INTRODUCTION

Aunto is a multipurpose Discord integration which includes the domain names aunto.xyz and jsrvr.xyz ("The Services"). The Services are created and offered by Vionity Ltd, a registered private limited company in Scotland located at 64a Cumberland Street, Edinburgh, EH3 6RE, with the registration number SC696108 ("The Company"). This document contains information on how The Company will use your, the user of The Services' ("You" or "Your"), data whilst You interact with The Services ("This Policy"). By using The Services, You agree to This Policy.

KEY POINTS

Whilst You must read this entire document, The Company has provided a round up with some key points. These key points are not binding and should never be taken as a part of This Policy.

Vionity is registered with the Information Commissioner's Office

Vionity Ltd is registered with the UK's Information Commissioner's Office as a data controller. Your data will be processed in accordance with the General Data Protection Regulations (GDPR).

Data collected may be shared with third parties

Data Vionity Ltd collect may be shared with third parties. In some cases, Your data may be provided to law enforcement, marketing agencies and their partners.

Most data will be stored until it's no longer needed

Most data Vionity Ltd collect will be stored until it's either no longer needed or until it's deleted manually. In some cases, You may be able to request deletion of Your data early.

Vionity doesn't collect data on children under the age of 13

As stated in the Aunto Terms of Service, users under the age of 13 or age of digital consent in their jurisdiction may not use The Services, even with parental consent. Anyone under the age of majority should read This Policy with their parent or legal guardian.

We won't spam you

Vionity Ltd won't use the data they collect to spam You.

DATA COLLECTED

The Company collects information and data when You use The Services. The data collected can vary widely and can change depending on what You are doing. Here's a full list of what The Company may collect:

  • Information about Your device.For The Company to provide The Services to You, prevent abuse and protect the communities it serves, The Company must store and process some information about Your device. This information includes Your IP address (an identifier every internet connected device has and requires to communicate with servers), user agent (a bit of information Your browser provides when connecting to tell the server what it is, who it's made by and what it can do), device and browser identifiers (unique and semi-unique identifiers that identify Your device and browser) and request headers (bits of information packaged by Your browser with requests to provide additional information).
  • Information about Your requests.For The Company to provide The Services to You, prevent abuse and protect the communities it serves, The Company must store and process some information about any requests You make to The Services. A request is created when You use The Service's websites (aunto.xyz and jsrvr.xyz), run a "command" or "interaction" on a platform that integrates with Aunto (such as Discord) or when You perform an action on an integrated platform (such as adding a role or sending a message on Discord). Requests include information about what You are trying to do (like message content and attachments).
  • Information about Your profiles.The Company may collect and store information that is related to Your social media profiles and tech platforms. The Company integrates with multiple social platforms such as Discord, Twitter, Facebook and Google. This information is used to provide The Services to You and perform actions such as proving You are human.
  • Information You provide.Any data or information You provide to The Company or The Services may be stored by The Company to provide The Services. If there is another reason for asking You for certain information, it will be presented to You.
WHY DATA IS COLLECTED

The Company stores and processes information for the following purposes:

  • To provide The Services to You.Some data is simply required for The Services to function correctly.
  • To protect communities that use The Services.The Company stores some information to protect the communities it serves. For example, The Company may store information about a message deleted from a Discord channel so staff members of that community can monitor for malicious content.
  • To meet requirements.The Company, in some cases, may be asked or required to store or process information by law enforcement agencies or similar "public interest" organizations. In these cases, The Company can ultimately decide to dispute or accept the request, even when not required to by law.
  • To monetize.The Company may use some of the data it collects to monetize or raise funds. The Company may rent, sell, exchange, provide, give or otherwise share information with third parties to monetize or otherwise help its platform.
  • To prevent fraud and suspicious activity.The Company may collect data to help reduce fraud, malicious users and suspicious activity. The Company may also add flags to Your account if they witness suspicious activity.
LAWFUL BASIS FOR PROCESSING

Under the General Data Protection Regulations (GDPR), the lawful bases The Company rely on for collecting and storing information are as follows:

  • Your consent.The Company process most of its data using Your consent as the lawful basis. By using The Services or interacting with a community that uses The Services, You consent to The Company's processing of Your data. You may revoke Your consent at any time.
  • Legitimate interests.As The Company provides The Services to many communities worldwide and helps to protect such communities from malicious actors, The Company may rely on legitimate interest as the legal basis for processing data. For example, if You are in a community that uses The Services to moderate content, The Company will process Your messages in that community to moderate such content.
  • Vital interests.The Company may, in exceptional circumstances, process data under the lawful basis of vital interest. For example, The Company may make reports to protection agencies if The Company identifies a serious threat to a person's or child's life or wellbeing.
  • Under contracts.The Company may process Your information if You have entered an agreement with The Company to fulfill that agreement.
  • Legal obligations.The Company may process Your information if required to by law.
THIRD PARTY DATA ACCESS

The Company utilizes many third party services to provide The Services. The following additional terms apply:

  • Stripe.The Company use Stripe for payment, analytics, and other business services. Stripe collects identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to The Company, including for fraud detection. You can learn more about Stripe and read its privacy policy at stripe.com/privacy.
  • hCaptcha.The Company use the hCaptcha anti-bot service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI"). hCaptcha is used to check whether the data entered on The Company's website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the "invisible mode" may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA). You may view hCaptcha and IMI's privacy policy and terms of service on their website.
HOW DATA IS STORED

Information The Company collects is securely stored on servers and devices located in the United Kingdom, Germany, France and the United States which are hosted by OVHcloud and Contabo. Information is stored until no longer required or until manually deleted.

YOUR RIGHTS

Under the General Data Protection Regulations (GDPR), You have the following rights:

  • The right to access.You can view all data The Company has collected via The Services on Your dashboard at dash.aunto.xyz. You may also receive a copy of Your data by contacting The Company.
  • The right to rectification.You can request The Company to rectify any issues or inaccuracies in data The Company store on You. You additionally have the right to request The Company complete invalid or incomplete information on You.
  • The right to erasure.You can request The Company to erase data it holds on You. Some data or information erasure requests may be challenged if it would put communities or The Services at risk.
  • The right to restrict processing.You can request The Company to restrict the processing or sharing of Your information in certain circumstances. 
  • The right to object to processing.You can object to the processing of Your data and information.
  • The right to portability.You can request that The Company transfers Your information or data to another service or organization in certain circumstances. 

You do not need to pay any charge or fee to exercise Your rights unless The Company deems it to be excessive, disruptive or malicious. Once submitting Your request, The Company will have one (1) month to respond to You. The Company may ask for additional time if needed.

CONTACTING VIONITY

You may contact The Company by joining their Discord server at aunto.xyz/support or by sending an email to hello@vionity.co. Using the Discord server is recommended and is faster than email.

MAKING A COMPLAINT

You can submit a complaint to The Company by using the information above. You may additionally submit a complaint to the UK's Information Commissioner's Office if You think The Company hasn't handled Your data correctly or would like to complain about how The Company uses or used Your data.

The Information Commissioner's Office is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

When making a complaint to the Information Commissioner's Office, You may quote Vionity Ltd's ICO registration number which is ZB069565 and Vionity Ltd's company number which is SC696108.

You can contact the Information Commissioner's Office by going to their website at www.ico.org.uk, calling the ICO helpline on +44 (0) 303 123 1113 (usually standard rate in the UK) or by sending mail to:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF