The data controller responsible for processing your personal data is the operator of this website. For full company details and contact information, please see our Legal Notice (Impressum).
Email: contact@restorecord.com
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
Discord ID
Discord server in which you are verifying
IP information including IP address and VPN status (if enabled by the server owner)
Discord OAuth2 tokens (NOT account login token)
Username
Email address
Referral data
Other profile information
Payment Data is stored by our payment processor (Stripe) and we do not have access to it. For more information, please see Stripe's privacy policy here: https://stripe.com/privacy
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
In Short: We share your information only when necessary with selected third parties to help us provide, improve, administer, and safeguard our Services.
We may need to share your personal information with the following parties:
Vendors: We only share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing by entities like Stripe, data analysis, email delivery, hosting services, and customer support. Such sharing is strictly limited to the information necessary for the execution of their tasks and compliant with this privacy notice.
Business Transfers: We may share or transfer your information as part of, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company, ensuring the confidentiality of your information.
Affiliates: We may share your information within our corporate family—such as with subsidiaries or parent companies—only if necessary for business purposes and to provide you with our services under the terms of this privacy notice.
Business Partners: We share your information with business partners only when you engage in promotions or special programs that require such sharing, and this will be done with your explicit consent.
With your Consent: We disclose your personal information for any purpose, but only with your explicit consent.
As Legally Required: We share information when legally required to do so or when necessary to protect the rights, property, or safety of our business, our clients, or others. This includes sharing information with other parties to prevent or address fraud and avoid credit risks.
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
If you have questions or comments about this notice, you may email us at contact@restorecord.com.
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please submit a request by sending an email to contact@restorecord.com.
If you have verified as a member in a Discord server using RestoreCord, you can manage your data directly through our Manage My Data page.
If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):
Contract Performance (Art. 6(1)(b) GDPR): Processing necessary for the performance of a contract with you, such as providing our services, managing your account, and processing payments.
Legitimate Interests (Art. 6(1)(f) GDPR): Processing necessary for our legitimate interests, such as fraud prevention, security, and improving our services, provided these interests are not overridden by your rights.
Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent for specific processing activities. You may withdraw your consent at any time by contacting us at contact@restorecord.com.
Legal Obligation (Art. 6(1)(c) GDPR): Processing necessary to comply with legal obligations, such as tax and accounting requirements.
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
Account Data: Retained for the duration of your account and up to 30 days after deletion to allow for account recovery.
Member Verification Data: Retained for as long as the server owner maintains their server on our platform.
Payment Records: Retained for 7 years to comply with tax and accounting regulations.
Security Logs: Retained as long as necessary for security purposes and legal compliance.
After the retention period expires, your data will be securely deleted or anonymized.
Our primary infrastructure is hosted in Germany within the European Union, where our database resides. Depending on user location, application servers may also operate in the USA and Singapore. We use the following third-party service providers to process your data. For each processor, we detail the data we send, the data we receive, and the legal basis for the transfer.
Payment processing. We send: email address, username, internal account ID. We receive: payment status, subscription data, Stripe customer ID. See Stripe's Privacy Policy.
Bot protection. Your browser sends: browser characteristics directly to hCaptcha. We receive: a bot/human verification score. See hCaptcha's Privacy Policy.
VPN and proxy detection. We send: IP address. We receive: VPN/proxy status, ASN, and ISP name.
Cryptocurrency payment processing. We send: payment amount and order ID. We receive: payment status, deposit address, and transaction ID. No personal data is shared.
CDN and DDoS protection. Cloudflare processes all HTTP requests as an infrastructure provider (IP addresses, HTTP headers). We do not actively share data with Cloudflare; they process it as part of delivering our service.
Transactional email delivery. We send: recipient email address and email content. We receive: delivery status.
Core service integration. We send: OAuth2 tokens (not account login tokens). We receive: user profile data, guild membership, and email address (only if enabled by the server owner). See Discord's Privacy Policy.
Optional single sign-on authentication. We send: authorization code. We receive: email address, name, and profile picture.
Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.
If you are located in the EEA, you have the following rights regarding your personal data:
Right of Access: You have the right to request a copy of the personal data we hold about you.
Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
Right to Erasure: You have the right to request deletion of your personal data under certain circumstances.
Right to Restriction: You have the right to request restriction of processing of your personal data.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format.
Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.
To exercise any of these rights, please contact us at contact@restorecord.com. We will respond to your request within one month.
If you believe that our processing of your personal data violates data protection laws, you have the right to lodge a complaint with a supervisory authority. For Germany, the relevant authority is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Website: https://www.datenschutz-berlin.de
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
Encryption of data in transit using TLS/SSL
Secure storage of sensitive data
Access controls limiting data access to authorized personnel
Regular security assessments and updates
While we strive to protect your personal data, no method of transmission over the Internet is 100% secure.
RestoreCord™ is a registered trademark of Axvant UG (haftungsbeschränkt). All rights reserved. All other trademarks, service marks, and trade names referenced on this site are the property of their respective owners.
Last updated: February 26, 2026