Privacy Policy
1. Introduction and Data Controller
Thank you for your interest in Leveo. Protecting your personal data is particularly important to us. This privacy policy informs you in accordance with Art. 13 and 14 of the GDPR about the nature, scope, and purpose of the processing of personal data on this website.
Data Controller
The controller responsible for data processing within the meaning of the GDPR is:
Lukas Telbam
Fester str. 24
42289 Wuppertal, Germany
Email: contact@leveo.app
Data Protection Officer
A data protection officer has not been appointed for this project, as the legal requirements for a mandatory appointment pursuant to Art. 37 GDPR and Section 38 BDSG (German Federal Data Protection Act) are not met.
2. Hosting and IT Infrastructure
Data Processing Agreements
Where legally required, data processing agreements pursuant to Art. 28 GDPR have been concluded with the service providers listed below in order to contractually safeguard the protection of your data.
Hosting (Hetzner)
This website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Your data is stored exclusively on servers within the European Union. The use of Hetzner is based on Art. 6(1)(f) GDPR (legitimate interest in a stable and secure infrastructure).
Security and Performance (Cloudflare)
Additionally, I use services provided by Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA. Cloudflare acts as a reverse proxy and protects my website from attacks (e.g., DDoS) and optimizes loading times. In doing so, technical data (e.g., IP addresses) is processed to detect malicious traffic.
Legal basis and balancing of interests: The processing is based on Art. 6(1)(f) GDPR. My legitimate interest lies in defending against attacks, ensuring the availability of the website, and protecting the IT infrastructure. These interests prevail because the processing involves exclusively technical data and no content-related evaluation for marketing purposes takes place.
Cloudflare is certified under the EU-US Data Privacy Framework, which ensures an adequate level of data protection pursuant to Art. 45 GDPR.
3. Server Logs and IP Anonymization
To ensure the security of Leveo and to prevent misuse (e.g., hacking attempts), I store technical log data (audit logs). This data is processed for the purpose of threat prevention and system security (legal basis: Art. 6(1)(f) GDPR).
IP anonymization: IP addresses are generally stored in anonymized form in my systems. The last octet (for IPv4, e.g., 192.168.1.0/24) or the interface identifier (for IPv6, e.g., /64) is removed. This makes it no longer possible for me to directly identify you.
User agent processing: Your browser's user agent is not stored in plain text but exclusively as a cryptographic hash (HMAC-SHA256). This hash is used to detect suspicious access patterns and does not allow any conclusions about the original user agent.
Retention period: Audit logs are retained for a maximum of 30 days and are then automatically deleted in batches, unless there are indications of unlawful use that necessitate longer retention for evidentiary purposes.
4. Account Creation and Login (OAuth2)
The use of Leveo's dashboard features requires the creation of a user account. To make registration as simple as possible, I offer logins via third-party providers (Discord and Roblox).
Legal basis - Art. 6(1)(b) GDPR (performance of a contract): The processing of your profile information (ID, name, avatar) is strictly necessary to provide you with the requested service (user account) and to manage your settings.
Obligation to provide data: The provision of the aforementioned personal data is required for the establishment and performance of the usage relationship. Without this data, registration and use of the dashboard is not possible.
Discord data retrieved: When logging in via Discord, only the scopes identify (user ID, username, avatar) and guilds (server list) are requested. An email address is not retrieved. The server list is technically necessary to display the corresponding server management features in the dashboard.
Roblox data retrieved: When logging in via Roblox, the scopes openid and profile are requested (user ID, username, profile picture).
Session management: Your session has an absolute lifetime of 30 days and an idle timeout of 14 days. After either period expires, you will be automatically logged out. Session tokens are rotated every 24 hours. OAuth tokens are stored encrypted (AES-256) in Redis and automatically removed upon token expiry.
5. International Data Transfers
Due to the use of OAuth logins and IT infrastructure, data exchange with providers in the USA occurs as a system requirement.
- Discord Inc.: Certified under the EU-US Data Privacy Framework (adequacy decision pursuant to Art. 45 GDPR).
- Cloudflare Inc.: Certified under the EU-US Data Privacy Framework (adequacy decision pursuant to Art. 45 GDPR). Processes exclusively technical data (IP addresses) for infrastructure protection.
- Roblox Corp.: To safeguard data transfers, Roblox uses Standard Contractual Clauses (SCCs - Art. 46 GDPR) to ensure a level of data protection comparable to that of the EU.
6. Your Rights and Mandatory Information
Data Subject Rights (Art. 15-21 GDPR)
You have the following rights regarding your data:
- Right of access (Art. 15): You may request information about your stored data. A structured data export is available via your account settings.
- Right to rectification (Art. 16): Since your profile data is synchronized from Discord and Roblox, please update it directly there. For other requests, please use contact@leveo.app.
- Right to erasure (Art. 17): You can delete your account at any time via your account settings. All your personal data will then be deleted (audit logs will be anonymized).
- Right to restriction of processing (Art. 18): You can request restriction of processing directly via your account restriction page. Alternatively, contact contact@leveo.app.
- Right to data portability (Art. 20): You can export your data in a structured format (JSON). The export is available via your account settings.
- Right to object (Art. 21): You may object to processing based on legitimate interests. Use the objection form or contact contact@leveo.app.
Response time and contact: We will respond to your request within one month of receipt (Art. 12(3) GDPR). If you have any questions, please contact: contact@leveo.app
No Automated Decision-Making
No solely automated decision-making with legal effect or similarly significant impact within the meaning of Art. 22 GDPR takes place on this website. This does not affect automated technical protection and abuse-detection measures within the bot and security functions used to prevent spam, raids, and other misuse.
Right to Lodge a Complaint
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR.
Competent supervisory authority for Wuppertal (North Rhine-Westphalia):
State Commissioner for Data Protection and Freedom of Information (LDI NRW)
Phone: +49 (0) 211 38424-0
Email: poststelle@ldi.nrw.de
Website: https://www.ldi.nrw.de
7. Cookies
I use exclusively security-related and functional cookies that are required for secure operation, session management, language control, and the display of the cookie notice (Section 25(2) TTDSG). Therefore, no consent is required. A list of cookies can be found in the following overview:
Note: With HTTPS connections, individual security cookies may be set with the __Host- prefix.
| Name | Purpose | Duration |
|---|---|---|
sid / sv | Session management and integrity verification (HMAC validation) | 30 days |
csrf | Protection against Cross-Site Request Forgery (CSRF) attacks | 30 days |
oauth-state-discord | Security check during the Discord OAuth login process | 10 min. |
oauth-state-roblox | Security check during the Roblox OAuth login process | 10 min. |
ehrp_login_loop | Protection against redirect loops during login | 30 sec. |
ehrp_cookie_notice_dismissed | Stores whether the cookie notice has been dismissed | 180 days |
cf_clearance | Set by Cloudflare after a successful security check (only triggered for suspicious traffic) | 30 min. |
lang | Stores the language version of the website based on your selection or your browser preference | 365 days |
For more information about cookies, please see our cookie policy.
8. Processing of Staff Data
Moderators and staff members are informed that their moderation actions are logged for accountability and transparency purposes. The processing is based on Art. 6(1)(f) GDPR (legitimate interest in moderation transparency and conflict resolution).
Stored Data
- Discord moderator ID of the acting staff member (encrypted, AES-256)
- Roblox user ID of the moderated user (encrypted, AES-256)
- Roblox username of the moderated user (encrypted, AES-256)
- Punishment type (warning, kick, or ban)
- Reason for the action
- Timestamp of the action
Retention Period
Staff activity records are stored for 90 days and are then automatically deleted.
Access and Rights
Server administrators, team members with the appropriate role, and Leveo administrators have access to this data for administrative purposes.
Staff members may exercise the following rights:
- Access to information about their own moderation actions
- Erasure of own entries (via the
/bestrafungenbot command) - Rectification of incorrect entries (via email request)
- Objection to processing (Art. 21 GDPR, via the objection page)
For further requests, please contact contact@leveo.app.
9. Additional Bot Functions and Transient Data Processing
Anti-Raid Protection (Transient Memory)
To detect spam and raid attacks on Discord servers, the Leveo bot temporarily processes the following data of Discord server members in working memory (no persistent database storage):
- Discord user IDs, usernames, and avatar hashes (to detect coordinated attacks)
- Join timestamps and message content hashes (for flood and spam detection)
This data is held only temporarily for security purposes in working memory and in short-lived technical intermediate storage and is automatically removed again depending on the security module and detection window. No persistent database storage takes place. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security of Discord servers).
Security-relevant bot actions (e.g., timeout, kick, ban by Anti-Nuke or Anti-Raid) are additionally persisted in a security action log (max. 100 entries per server, circular buffer – oldest entries are automatically overwritten). These logs contain: source system (Anti-Nuke/Anti-Raid/Backup), action type, module ID, Discord user ID of the affected user (encrypted, AES-256), and a detail text. Access is restricted to server administrators via the dashboard. Legal basis: Art. 6(1)(f) GDPR.
Active Roblox API Queries
At the request of server administrators, Leveo performs active queries of the Roblox API (user search by username, avatar retrieval). Usernames and Roblox IDs are cached server-side for a maximum of 5 minutes to avoid repeated API requests. No Roblox data is stored persistently unless the user is captured in the context of the application or moderation functions. Legal basis: Art. 6(1)(f) GDPR.
Team List Feature
The automatic team list feature retrieves Discord display names and role memberships of members via the Discord API to create a formatted team overview in configured channels. This data is cached in working memory for a maximum of 5 minutes and is not persistently stored in the Leveo database. Legal basis: Art. 6(1)(f) GDPR.
AI Assistant for Message Templates (OpenAI)
The AI assistant is optional. Data is only transmitted to OpenAI (OpenAI, LLC, USA) when you actively send a request to the assistant in the dashboard—for example your free-text instruction, the template configurations current at that time, and, for longer chats, the prior turns in that conversation. OpenAI does not store these requests; Leveo does not permanently store them for the assistant (only to process each request). Legal basis: Art. 6(1)(f) GDPR. OpenAI is certified under the EU-US Data Privacy Framework (adequacy decision pursuant to Art. 45 GDPR).
Browser Local Storage (localStorage)
To improve the user interface, purely technical UI states (e.g., expanded/collapsed dashboard sections) are stored in your browser's local storage (localStorage). This data contains no personal information, never leaves your browser, and is removed when you clear your browser data. Legal basis: Section 25(2) TTDSG.
CSP Violation Reports
To detect and prevent injection attacks (e.g., cross-site scripting), Leveo automatically receives Content Security Policy violation reports sent by the browser. These may contain technical information such as the accessed page URL, the blocked resource, and anonymized IP address information. The reports are processed exclusively for security purposes. Legal basis: Art. 6(1)(f) GDPR.
Support, Ticket, and Form Functions
If server administrators activate the relevant functions, Leveo processes additional data to handle support requests and form workflows, in particular Discord user identifiers of the persons involved, status and timestamp data, optional form responses, and channel and message references. This processing is carried out exclusively at the request of the respective Discord server in order to perform the requested support or form workflow. Legal basis: Art. 6(1)(b) GDPR and/or Art. 6(1)(f) GDPR.
Server Backups and Restores
If server administrators use the backup function, backups of the activated server modules including their related configurations are created. Depending on the activated modules, identifiers, content components, and creator and restore information may also be processed. The processing is carried out for data backup, version control, and restoration on the basis of Art. 6(1)(f) GDPR.
10. Overview of Processed Data
| Data Category | Fields | Purpose | Retention Period |
|---|---|---|---|
| Discord Profile | User ID (plaintext, OAuth authentication), username, avatar URL | Account management, login | Until account deletion |
| Roblox Profile | User ID (plaintext, OAuth authentication), username, profile picture URL | Account management, login | Until account deletion |
| Sessions | Session ID, device fingerprint (encrypted), IP prefix (anonymized) | Security, session management | 30 days absolute / 14 days idle |
| Audit Logs | Event type, timestamp, account ID, IP prefix (/24 or /64), UA hash (HMAC-SHA256) | Security monitoring, abuse prevention | 30 days (automatic deletion) |
| Staff Activity | Moderator ID (encrypted, AES-256), Roblox user ID (encrypted, AES-256), Roblox username (encrypted, AES-256), punishment type, reason | Moderation accountability, disputes | 90 days (automatic deletion) |
| Trusted Devices | Device fingerprint (encrypted), last-seen timestamp | Security, device management | Until account deletion or 90 days of inactivity |
| Applications (Bewerbungen) | Discord ID (encrypted, AES-256), username, form responses, status, reviewer note | Application process for server roles | 90 days after review decision (automatic deletion); pending applications until server deletion |
| Unban Appeals | Roblox user ID (encrypted, AES-256), Roblox username (encrypted, AES-256), form responses, status | Processing unban requests | 90 days after review decision (automatic deletion); pending appeals until server deletion |
| Team Leaves | Discord ID (encrypted, AES-256), display name (anonymized after 7 days), reason, period, removed roles | Team management, leave planning | 180 days (automatic deletion); display name anonymized after 7 days (data minimization) |
| Team Warnings | Discord ID (encrypted, AES-256), warning type, reason, issued by | Inactivity management | 365 days (automatic deletion) |
| Team Downranks | Discord ID (encrypted, AES-256), from/to role, reason | Automated inactivity management | 365 days (automatic deletion) |
| Shift Data | Discord user ID (encrypted, AES-256), shift type, start/end time, pauses, total duration | Time tracking for roleplay staff | 180 days after shift end (automatic deletion) |
| Consent Records | Account ID, consent type, version, IP prefix, UA hash | Proof of consent (Art. 7 GDPR) | Until account deletion |
| GDPR Requests | Account ID, request type, status, deadline | Processing data subject rights (Art. 15-21 GDPR) | 3 years (statutory retention obligation) |
| Banned IP Prefixes | IP prefix (anonymized), reason, expiry date | Leveo security, abuse prevention | Until expiry date or manual removal |
| Banned Devices | Device fingerprint (HMAC hash), reason, expiry date | Leveo security, abuse prevention | Until expiry date or manual removal |
| Server Settings | Server ID, configuration options (JSONB) | Server management and bot functionality | Until server removal |
| Security Action Logs | Source system (Anti-Nuke/Anti-Raid/Backup), action type, module ID, Discord user ID of the affected user (encrypted, AES-256), detail text | Logging of bot security actions for server administrators | Max. 100 entries per server (circular buffer, automatic overwriting) |
| In-Game Moderation History | Roblox username of target (encrypted, AES-256), Roblox ID of target (encrypted, AES-256), Roblox username of moderator (encrypted, AES-256), Roblox ID of moderator (encrypted, AES-256), reason, action ID | Display of in-game moderation history for server administrators | Max. 1,000 entries per server, max. 75 per target user (LRU, automatic overwriting), and automatically after 180 days (time-based) |
| Trigger Cooldowns | Discord user ID (encrypted, AES-256), HMAC-SHA256 hash, trigger ID, expiry timestamp | Prevents repeated triggering of message triggers by the same user | Automatically upon expiry of the cooldown (seconds to minutes) |
| Application Progress | HMAC-SHA256 of Discord ID, current step, interim responses (JSONB) | Intermediate storage for multi-step applications via the bot | 6 hours (automatically deleted) |
| Server Error Logs | Error category, error message, context (may include guild ID, channel ID, Discord user ID) | Error diagnostics for server administrators | 90 days (automatic deletion) |
| In-Game Server Data | Server name, server description, owner name, owner Roblox ID, profile picture URL, player count (all plaintext, public in-game server API) | Display of in-game servers in the dashboard | 90 days after last activity (automatic deletion of stale entries) |
| Message Template Revisions | Account ID of editor, full template snapshot | Version history for message templates (change traceability) | Max. 50 entries per server (LRU, automatic overwriting) |
| Message template AI assistant (OpenAI) | Free-text instruction, template configuration, chat history if applicable (only when you send a request) | Optional AI assistance editing message templates | Only when used; not stored by OpenAI; not permanently stored by Leveo |
| Support Tickets | Creator ID (encrypted), optional form responses, status, ticket number, channel and message references, assignee/closure information | Handling and management of support requests | Until deletion of the corresponding ticket or removal of the server |
| Voice Support Cases | Discord user ID, voice channel, notification information, status, optional case comments | Handling of support requests in voice channels | Until completion of the process; completed cases otherwise until removal of the server |
| Form Submissions | Discord user ID, username, form responses, thread and message references | Processing server-side form and reporting workflows | Until deletion by server administrators or removal of the server |
| Server Backups and Restores | Backup contents of the activated server modules, creator/restore information, timestamps | Data backup, version control, and restoration | Backups according to the retention rules defined by the server administrator; restore logs until removal of the server |
Privacy policy version date: May 21, 2026
Last updated: May 21, 2026 (AI assistant for message templates via OpenAI; updates in Section 9 and the data overview)