PRIVACY.md

Ryuuzaki Ryuusei Privacy Policy

Effective	November 29, 2023
Last Updated	November 29, 2023

Greetings, and welcome to Ryuuzaki Ryuusei's Privacy Policy. Through this document, we aim to provide you with an explanation of how your personal information is collected, used, stored, protected, and shared by our bot/service. By using our service, you agree to the collection, use, storage, and sharing of your limited personal information as described in this Privacy Policy.

nattadasu is the Data Controller of your personal information, which will be collected under the jurisdiction of Indonesia. We ensure that our policies adhere to both, the EU General Data Protection Regulation, California Consumer Privacy Act, and Personal Data Protection Act of Indonesia (UU No. 27 Tahun 2022). Should you have any questions or concerns regarding this Privacy Policy or other relevant matters, please do not hesitate to reach out to the data controller through our About Us section.

Whilst we encourage you to peruse this Privacy Policy thoroughly, here's a brief synopsis of the data categories we collect, store, and use with consent from yourself:

• We collect personal information tied about you, with your consent, the following data:
  • AniList (optional): username, user ID
  • Discord: username, discriminator, user snowflake ID, joined date, guild/server ID of registration, server name, date of registration, user referral (if any)
  • Last.FM (optional): username
  • MyAnimeList: username, user ID, joined date
  • Shikimori (optional): username, user ID
  • User's settings (optional): automatic embed reply state
• We share limited personal information about you and/or other, required for the bot to function as expected, with the following services:

  Warning

  Please note that, while Ryuuzaki Ryuusei does not collect, store, maintain or use logs of messages sent about you under any circumstances without prior explicit consent, some of the third party services integrated into the Bot may have their protocols on data collection, storage, processing and sharing that you should be aware of.

  For more information, you can visit the privacy policies of the questioned services. You also have the right to opt-out of these services by deleting your data from these services.

  • Discord: Message Author Identifier
  • Last.FM: Last.FM Username
  • MAL-Heatmap: MyAnimeList Username
  • MyAnimeList (via Jikan): MyAnimeList Username
  • PronounDB: Message Author Identifier
  • Shikimori: Shikimori Username
• We do not collect, store, or use any logs of messages sent by system about you under any circumstances. We delete the log generated by the system periodically for bug fixing and performance improvement purposes.
• We share aggregated and anonymized data to 3rd parties. We may share aggregated and anonymized data to third parties for the purpose of improving our services and statistics. This data is not personally identifiable and is used for statistical purposes only.
• We stores cache in our system for limited time. This cache is used to improve the performance of the bot and to reduce the load on the third party services. The cache is stored for a limited time and is automatically deleted after a certain period of time.
• You have rights to modify, rectify, delete, or restrict processing of your data. You can also request to stop processing your data on your server. Please refer to User Rights section for more information.

Table of Contents

• Definitions
• About Us
• User Consent
• User Data Collection and Usage
  • Discord: User
  • MyAnimeList: User
  • AniList: User
  • Shikimori: User
  • Last.FM: User
  • Personal Information
• User Data Sharing
  • MyAnimeList: Global
  • Last.FM: Global
  • AniList: Global
  • MAL-Heatmap
  • Discord: Global
  • PronounDB
  • Shikimori: Global
• User Interaction
• Aggregated Data Sharing
• Data Caching
• Data Logging
• Access to User Data
• Data Retention
• User Rights
  • Right to Opt-Out
  • Right to Non-Discrimination
  • Right to Access, Know, and Data Portability
  • Right to Modify, Rectify, Delete, or Restrict Processing
  • Right to Limit
  • Right to Stop Processing on Your Server
  • Right to Notification
  • Right to Withdraw Consent
  • Right to Object to Automated Decisions
  • Right to Receive Personal Data in Commonly Used Format
• Prevention of User Data Leakage
• Changes to this Privacy Policy
• Disclaimer for Warranty and Liability

Definitions

• Ryuuzaki Ryuusei/Bot/System/Service is defined as the software used to provide users with services.
• Data Controller refers to any organization or individual determining the method and purpose of processing personal information.
• Developer refers to the individual or organization that develops the Ryuuzaki Ryuusei bot.
• nattadasu/Natsu Tadama/We/Us/Our/Owner collectively refer to nattadasu, who is a Data Controller of your personal information and the developer of the bot.
• FOSS refers to Free and Open-Source Software.
• AGPL 3.0 refers to the GNU Affero General Public License version 3.0, which is the license under which the bot is distributed.
• You/Your/Author/User refers to the individual or organization that uses the bot.
• Discriminator is a unique numerical value that is allocated to each user on Discord provider. This identifier is now absolute and replaced with handle nane.
• Personal Information is any information that is capable of identifying an individual, for instance, name, email address or user ID.
• Sensitive Personal Information is a specific subset of personal information that includes certain government (such as social security numbers); an account log-in, financial account, debit card, or credit card number with any required security code, password, or credentials allowing access to an account; precise geolocation; contents of mail, email, and text messages; genetic data; biometric data; information processed to identify a consumer; information concerning a consumer’s health, sex life, or sexual orientation; or information about racial or ethnic origin, religious or philosophical beliefs, or union membership.
• Discord is a proprietary freeware VoIP application and digital distribution platform designed for video gaming communities operated by Discord Inc.
• Server/Guild is a Discord digital space made up of different types of channels that users can join and interact with each other.
• Title, unless otherwise specified, refers to a media content, such as anime, manga, TV, movie, music, etc.
• Provider refers to a third-party service that provides information about Titles.
• Channel is a Discord digital subspace inside a server where users can interact with each other.
• Command is a message that is sent to the bot to perform a specific function/operation/task.
• User Referral is a user who referred or added you to the bot through admin commands.
• API is a software interface to communicate to other software.
• Data Protection Laws refers to any applicable laws and regulations related to the processing of personal information, including but not limited to the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
• GDPR refers to the General Data Protection Regulation, which is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
• CCPA refers to the California Consumer Privacy Act, which is a law that regulates the use of personal information of California residents by businesses.
• UU No. 27 Tahun 2022/UU PDP/PDP refers to Personal Data Protection Act of Indonesia under Act No. 27 of the year 2022. This act is a comprehensive data protection and privacy regulation that aims to safeguard the personal data of individuals in Indonesia.

About Us

Ryuuzaki Ryuusei is a Discord bot that is developed by nattadasu which aims better privacy for title (anime, manga, tv, movie, music) lookup.

If you have any inquiries or concerns in regards to this privacy policy, please contact the Data Controller at:

hello [atsine] nattadasu [dot] my [dot] id

User Consent

By using Ryuuzaki Ryuusei, you automatically grant consent to collection, use, storage, and sharing of your limited personal information as described in this Privacy Policy.

User Data Collection and Usage

Ryuuzaki Ryuusei collects the following data, and uses it to provide functionality, under User's consent:

Discord: User

Ryuuzaki Ryuusei collects Discord User data, such as username, discriminator, User snowflake ID, joined date, guild/server ID of registration, server name, date of registration, and user referral (if any).

This data is used to provide the following functionality:

• /export data command
• /profile group command, this includes, but not limited to:
  • /anilist profile
  • /discord profile
  • /lastfm profile
  • /myanimelist profile
  • /shikimori profile
• /register command
• /unregister command
• /whoami command

MyAnimeList: User

Similar to Discord, Ryuuzaki Ryuusei collects MyAnimeList User data, such as username, User ID, and joined date which is provided by sending a request to Jikan API and MyAnimeList.

This data is used to provide the following functionality:

• /export data command
• /myanimelist profile command
• /register command

AniList: User

During linking your AniList account to registered account in bot database, we collect your AniList username and User ID provided by sending a request to AniList API.

This data is used to provide the following functionality:

• /provider link command
• /provider unlink command
• /anilist profile command

Shikimori: User

During linking your Shikimori account to registered account in bot database, we collect your Shikimori username and User ID provided by sending a request to Shikimori API.

This data is used to provide the following functionality:

• /provider link command
• /provider unlink command
• /shikimori profile command

Last.FM: User

During linking your Last.FM account to registered account in bot database, we collect your Last.fm username as is.

This data is used to provide the following functionality:

• /provider link command
• /provider unlink command
• /lastfm profile command

Personal Information

Ryuuzaki Ryuusei may collect and store limited personal information that you provide when you configure your experience using the bot.

User Data Sharing

Ryuuzaki Ryuusei shares limited personal information about you and/or others strictly for the purpose of providing functionality of the bot. The data sharing process is only done on the requirement of the bot operations.

In order to provide various features, Ryuuzaki Ryuusei collects data from other services as described below. Any user willing to opt-out from the service may do so by deleting their account from the particular service stated below and/or by removing their data from the bot.

MyAnimeList: Global

To offer user profile lookup, Ryuuzaki Ryuusei use Jikan API which is a third-party software that assists in accessing MyAnimeList to obtain information about the user's profile. This information is used by Ryuuzaki Ryuusei for /myanimelist profile and /verify commands.

During /register command is invoked, bot will directly connect to MyAnimeList to obtain live data by scraping user's profile page to check verification code.

Last.FM: Global

Last.FM username is shared with the Last.FM service to retrieve information regarding the user's profile and recently played tracks. This information is accessed by Ryuuzaki Ryuusei for /lastfm profile command.

Last.FM's username can be used else during provider linking to your registered account on the bot to only obtain user ID.

AniList: Global

Similarly to Last.FM, AniList username is shared to AniList to allow user showcasing their profile, and will return any data that is required to render the result when invoking /anilist profile command.

AniList's username can be used else during provider linking to your registered account on the bot to only obtain user ID.

MAL-Heatmap

MyAnimeList username is shared with MAL-Heatmap to obtain data related to the user's histories in a visualized heatmap format. This information is used solely for the purpose of providing data in the /myanimelist profile command.

Discord: Global

The bot utilizes Discord infrastructure to retrieve information regarding the user's profile and write command actor for server audit logs. The information is used to provide the following functionality:

• /discord profile command
• /utilities avatar command
• /utilities banner command
• /register command
• /unregister command
• /verify command
• /whoami command

PronounDB

During /discord profile command is invoked, bot will communicate to PronounDB to fetch currently set pronoun on the provider using Discord user ID. The information is used to provide the following functionality:

• /discord profile command
• /whoami command

Shikimori: Global

Shikimori username is shared with the Shikimori to allow user showcasing their profile, and will return any data that is required to render the result when invoking /shikimori profile command.

Shikimori's username can be used else during provider linking to your registered account on the bot to only obtain user ID.

User Interaction

When you invite the Bot and grant it the "Read Message/View Channels" permission, it will monitor and process messages from Space (Server, Group) members. This allows the Bot to provide interactive message features. However, participation in this feature is optional.

To opt-out, simply send /usersettings autoembed state:Disable to the Bot. Server Administrators can also remove the "Read Message/View Channels" permission by modifying the invite link's "permissions" parameter from 274878221376 to 274878220352. We prioritize transparency and user control, ensuring compliance with relevant regulations and data protection principles.

Aggregated Data Sharing

Ryuuzaki Ryuusei may share aggregated data with third parties for statistical purposes, but no personal information will be included in the aggregated data.

Following is the list of third parties that Ryuuzaki Ryuusei may share aggregated data with:

Provider	Data Shared	Purpose
Discord Bot List	Server Count, Shards Count	Public statistics
Discord Bots	Server Count, Shards Count	Public statistics
Infinity Bots	Server Count, Shards Count	Public statistics
Top.gg	Server Count, Shards Count	Public statistics

Data Caching

Ryuuzaki Ryuusei stores information for the purpose of caching for limited time, which is intended to reduce the number of requests made to supported Providers and decrease the time it takes to retrieve information. This function only caches information that is related to a Title and optionally limited Personal Information, and does not transmit any information about you other than the bot's IP address, User Agent and/or query request and responses.

Below is the table explaining retention period for each features from 3rd party API:

Provider	Retention Period
AniList	1 day
AniList: NSFW Check	1 week
AniList: User Profile	12 hours
AnimeAPI	1 day
ExchangeRate-API	1 day
Jikan	1 day
Jikan: User Profile	12 hours
Kitsu	1 day
Last.FM	Does not cache
MyAnimeList: User Profile	Does not cache
PronounDB	1 week
RAWG	1 day
Shikimori: User Profile	12 hours
SIMKL	1 day
Spotify	2 weeks
The Color API	1 week
The Movie DB: NSFW Check	30 days
Trakt	1 day
usrbg	60 hours (2 days, 12 hours)

Please note that the retention periods explained above apply solely to the Service, referring to the Ryuuzaki Ryuusei, where data caching is implemented. These retention periods do not extend to the supported providers themselves. For precise information about data retention policies on the supported providers, we recommend contacting each provider directly. This ensures that users have a comprehensive understanding of the data caching policy's scope and that any inquiries regarding data retention are addressed appropriately

Data Logging

Ryuuzaki Ryuusei does not log any information related to the User activity. In situations related to development, bug fixing, and testing, however, general information such as bot startup, command execution, API process, caches, and errors may be logged, but these logs will only be used for debugging purposes and will not be used for others.

Access to User Data

Users can access their data by utilizing the /export data command. Once executed, Ryuuzaki Ryuusei will generate a JSON string and preferred file format that contains all the information that the bot has gathered about the user.

It's important to note that this data export represents a mirror of the information that is stored in the bot. If you would like to see which data points are being collected by Ryuuzaki Ryuusei, please refer to the User Data Collection and Usage section of this document.

If you prefer an interactive way to check information stored in bot, /whoami command is available as well.

All user data is stored in a database that is written in CSV format. This database is only accessible by the Data Controller, and will never be shared with third parties, evaluated, analyzed, distributed, or otherwise made available for any reason.

Data retention is essential for the Ryuuzaki Ryuusei bot to function as expected. Therefore, it will not be deleted unless a user explicitly requests its removal. More information regarding data retention and user rights can be found in the Data Retention and User Rights sections of this document.

External services such as AniList, AnimeAPI, MyAnimeList (via Jikan), SIMKL, The Movie Database, and Trakt might be used by Ryuuzaki Ryuusei to retrieve title-related information. Please note that such services shall only receive limited information necessary for providing you with the service you requested, and they will not have access to your personal data.

Data Retention

Ryuuzaki Ryuusei will keep the User's data for as long as they are registered in the bot. If the User wishes to erase their data from the bot, they can employ /unregister command to request the removal of their data.

Do note cached data during retention period can not removed until the period itself has expired. If you wish to remove related cached immediately after unregistration, please contact the Data Controller in the About Us section.

User Rights

As a user, you have specific rights under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Personal Data Protection Act of Indonesia (UU PDP). These rights empower you to exercise control over your personal data and ensure its protection. We are fully committed to respecting and upholding these regulations, providing you with the necessary safeguards and control over your personal data in accordance with the GDPR, CCPA, and UU PDP.

By default, Ryuuzaki Ryuusei enforces GDPR, CCPA, and UU PDP compliance for all its users, regardless of their location or geographical boundaries. These data protection regulations apply globally, without limitation of place, ensuring that every user's personal data is treated with the same level of respect and protection, regardless of where they reside.

To help you better understand and exercise your rights, we have outlined below the specific rights you have under these regulations and the measures we have implemented to respect and protect your privacy.

Right to Opt-Out

The right to opt-out applies globally as the Bot is not authorized to share any personal information of the User with third-party sources for advertising purposes. If you, as a User, desire to remove access to your data using the Bot provider, you can avail of this right by executing the /unregister command and proceed to remove the bot from your server.

Right to Non-Discrimination

In accordance with data protection laws, you have the right to not be discriminated against or penalized for exercising any of your rights listed in this Privacy Policy.

Right to Access, Know, and Data Portability

You have the right to access your personal information. If you wish to exercise this right, please utilize /export data command.

To see information about your data interactively, please utilize /whoami command.

Right to Modify, Rectify, Delete, or Restrict Processing

You have the right to modify and rectify your personal information if it is inaccurate. You also have the right to delete or restrict processing of your personal information. If you wish to exercise any of these rights, please contact the Data Controller in the About Us section.

Please note that certain data is necessary for the Bot to function properly, as outlined in the User Data Collection and Usage section, and deleting or restricting processing of such data may result in the Bot not functioning as expected.

Right to Limit

You have the right to limit the processing of your personal information under certain conditions. If you wish to exercise this right, please contact the Data Controller in the About Us section.

Right to Stop Processing on Your Server

You have the right stop processing of information passed to the bot. If you wish to exercise this right, please contact Data Controller in the About Us section to remove all data related to your server, this will includes members that registered to the bot on your server.

Furthermore, you may also choose to remove the bot from your server which will automatically cause the removal of bot functionality from your server.

Right to Notification

You have the right to receive notifications regarding the clarity of identity, legal basis, purpose, and utilization of your personal data. The requesting party is accountable for providing this information.

Right to Withdraw Consent

You have the right to withdraw your consent for the processing of your personal data concerning yourself. If you wish to exercise this right, please contact the Data Controller as identified in the "About Us" section.

Right to Object to Automated Decisions

You have the right to object to decisions based solely on automated processing that may have significant legal consequences for you. If you wish to exercise this right, please contact the Data Controller as identified in the "About Us" section.

Right to Receive Personal Data in Commonly Used Format

You have the right to receive and use your personal data concerning yourself in a commonly used format, allowing for easy transfer or use. As part of this right, you can make use of the /export data command to obtain your personal data in a format that is commonly used and supported, including JSON (JavaScript Object Notation), YAML (YAML Ain't Markup Language), CSV (Comma-Separated Values), and Python Dict (Dictionary) file formats.

By using the /export data command, Ryuuzaki Ryuusei will automatically generate to provide your personal data in any of these formats, enabling you to conveniently transfer or utilize the data according to your needs.

Prevention of User Data Leakage

Although Ryuuzaki Ryuusei does not have any known data leakage, we cannot assure that there is no data leakage on our service. However, if you happen to identify any data leakage, kindly contact the Data Controller mentioned in the About Us section.

Certain commands such as /whoami and /profile * may display the User's data. This is a deliberate feature and not categorized as data leakage.

To conceal your data from other users, please use the /unregister command instead.

Changes to this Privacy Policy

Privacy policies are subject to periodic changes due to various reasons, such as regulatory updates or changes in service operations. Therefore, we reserve the right to update this Privacy Policy from time to time.

The amended version of the Privacy Policy will be made available on the website at all times, and any changes will be announced on our Discord server. Old versions of the policy may be viewed in the commit history but will not be effective or binding. The continued use of the Services after any modifications to the current policy will indicate your acceptance of the revised clauses. It is important that you periodically review this document to stay informed about our handling of your data.

Disclaimer for Warranty and Liability

Ryuuzaki Ryuusei bot is a free software and provided "as is" and "as available" without any warranty of any kind, either express or implied. The Data Controller does not warrant that the bot will meet your requirements, be uninterrupted, timely, secure or error-free, nor does it warrant that any information obtained through the bot will be accurate or reliable.

Under no circumstances shall the Data Controller be liable for any direct, indirect, incidental, special, exemplary, or consequential damages arising in any way out of the use of this bot. This includes but is not limited to procurement of substitute goods or services, loss of profits, loss of data, or business interruption; regardless of whether the cause of such damages is rooted in contract, strict liability, or tort law (including negligence or otherwise), and even if the possibility of such loss or damage has been disclosed to the Data Controller.