Legal

Privacy Policy

Last updated: 2026-03-01

1. Controller

Controller: ERLC Voice

2. What We Collect

  • Account Data: Discord user ID, email (if provided by Discord), Roblox user ID/username and verification timestamp (when you verify), profile timestamps.
  • Server/Member Data: Server metadata (name, join code, owner), join settings (allow joins, join-by-code, verified-only), member records (nickname/verified username, owner flag, join/updated timestamps, positions from PRC snapshot), server mute flags.
  • Voice Data: Live, real-time audio routed via LiveKit; not stored by default.
  • Technical Data: IP address, device/browser info, logs for security/rate limiting.
  • In-game Snapshot Data: PRC API snapshot (server name, players, locations) stored in `voice_servers` for proximity and syncing.

3. Why We Collect (Purposes)

  • Provide and operate proximity voice and server management.
  • Authenticate users (Discord), verify Roblox ownership for verified-only servers.
  • Enforce server rules (join-by-code, verified-only), prevent abuse, rate limiting.
  • Maintain security, debug issues, and improve stability.
  • Legal compliance (handling abuse reports, enforcing terms).

4. Legal Bases (if GDPR/UK GDPR applies)

  • Performance of a contract: operating the Service, joining servers.
  • Legitimate interests: security, abuse prevention, service reliability.
  • Consent: Roblox OAuth verification (optional except on verified-only servers).
  • Legal obligation: responding to lawful requests.

5. Sharing

We share data with:

  • Processors/Infrastructure: Supabase (database/auth), LiveKit (voice transport), PRC API (ERLC server snapshot), hosting/CDN providers.
  • Platforms: Discord (auth), Roblox Open Cloud (verification).
  • Compliance: Law enforcement or legal requests where required.

We do not sell personal data.

6. Retention

Profile/verification data: while your account exists or until deletion. Server/member records: while server is active; stale sessions are cleaned per system logic. Logs retained for a limited period for security/diagnostics.

7. Security

We use Supabase (service-role backend), OAuth state cookies for Roblox, rate limiting, and session handling. No system is perfectly secure; use at your own risk.

8. Your Choices and Rights

  • Verify Roblox or not (unless a server requires it to join).
  • Leave servers or stop using the Service.
  • Rights where applicable: access, rectify, erase, restrict, object, portability, withdraw consent. Contact us to exercise.
  • If GDPR/UK GDPR applies, you may complain to your supervisory authority.

9. International Transfers

Data may be processed in regions where our processors operate. We rely on appropriate safeguards (e.g., SCCs) where required.

10. Children

Not directed to children under 13 (or the minimum age in your jurisdiction). Do not use if under the minimum age.

11. Changes

We may update this Policy; material changes will be notified (e.g., in-app notice). Continued use after the effective date means acceptance.