Privacy Policy

This Privacy Policy applies to Faction Finder, a Roblox community discovery service that supports browsing, submissions, account features, reviews, reports, representative dashboards, curator workflows, and moderation tools.

This policy is written to include California-specific disclosures. Depending on our size, revenue, traffic, data practices, and legal status, some California Consumer Privacy Act and California Privacy Rights Act requirements may apply only if we meet the legal definition of a covered business.

We collect information you provide directly, including username or display name, email address, profile information, group applications or submissions, reviews, reports, DMCA requests, privacy requests, and messages or support requests you send to us.

We collect information created by your use of the service, including user-generated content, favorites, reviews, reports, account activity, moderation history, and dashboard activity.

We automatically collect technical information from browsers, servers, hosting providers, and Cloudflare, including IP address, browser and device information, cookies, authentication or session tokens, usage analytics, server logs, timestamps, request metadata, and security events.

We receive third-party data from Discord and Roblox when you sign in, link accounts, or import owned Roblox group data. This may include account IDs, usernames, avatar or profile information, OAuth authentication data, linked-account status, Roblox username, and Roblox group information available through the permissions you grant.

We do not require you to provide optional information unless a feature needs it to work, such as a contact email for group submissions or a linked Roblox account for owner verification and group import.

The table below describes the categories of personal information we may collect, the sources of that information, why we use it, and our general retention approach. We do not collect every example from every user.

We use personal information only as reasonably necessary for the purposes described in this policy or for compatible purposes such as security, debugging, legal compliance, internal research, and service improvement.

We use information to create and manage accounts, authenticate users, maintain sessions, link Discord or Roblox accounts, verify Roblox group ownership or representation, and provide protected features.

We use submitted content to review listings, publish approved communities, operate favorites and reviews, investigate reports, manage moderation queues, and maintain trust and safety records.

We use technical information to secure the service, detect abuse, prevent fraud, troubleshoot errors, measure performance, understand aggregate usage, and improve reliability.

We may use contact information to respond to support requests, send account or submission-related messages, communicate moderation decisions, and provide important service notices.

We use Discord for sign-in and community-related account data when you choose to authenticate with Discord.

We use Roblox for account linking, Roblox identity verification, and owned-group import features when you choose to connect Roblox.

We use Cloudflare for site delivery, security, caching, performance, analytics, logs, and reliability.

We use Supabase and PostgreSQL-compatible database services to store application data. We use Prisma as the database access layer in the application.

We may use hosting, infrastructure, analytics, error logging, email, or support providers as needed to operate the service. If we add a materially different analytics, advertising, or error logging provider, we will update this policy.

We use Cloudflare to help deliver, cache, protect, and measure the site. Depending on the Cloudflare services enabled, Cloudflare may process request metadata, IP addresses, approximate location, browser or device information, timestamps, performance metrics, bot or security signals, and other traffic data.

Cloudflare Web Analytics is intended to provide privacy-focused traffic and performance metrics. We use Cloudflare analytics in aggregate to understand site usage and performance, not to sell personal information or build advertising profiles.

Cloudflare may process information as our service provider for network delivery, proxying, caching, security, bot protection, analytics, logging, troubleshooting, and reliability.

We use session cookies, authentication cookies, and similar local storage where needed to provide the service, including sign-in, session management, authentication security, account linking, and protected workflows.

Cloudflare, Discord, Roblox, and other service providers may use cookies or similar technologies for security, authentication, analytics, performance, or fraud prevention when their services are used.

We do not currently use advertising cookies or cross-context behavioral advertising cookies.

Some browsers offer Do Not Track signals. There is no consistent industry standard for responding to those signals, and we do not currently change service behavior in response to Do Not Track. If we later sell or share personal information in a way that requires honoring opt-out preference signals, we will update this policy and provide the required choices.

We may disclose information to service providers that help us operate Faction Finder, including Discord, Roblox, Cloudflare, Supabase, database, hosting, authentication, analytics, security, infrastructure, logging, email, and support providers.

We may disclose public or submitted content through the service, such as approved group listings, public reviews, display names, ratings, tags, Roblox links, Discord invite links, media, and related listing details.

We may disclose information to moderators, curators, administrators, or trusted helpers as needed to review submissions, investigate reports, enforce rules, and protect users.

We may disclose information if required by law, legal process, or government request, or if we believe disclosure is necessary to protect rights, safety, users, the public, or the service.

We may disclose information in connection with a merger, acquisition, financing, reorganization, sale, transfer, or similar transaction involving all or part of the service.

We do not knowingly sell personal information.

We do not knowingly share personal information for cross-context behavioral advertising.

We do not currently share personal information for advertising.

We do not knowingly sell or share the personal information of users under 16.

If our practices change, we will update this policy and provide legally required notices and opt-out choices before engaging in sale or sharing.

We use sensitive personal information only for purposes that are reasonably necessary to provide the service, secure accounts, prevent abuse, verify identity or authorization, maintain sessions, link accounts, and comply with law.

We do not use sensitive personal information to infer characteristics about you.

California residents may have the right to know what personal information we collect, use, disclose, sell, or share; the right to access specific pieces of personal information; the right to receive a copy or export of personal information where required; the right to correct inaccurate personal information; the right to delete personal information; the right to opt out of sale or sharing; the right to limit certain uses of sensitive personal information; and the right not to be discriminated against for exercising privacy rights.

Some information may be exempt from deletion or access requests, including information we need for security, fraud prevention, legal compliance, debugging, internal operations, free expression, public-interest uses, or maintaining moderation and abuse-prevention records.

If we are not legally required to honor a particular CCPA/CPRA request because we are not a covered business or because an exception applies, we may still try to help with reasonable account requests when possible.

To make a privacy request, use the Privacy Request form linked below. You can submit a request while signed in or signed out, and authorized agents can use the same form.

We may need to verify your identity before completing a request. Verification may require you to use the account associated with the request, confirm control of an email address, or provide information that lets us match you to the account or record.

You may use an authorized agent where California law allows it. We may require proof that the agent is authorized and may still ask you to verify your identity directly.

We will respond to verified privacy requests within the time required by applicable law.

Signed-in users can request account deletion from the account page. Account deletion deactivates the account, removes active sessions, disconnects linked sign-in identities, clears favorites, and anonymizes profile fields such as email, display name, avatar, Discord handle, and Roblox identifiers.

Reasonable deletion does not necessarily erase records that we need to preserve for trust, safety, legal compliance, audits, dispute resolution, or moderation history. For example, submissions, reviews, reports, curator actions, legal requests, and security records may remain associated with an anonymized inactive user record when retention is necessary.

Signed-out users, authorized agents, or users who cannot access their account can use the Privacy Request form to ask for deletion help.

Because Faction Finder may host user-submitted listings, descriptions, links, reviews, media URLs, or other content, copyright owners and authorized agents can submit DMCA takedown requests through the DMCA form linked below.

Users who believe their content was removed by mistake or misidentification can also use the DMCA form to submit a counter-notice. DMCA requests are reviewed by admins, not general moderators.

A service provider that wants DMCA safe-harbor protection may also need to register and maintain a designated DMCA agent with the U.S. Copyright Office and publish that agent's contact information.

Faction Finder is intended for users who are at least 13 years old. If you are under the age required to use Discord, Roblox, or any linked third-party account, you may not use those features through Faction Finder.

Faction Finder is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

If we learn that we collected personal information from a child under 13 without appropriate consent, we will take reasonable steps to delete it.

Because Roblox communities may include younger audiences, representatives may not submit personal information about children, and users should not include private information about minors in listings, reviews, reports, or media.

If you believe a child has provided personal information to us, contact us so we can review and remove it where appropriate.

Accounts are generally retained while active. Inactive accounts may be retained if they are needed to preserve account history, security records, submissions, reviews, reports, moderation history, legal requests, or audit records.

Server logs, Cloudflare logs, analytics records, and security records are retained for limited operational periods unless needed longer for security, abuse prevention, debugging, legal compliance, or audits.

Backups may retain information for a limited period after it is deleted from active systems until those backups expire or are overwritten.

We retain personal information only for as long as reasonably necessary for the purposes described in this policy, including account operation, submissions, reviews, reports, security, fraud prevention, legal compliance, backup integrity, audit records, and moderation history.

Retention periods vary based on the type of information, whether the information is public, whether it relates to moderation or safety, whether it is needed to provide an account feature, and whether legal or operational requirements apply.

Some information may remain in backups, logs, audit records, or moderation records for a limited period after deletion from active systems.

We use reasonable technical and organizational measures designed to protect information, including HTTPS encryption in transit, authentication controls, role-based access, token protection, infrastructure security features, and limited staff or admin access based on role.

No online service can guarantee perfect security. You should protect the Discord, Roblox, and email accounts connected to your Faction Finder account.

Faction Finder may process and store information in the United States or other locations where our service providers operate. By using the service, you understand that information may be processed outside your state, province, or country.

We may update this Privacy Policy as the service, laws, or our data practices change. When we make material changes, we will update the effective date or last updated date and may provide additional notice through the site, account notices, email, or community channels where appropriate.

For privacy questions, account requests, child privacy concerns, or California privacy requests, use the Privacy Request form, email [email protected], or contact Faction Finder through the official community or support channel.