Transfers

We may share your personal data only under the following circumstances:

  • With your explicit consent.
  • When required by law or to protect our legal rights, such as complying with a court order.
  • With service providers acting as data processors (e.g., hosting providers), who are bound by GDPR-compliant data processing agreements.

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), to protect your data in accordance with GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. Specifically:

  • Other personal data (e.g., Discord IDs, birth dates) is retained for as long as you use Thrivebot or until you request deletion.

Upon your request to delete your data, we will remove it from our systems within 30 days, unless retention is required by law.

🍪 Cookies and Tracking

Our website uses cookies and similar tracking technologies. For complete details about what cookies we use and how to manage your preferences, please see our Cookie Policy.

Analytics cookies are only set after you explicitly consent via our cookie banner.

🤖 Automated Decision-Making

In compliance with GDPR Article 22, we disclose that Thrivebot uses automated processing for:

  • Captcha Verification: Automated system to verify users are human (pass/fail decision)
  • Economy Anti-Cheat: Automated detection of exploits or abuse patterns

Your Rights: These automated decisions are limited in scope and are intended to support platform integrity. If you believe an automated decision has incorrectly affected you, you may request human review by contacting us.

🔒 Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, theft, or misuse. These measures include encryption, access controls, and regular security assessments.

🚨 Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms:

  • Where applicable, we will make reasonable efforts to notify the relevant supervisory authority within 72 hours, as required under GDPR Article 33
  • We will notify affected users without undue delay if the breach is likely to result in a high risk to their rights
  • We maintain documentation of all data breaches for compliance purposes

🏢 Supervisory Authority and Complaints

You have the right to lodge a complaint with a supervisory authority.

If you are located in the European Union, you may have the right to lodge a complaint with a relevant supervisory authority in accordance with GDPR. However, we encourage you to contact us first at support@thrivebot.in to resolve any concerns.

List of EU Data Protection Authorities: https://edpb.europa.eu/about-edpb/about-edpb/members_en

🔄 Changes to This Policy

We may update this GDPR Policy to reflect changes in our practices or legal requirements. Updates will be posted on our website, and we will notify users of significant changes via our support server. Please review this policy periodically.

📧 Contact Us

For questions about this GDPR Policy or to exercise your data subject rights, please contact us at:

By using Thrivebot, you consent to this GDPR Policy.

Non-EU Operator Disclaimer:

Thrivebot is operated by an individual developer and is not established in the European Union. GDPR-related processes described herein are implemented in good faith to respect user privacy and data protection principles.

Individual Operator Acknowledgment:

This service is operated by an individual developer and does not constitute a registered business, company, corporation, or other formal business entity. All references to "we," "us," or "our" refer to the individual operator of this service.