Privacy policy
Last updated: 1 May 2026
Your data belongs to you. This policy explains exactly what we collect, how we use it, and the rights you have under the GDPR and similar laws.
1. Who we are
Knytly ("we", "us", "our") operates the Knytly Discord platform at knytly.com. We are a company registered in the European Union and act as the data controller for personal data processed via our service. You can reach our data protection officer at privacy@knytly.com.
2. What data we collect
When you sign in with Discord, we receive your Discord user ID, username, avatar, and email address. When you add the Knytly bot to a Discord server, we receive the server ID, channel structure, and member-related metadata (IDs, roles, join dates) needed to operate the modules you have enabled. We do not store the contents of normal messages unless you explicitly enable a feature that requires it (for example, ticket transcripts or message logs you opt into).
3. How we use your data
We use your data to operate the service: authenticate you in the dashboard, run the modules you enable, generate analytics for your own server, send you essential service emails, and bill you for paid plans. We do not use your data for advertising, and we do not sell or rent it to third parties.
4. Legal bases (GDPR)
We process personal data on the basis of (a) the contract between you and Knytly (Art. 6(1)(b) GDPR), (b) our legitimate interest in operating and improving the service (Art. 6(1)(f) GDPR), and (c) your consent for optional features (Art. 6(1)(a) GDPR), which you can withdraw at any time.
5. Data retention
Account data is retained while your account is active and for 30 days after deletion to allow recovery. After 30 days, all personal data is permanently deleted from production systems. Backup data is purged within a further 90 days. Logs and audit data may be retained longer where required by law.
6. Your rights
Under the GDPR you have the right to access, rectify, port, and erase your personal data, as well as the right to object to or restrict processing. You can exercise these rights by emailing privacy@knytly.com or via the in-app data export and account deletion controls. You also have the right to lodge a complaint with your local supervisory authority.
7. Sub-processors
We rely on a small set of carefully chosen sub-processors, including Whop (payments), Sentry (error monitoring), Resend (transactional email), and our cloud hosting provider in the EU. A current list is available on request.
8. International transfers
All primary data is stored in the European Union. Where any sub-processor processes data outside the EU, we rely on the European Commission's Standard Contractual Clauses or an applicable adequacy decision.
9. Security
We protect your data with TLS in transit, encryption at rest, principle-of-least-privilege access, and regular third-party security reviews. In the unlikely event of a breach affecting your personal data, we will notify you and the relevant supervisory authority within 72 hours.
10. Children
Knytly is not directed at children under 13 (or 16 in the EU/EEA where applicable). If you become aware that a child has provided us personal data, please contact us so we can delete it.
11. Changes to this policy
We may update this policy occasionally. Material changes will be announced in the dashboard and via email. The "last updated" date below indicates when the latest changes took effect.
12. Contact
Questions, requests, or complaints: privacy@knytly.com.