Home
Store
Gallery
About

Privacy Policy

Last Updated: September 2, 2025

1. Introduction

AlcatrazRP ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, Discord server, and applications (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide directly to us when you:

  • Register for an account through Discord OAuth authentication
  • Make purchases through Tebex or donations through Stripe
  • Contact our support team or create support tickets
  • Participate in our Discord server activities
  • Upload images to our gallery (admin users only)
  • Interact with our website and services

This information may include:

  • Discord Profile Data: Discord ID, username, discriminator, avatar, email (if provided by Discord)
  • Account Information: Display name, profile preferences, account settings
  • Purchase Data: Transaction history, product preferences, billing information (processed by Tebex/Stripe)
  • Communication Data: Support ticket content, Discord messages in designated channels
  • User-Generated Content: Gallery images, descriptions, and metadata (admin users)

2.2 Information We Collect Automatically

When you access our Services, we automatically collect certain technical information:

  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent, click patterns, referral sources
  • Performance Data: Load times, error logs, system performance metrics
  • Discord Activity: Server join/leave events, role assignments, ticket creation
  • Session Data: Login/logout times, authentication tokens, session duration

2.3 Third-Party Data Collection

Our Services integrate with third-party platforms that may collect additional data according to their own privacy policies. This includes Discord (authentication and server data), Tebex (payment processing), Stripe (donation processing), and AWS (file storage).

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

  • Authenticate users and maintain secure sessions
  • Process purchases, subscriptions, and donations
  • Assign and manage Discord roles automatically
  • Create and manage support tickets
  • Display purchased content and subscription benefits
  • Maintain user account and purchase history

3.2 Communication and Support

  • Respond to support requests and technical issues
  • Send transaction confirmations and receipts
  • Notify users of service updates or important changes
  • Provide customer support through Discord tickets

3.3 Security and Fraud Prevention

  • Detect and prevent fraudulent transactions
  • Monitor for unauthorized access or suspicious activity
  • Enforce our Terms of Service and community guidelines
  • Maintain system security and integrity

3.4 Service Improvement

  • Analyze usage patterns to improve user experience
  • Develop new features and services
  • Optimize website performance and reliability
  • Generate anonymous analytics and statistics

4. How We Share Your Information

4.1 Third-Party Service Providers

We share information with the following service providers:

  • Discord: For authentication, role management, and server integration
  • Tebex Limited: For processing purchases of subscriptions and virtual items
  • Stripe, Inc: For processing server donations and related payments
  • Amazon Web Services (AWS): For secure file storage and website hosting
  • Vercel: For website hosting and performance optimization
  • MongoDB Atlas: For secure database storage and management

4.2 Legal and Safety Requirements

We may disclose your information when required by law, legal process, or to protect the rights, property, or safety of AlcatrazRP, our users, or the public. This includes cooperating with law enforcement, regulatory agencies, or court orders.

4.3 Business Transfers

If AlcatrazRP is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.4 Consent-Based Sharing

We may share your information for other purposes with your explicit consent or at your direction.

5. Specific Service Integrations

5.1 Discord Integration

Our Discord integration includes:

  • Authentication: We use Discord OAuth to verify your identity
  • Profile Information: We store your Discord ID, username, and avatar URL
  • Role Management: We automatically assign/remove Discord roles based on your subscriptions
  • Support Tickets: We create Discord channels for customer support
  • Server Activity: We may log certain Discord activities for moderation and support purposes

5.2 Tebex Payment Processing

For purchases through Tebex:

  • Tebex processes all payment information securely - we do not store your payment details
  • We receive transaction confirmation and customer information from Tebex
  • Purchase data is used to fulfill orders and assign appropriate benefits
  • Refund and chargeback information is shared between Tebex and our systems
  • Tebex's privacy policy governs their collection and use of your payment information

5.3 Stripe Donation Processing

For donations through Stripe:

  • Stripe securely processes all donation payment information
  • We receive confirmation of successful donations but not your payment details
  • Donation records are maintained for tax and accounting purposes
  • Stripe's privacy policy governs their handling of your payment data

5.4 AWS S3 File Storage

Images uploaded to our gallery are stored securely on Amazon Web Services (AWS) S3. These files are accessible to the public through our website. AWS's privacy policy governs their handling of this data.

6. Data Security and Protection

We implement multiple layers of security to protect your information:

  • Encryption: Data transmission is protected using SSL/TLS encryption
  • Authentication: Secure OAuth integration with Discord
  • Access Control: Strict internal access controls and admin permissions
  • Secure Infrastructure: Cloud hosting with enterprise-grade security
  • Regular Updates: Prompt security patches and system updates
  • Monitoring: Continuous monitoring for security threats and breaches

While we implement industry-standard security measures, no method of transmission or storage is completely secure. We cannot guarantee absolute security but are committed to protecting your information using reasonable and appropriate safeguards.

7. Your Privacy Rights and Choices

7.1 Access and Portability

You have the right to access, review, and receive a copy of the personal information we maintain about you. Contact us to request your data in a portable format.

7.2 Correction and Updates

You may update or correct your account information through your account settings or by contacting us. Some information (like Discord profile data) updates automatically when you change it on Discord.

7.3 Deletion and Right to be Forgotten

You may request deletion of your account and personal information. Note that some information may be retained for legal, tax, or legitimate business purposes, such as transaction records and fraud prevention.

7.4 Opt-Out Rights

  • Marketing Communications: Opt out of promotional messages (we send very few)
  • Data Processing: Object to certain types of data processing
  • Cookies: Disable cookies through your browser settings (may affect functionality)

7.5 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (we do not sell personal information).

7.6 European Privacy Rights (GDPR)

If you are in the European Union, you have rights under the General Data Protection Regulation (GDPR) including data portability, the right to rectification, and the right to lodge a complaint with a supervisory authority.

8. Data Retention

We retain your information for different periods depending on its type and purpose:

  • Account Data: Retained while your account is active and for a reasonable period after closure
  • Transaction Records: Retained for tax, accounting, and legal compliance requirements
  • Support Communications: Retained to provide ongoing support and resolve disputes
  • Technical Logs: Typically retained for 30-90 days for security and troubleshooting
  • Legal Hold Data: Retained as required for legal proceedings or regulatory requirements

9. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Authentication: Maintaining your login session securely
  • Preferences: Remembering your settings and preferences
  • Security: Protecting against fraud and unauthorized access
  • Analytics: Understanding how users interact with our Services

You can control cookies through your browser settings, but disabling cookies may affect the functionality of our Services.

10. Age Restrictions and Children's Privacy

Our Services are intended for users aged 13 and older, with purchases restricted to users 18 and older. We do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will promptly delete it. Parents or guardians who believe we may have collected information from a child under 13 should contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States where our servers are located. These countries may have different data protection laws. When we transfer your information internationally, we implement appropriate safeguards to protect your privacy rights.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will notify you by email (if you have provided one) or through a prominent notice on our Services. The "Last Updated" date at the top indicates when the policy was last modified. Your continued use of our Services after changes take effect constitutes acceptance of the updated policy.

13. Contact Information and Data Protection Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to privacy-related inquiries within 30 days, or sooner as required by applicable law.