Short version: we collect what we need to run Discord support, encrypt sensitive data, do not sell your data, do not use customer ticket content to train public AI models, and give bot owners retention, export, and deletion controls.
1. Overview
This policy explains what data TicketCord (“we”, “us”) collects about you, why we collect it, how we use and share it, and the choices you have. It applies to the TicketCord dashboard, the bots you connect to TicketCord, Discord ticket workflows powered by TicketCord, and our public pages.
TicketCord is infrastructure for Discord support teams. We keep the product narrow: collect what is needed, protect credentials, and give bot owners practical ways to export or delete data.
2. What we collect
We collect these categories of data:
- Account data: the Discord profile information you authorize when you sign in, such as user ID, username, avatar, and email if Discord provides it.
- Bot and server data: bot IDs, encrypted bot tokens and client secrets, guild IDs, channel IDs, role IDs, staff settings, embeds, forms, automations, and other configuration needed to run the ticket system.
- Ticket data: ticket messages, attachments, participants, transcripts, notes, moderation and support actions, and related metadata inside TicketCord-managed ticket channels or modmail threads.
- Knowledge base and AI data: knowledge base sources, approved Q&A entries, AI feedback, embeddings generated from enabled knowledge sources, and AI usage metadata for quota and quality controls.
- Telemetry: request logs, security events, error reports, billing events, and aggregate usage counts. We do not use third-party advertising trackers.
We do not collect arbitrary Discord messages outside TicketCord ticket channels and active modmail flows. We do not read private DM history unrelated to TicketCord support.
3. How we use it
We use this data to:
- Operate the support bot inside your Discord server.
- Create, route, reply to, close, export, and analyze tickets.
- Generate embeddings for knowledge-base search when AI features are enabled.
- Draft or send AI-assisted replies when you enable those features, with AI disclosure included in generated responses.
- Show analytics on ticket volume, response times, resolution times, and staff workload.
- Detect abuse, debug errors, enforce quotas, protect bot tokens, and respond to security incidents.
- Bill you accurately and contact you about your subscription or important service changes.
5. Where data is stored
Bot tokens, client secrets, and other sensitive credentials are encrypted before they are stored. Connections between TicketCord, Discord, payment processors, AI providers, and storage services use secure transport.
Backups are kept on a normal rotation. We keep access limited to people and systems that need it to run the service, respond to support requests, investigate abuse, or meet legal and security duties. Optional AI processing uses the processors listed below.
6. How long we keep it
Ticket content retention is configurable per server in the dashboard. Free servers can retain TicketCord-stored closed-ticket content for up to 90 days for newly created tickets after this policy takes effect. Basic, Pro, and Enterprise servers can choose 180 days, 365 days, or manual retention.
Tickets that existed before this control was introduced remain under the previous no-automatic-retention-purge treatment unless they are manually deleted. New tickets receive an explicit retention policy when they are created. When retention cleanup runs, it removes TicketCord-stored messages, attachment URLs, transcript links, compressed history, and ticket-derived AI or knowledge-base learning; ticket metadata and purge audit fields remain.
Two separate log retentions apply: security events (sign-ins, access changes, sensitive actions) age out automatically after 90 days; broader operational audit logs are kept longer for incident response and purged automatically on a fixed schedule.
You can delete individual tickets from the dashboard. Deleting entire categories or your account isn’t self-serve today - email us and we’ll handle it. See Delete your account for the exact steps.
7. Your rights
If you are in the EU/EEA, UK, or another region with privacy rights, you may have the right to access, correct, delete, restrict, object to, or export your personal data, and to lodge a complaint with your data protection authority.
Email [email protected] and we will respond within 30 days unless a longer period is allowed by law for complex or repeated requests.
8. Children
TicketCord is not directed to children under 13, or under 16 where that higher age applies. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it where required.
9. Changes to this policy
When we make material changes to this policy, we’ll update the effective date above and notify dashboard users through a platform notice. Where appropriate and available, we may also notify by email. Continued use of TicketCord after a change means you accept the revised policy.
10. Contact
Questions, privacy requests, or security concerns? Email [email protected].