Privacy Policy

1. Introduction

Cordvertise ("we", "us", "our") operates a Discord-based advertising and monetisation platform. This Privacy Policy explains what personal data we collect, why we collect it, how we use and store it, who we share it with, and what rights you have over it.

This policy applies to all users of the Cordvertise platform, including advertisers (users who create and fund ad campaigns), publishers (bot developers who integrate our API), and Discord users (members of Discord servers who are served ads or complete surveys through publisher bots).

We are committed to compliance with the General Data Protection Regulation (GDPR) where applicable. By using Cordvertise, you acknowledge that you have read and understood this policy.

If you have any questions about this policy or wish to exercise your data rights, contact us at [email protected].

2. Who we are and what roles we play

For the purposes of GDPR, Cordvertise acts as the data controller for all personal data collected and processed through the platform. Publisher bot developers who transmit user data to our API (such as Discord user IDs and role names) act as data processors on our behalf for that transmission, and are bound by our Terms of Service.

We do not sell personal data to third parties. We do not use personal data for any purpose other than operating, improving, and securing the Cordvertise platform.

3. Data we collect and why

3.1 Advertiser account data

When you create a Cordvertise account as an advertiser, we collect:

  • Email address — used for account login, password resets, and platform communications.
  • Password (stored as a bcrypt hash) — we never store your raw password.
  • Display name — shown in your dashboard and used to identify your account.
  • Discord user ID, Discord username, and Discord avatar hash — collected when you sign in via Discord OAuth. Used for account identification and display.
  • Google account ID — collected if you sign in via Google OAuth. Used for account identification only.
  • Email verification status — whether your email address has been verified.
  • Registration IP address and last login IP address — collected for fraud prevention and account security. We also record whether the registration IP was detected as a VPN or proxy.
  • Account ban status and ban reason — if your account is suspended, the reason is recorded for enforcement purposes.
  • Booster status — whether you are a Nitro booster of a connected Discord server, used for reward calculations.

Legal basis: Performance of a contract (account creation and service delivery); legitimate interests (fraud prevention and account security).

3.2 Campaign and advertising data

When you create an ad or survey campaign, we collect and store:

  • Campaign name, banner image URL, button label, destination URL, embed colour, and campaign status.
  • Campaign type (views, clicks, surveys, joins, stays), targeting settings (language, country, device type, age range, gender, interests, server tags), budget, and delivery statistics.
  • Discord invite codes and guild IDs associated with join and stay campaigns.
  • AI-generated content analysis of your ad creative, used internally for targeting classification. This analysis is stored but not shared.

Legal basis: Performance of a contract.

3.3 Payment and billing data

We record all deposit and withdrawal activity on your account, including:

  • Payment provider used (Stripe, NOWPayments, or other), transaction reference, amount in EUR, credit amount awarded, and transaction status.
  • Withdrawal requests including method, payout details (such as a wallet address or payment handle), amount, and status.
  • Internal credit balance and full credit transaction history including the source of each credit change.

We do not store full card numbers or raw payment credentials. Payment processing is handled by third-party providers under their own privacy policies.

Legal basis: Performance of a contract; legal obligation (financial record-keeping).

3.4 Publisher (API partner) data

When you register as a publisher and integrate our API, we collect and store:

  • Your publisher account linked to your Cordvertise user account.
  • API key hash (we store a one-way hash of your key, never the raw key), API key scopes, key status, and rate limit tier.
  • Your bot's Discord application ID (external_bot_id), bot name, and bot logo URL if provided.
  • A log of which bot IDs have been seen using your API key, including first seen and last seen timestamps and request counts.
  • Publisher earnings ledger — a full record of every EUR micro-earning credited to your account, including the source event.
  • API audit log — a record of every API request made with your key, including route, success/failure, and error codes. This log is used for fraud detection, billing disputes, and platform integrity.
  • Spike detection data — hourly confirmed view counts per API client, used to detect abnormal traffic patterns.
  • Strike history — if your account is flagged for policy violations, the number and timing of strikes are recorded.

Legal basis: Performance of a contract; legitimate interests (fraud prevention and platform integrity).

3.5 Discord user data (end users served ads via publisher bots)

When a Discord user is served an ad through a publisher's bot, the following data may be collected and stored by Cordvertise:

  • Discord user ID — collected with every ad request. Used for per-user frequency capping (maximum 10 ads per day per publisher), deduplication, fraud prevention, and building a user profile for ad targeting.
  • Discord guild (server) ID, guild name, and guild description — supplied by the publisher bot on each ad request. Used to build a server profile for AI-based ad targeting classification. The server name and description are passed to an AI model (Claude, operated by Anthropic) to infer content tags that describe the server's theme and audience.
  • Guild roles — the list of role names in the server, supplied by the publisher bot. Used alongside the server name and description to improve targeting classification.
  • Preferred language — the server's preferred locale, used to match ads to the correct language.
  • User roles (optional, premium tier) — if the publisher bot has the Discord Server Members privileged intent enabled and sends member_data_provided: true, the individual user's role names are transmitted to Cordvertise. These role names are passed through an AI classifier (Claude, operated by Anthropic) to infer demographic signals including gender, age range, device type, language, and interests. These inferred signals are stored in a user profile and used solely for ad targeting within Cordvertise. They are never sold or shared with third parties.
  • Booster status (optional, premium tier) — whether the user is a Nitro booster of the server, supplied by the publisher bot if the premium data tier is enabled. Used as a targeting signal.
  • Ad delivery records — for each confirmed ad delivery, we record the Discord message ID, guild ID, channel ID, user ID, timestamp, ad ID, and payout amounts. These records are used for billing, payout calculations, and fraud detection.
  • Click events — when a user clicks an ad button, we record the ad ID, timestamp, credits billed, and a hashed IP address. Raw IP addresses are not stored for click events — only a one-way hash used to detect click fraud patterns.
  • Join and stay records — for join and stay campaigns, we record the user's Discord ID, the guild they joined, the timestamp, and whether they remained for the required duration.
  • Captcha records — when a user solves a captcha challenge, we store the challenge token, the user ID, attempt count, expiry, and whether the challenge was used. These records expire automatically and are used solely for fraud prevention. Failed attempt counts and lockout records are retained for up to 10 minutes after a lockout event.

Legal basis: Legitimate interests (fraud prevention, traffic quality assurance, and ad targeting to fund publisher payouts). For demographic profiling via AI (user roles), we rely on legitimate interests balanced against the limited sensitivity of publicly visible Discord role names. Discord users who do not wish to be profiled should contact us using the details in Section 8.

3.6 Survey and earn page data

When a user participates in surveys or watches ads on the Cordvertise earn page:

  • Survey responses, completion timestamps, rewards earned, and quality scores are stored.
  • Ad watch history is recorded per user per ad per day to enforce the one-watch-per-24-hours limit.
  • Cashout credit balances and full transaction history are maintained.
  • Referral bindings — if a user was referred by another user, the referral relationship is stored for reward calculation purposes.
  • Profile survey responses — if a user completes an optional profile survey, their answers are stored and used to populate their targeting profile (age range, gender, interests, income range, device type, employment, language, country).
  • Daily claim and activity streak records — used to calculate daily reward eligibility.

Legal basis: Performance of a contract (reward delivery); legitimate interests (fraud prevention).

3.7 IP address and security data

We collect and process IP address information for security and fraud prevention purposes:

  • Registration IP address and last login IP address are stored on your account record.
  • An IP event log is maintained per user, recording the IP address, event type (e.g. login), timestamp, and the result of a VPN/proxy/Tor detection check including a fraud risk score. This check is performed via IPQualityScore, a third-party service.
  • For ad click events, only a one-way hash of the IP address is stored — the raw IP is never retained for clicks.
  • IP data is used exclusively for fraud detection, account security, and enforcing platform policies. It is not used for advertising targeting and is not shared with advertisers.

Legal basis: Legitimate interests (fraud prevention and platform security).

3.8 Session data

When you are logged in to the Cordvertise web dashboard, a session token (stored as a hash) is maintained in our database with an expiry timestamp. This is used solely to authenticate your requests. Sessions expire automatically and are not used for tracking outside of the platform.

Legal basis: Performance of a contract.

4. AI-based data processing

Cordvertise uses Claude, an AI model operated by Anthropic, for two specific purposes:

  • Server classification — when a Discord server is first seen by our API, the server's name, description, and role list are sent to the AI model to generate a set of content tags describing the server's theme and audience. These tags are stored in our database and used to match ads to relevant servers.
  • User demographic inference (premium tier only) — when a publisher bot sends user role names with member_data_provided: true, those role names are sent to the AI model to infer demographic signals such as gender, age range, device type, and interests. The inferred signals are stored in the user's profile and used for ad targeting within Cordvertise only.

Data sent to the AI model is limited to the minimum necessary (role names, server names, and descriptions — no names, emails, or account details). Anthropic's use of this data is governed by their API terms and privacy policy. We do not use AI to make automated decisions that produce legal or similarly significant effects on individuals.

5. Data sharing and third parties

We share personal data only in the following circumstances:

  • Payment processors — Stripe and NOWPayments receive the minimum information required to process your payment. They operate under their own privacy policies.
  • Discord — when you authenticate via Discord OAuth, Discord shares your user ID, username, and avatar hash with us. We do not share your data back to Discord beyond what is inherent to the OAuth flow.
  • Google — when you authenticate via Google OAuth, Google shares your account identifier with us.
  • IPQualityScore — your IP address is sent to IPQualityScore at account registration and login for VPN, proxy, and fraud scoring. Their privacy policy governs their handling of this data.
  • Anthropic (Claude API) — server names, descriptions, role lists, and user role names are sent to Anthropic's API for classification purposes as described in Section 4.
  • Hosting and infrastructure providers — our hosting provider has access to server infrastructure but is bound by data processing agreements.
  • Law enforcement — we may disclose data if required to do so by law, court order, or to protect the rights, property, or safety of Cordvertise, our users, or others.

We do not sell, rent, or trade personal data to any third party for marketing purposes.

6. Data retention

We retain data for as long as it is necessary for the purpose it was collected, subject to the following:

  • Account data — retained for the lifetime of your account and for a reasonable period after deletion to allow for dispute resolution.
  • Payment and billing records — retained for a minimum of 7 years to comply with financial record-keeping obligations, even after account deletion.
  • Fraud and security records — IP logs, fraud alerts, ban records, and API audit logs are retained for as long as necessary for fraud prevention, dispute resolution, and platform integrity. These records may be retained after account deletion.
  • Ad delivery and click records — retained for billing verification and dispute resolution. Aggregated analytics may be retained indefinitely in anonymised form.
  • Captcha records — expired within 60 seconds. Lockout records expire within 10 minutes. No long-term retention.
  • Session tokens — expire automatically based on session TTL and are cleaned up periodically.
  • User targeting profiles — retained while the user continues to interact with the platform. Can be deleted on request (see Section 7), subject to the fraud prevention exception below.
  • Server profiles — retained while the guild continues to be served by our API. Not considered personal data as they relate to a Discord server (a non-natural-person entity).

7. Your rights

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with applicable data protection law, you have the following rights:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct inaccurate or incomplete data.
  • Right to erasure — you can request deletion of your personal data. We will comply except where we are required to retain data for legal compliance (e.g. financial records), fraud prevention, or platform integrity. Specifically, payment records, fraud alerts, IP security logs, API audit logs, and ban records may be retained after a deletion request.
  • Right to restriction — you can ask us to restrict processing of your data in certain circumstances.
  • Right to data portability — you can request a machine-readable export of the personal data you have provided to us.
  • Right to object — you can object to processing based on legitimate interests, including the AI-based demographic inference described in Section 4. Where we cannot demonstrate compelling legitimate grounds that override your interests, we will stop that processing.
  • Right to withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint — you have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may ask you to verify your identity before processing your request.

8. Discord users served through publisher bots

If you are a Discord user who has been served an ad through a third-party bot that uses the Cordvertise API, and you wish to request deletion of your user profile, targeting data, or ad delivery history, you can contact us at [email protected] with your Discord user ID. We will delete your targeting profile and any data not required for fraud prevention or billing integrity.

Note that your Discord user ID may still appear in anonymised or aggregated records that cannot be linked back to you individually. Fraud prevention records (such as lockout records tied to your user ID) may be retained for a limited period.

9. Cookies and local storage

The Cordvertise web dashboard uses session cookies and browser local storage to maintain your login state and UI preferences (such as your selected language or theme). These are functional and do not track you across other websites. We do not use third-party advertising cookies or tracking pixels.

10. Children

Cordvertise is not directed at children under the age of 13 (or under 16 in the EEA). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, contact us at [email protected] and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date below. Continued use of the platform after a change constitutes acceptance of the updated policy.

Last updated: March 2026