What information is collected
Before a user attempts to join our Discord server, we collect a fingerprint which can be used to identify the computer and network which is requesting an invite code. This fingerprint is then used in subsequent requests to determine if the same computer or network is making repeated requests for invite codes.
To respect the privacy of our community, we store truncated versions of metadata which cannot be used to correlate events before and after accepting an invite code. This prevents the fingerprint created prior to joining from being used to identify a user account after joining.
The fingerprint consists of the following metadata:
- The IP address which established the HTTP connection, and whether or not this IP address is known as belonging to a shared network (i.e. VPN or other relays).
- Information about the user agent of the connecting client, including the name and version of the web browser and operating system.
- The supported feature set and capabilities of the client making the request.
- The referral information associated with the HTTP connection, indicating from which website the client navigated from.
- The timestamp at which the HTTP connection was established, rounded to the nearest 12 hour window.
- The proximity of this fingerprint to other fingerprints that have been captured in the last 24 hours, rounded to the nearest 12 hour windows.
Furthermore, upon a user accepting the given invite to our Discord server, we log the following information.
- The proximity of the joining Discord user's avatar, username, and other account metadata, to any other Discord user who has joined in the last 30 minutes.
Use of your information
We collect your information to identify possible abuse which is directed at our online community, and to automatically block such users from joining our Discord community. We may use information about the proximity of recent events in order to identify and block automated systems from joining our community.
This information may also be used to rate-limit incoming connections to our web server, in order to prevent exhaustion of our available network or compute resources.
Sharing of your information
We do not share this collected information with any other parties or individuals, except where otherwise required by law. All information is securely logged in encrypted format with strong controls to prevent unauthorized access.
Retaining of your information
We retain your information for only the duration needed to identify and prevent abuse. Because of this, any and all information which we collect is erased 3 days after it is logged.
Removal of your information
We cannot satisfy requests to delete information from our systems due to there being no identifying information to associate any such request with.