Privacy Policy

This Privacy Policy explains what personal data we collect, why we collect it, and how you can exercise your rights under the GDPR.

• Account data: email, display name, authentication identifiers.
• Security data: 2FA status (TOTP enabled), login/session metadata.
• API usage data: credits usage counters, last request timestamp.
• Connected accounts: Discord user id/username/avatar URL (if linked).
• Optional user avatar you upload (stored in Firestore).
• Lookup history (optional): endpoint, query, type, status, timestamp.

• Provide the service and manage your account (contract).
• Protect the platform and prevent abuse (legitimate interests).
• Provide billing/usage controls (contract/legitimate interests).
• Store lookup history only if you enable it (consent).

We retain lookup history for a limited period and/or until you disable it. You can also delete your account at any time from the Account page.

• Access / portability (download your data).
• Rectification (update your profile).
• Erasure (delete your account).
• Restriction / objection where applicable.

For GDPR requests, contact: privacy@example.com