Arden Systems is a UK-based provider of custom Discord bot development, preset bot hosting, and related services. We operate the website at arden-systems.co.uk and its subdomains, the Arden Systems Discord server, and associated hosted infrastructure.
For the purposes of applicable data protection legislation (including the UK General Data Protection Regulation and the Data Protection Act 2018), Arden Systems acts as the data controller for personal information collected through our platforms. You can contact us via our Discord server at discord.gg/NGpmHrw9Eu.
We collect different categories of data depending on how you interact with us:
| Data Type | What We Collect | Source |
|---|---|---|
| Discord Identity | Discord user ID, username, avatar, email address (where authorised via OAuth2) | Discord OAuth2 login |
| Bot Panel Account | Discord user ID linked to a hosted bot, bot configuration files, file contents uploaded to panel | Panel registration & file editor |
| Order Information | Discord user ID, order details, service tier, delivery notes, payment confirmation (no card data stored) | Ticket system & orders portal |
| Support Tickets | Discord user ID, ticket transcripts, messages exchanged with staff | Discord ticket bot |
| Usage Data | Bot command usage, server IDs, channel IDs, role IDs, timestamps | Our hosted Discord bots |
| Server Logs | IP address, access timestamps, HTTP request paths, error logs | Web server (nginx) logs |
| Database Credentials | MariaDB usernames and generated passwords for bot database access | Admin panel database provisioning |
Service Delivery (Contractual Necessity). Providing, operating, and maintaining your hosted bot, processing your orders, managing your panel account, and delivering support via the ticket system.
Identity Verification (Legitimate Interest). Verifying that users accessing the hosting panel and admin interfaces are authorised. We use Discord OAuth2 to authenticate users and check their roles in our server at regular intervals to ensure access permissions remain accurate.
Security & Abuse Prevention (Legitimate Interest). Monitoring for misuse of our bots or panel, enforcing our Terms of Service, detecting and responding to technical errors, and maintaining server logs for diagnostic purposes.
Service Communications (Contractual Necessity / Legitimate Interest). Sending notifications relevant to your services — including bot offline alerts, hosting reminders, scheduled announcements, and order status updates — via Discord direct message.
Record Keeping (Legal Obligation). Retaining records of transactions and support interactions as required by applicable law.
We do not sell, rent, or trade your personal data to any third party. We share data only in the following limited circumstances:
Discord, Inc. Our services are built on the Discord platform. By using Discord and our bots, you are also subject to Discord's Privacy Policy. We access your Discord identity data through their OAuth2 API solely to authenticate you and personalise your experience.
Hosting Infrastructure. Our services run on third-party server infrastructure. Provider systems may have access to server logs. We ensure our providers maintain appropriate security standards.
Legal Requirements. We may disclose your data if required to do so by law, court order, or governmental authority, or where we believe disclosure is necessary to protect our legal rights or the safety of others.
Business Transfers. In the unlikely event of a sale or transfer of our business, your data may be transferred as part of that transaction. We will notify you via our Discord server in advance if this occurs.
Active Accounts. Panel account data, bot configuration files, and database credentials are retained for as long as you are an active customer.
After Service Termination. Following termination of a hosting subscription or order, we retain minimal records (order reference, Discord user ID) for up to 12 months for dispute resolution and legal compliance purposes, after which they are deleted.
Ticket Transcripts. Support ticket transcripts may be retained for up to 12 months to assist with follow-up support and quality assurance, after which they are deleted.
Server Logs. Web server access logs are retained for up to 30 days for security and diagnostic purposes.
You may request earlier deletion of your data — see Section 7 for your rights.
Encrypted Connections. All web traffic between you and our services is encrypted using TLS (HTTPS). Access to panel interfaces requires authenticated Discord OAuth2 sessions.
Access Controls. Administrative interfaces are protected by role-based access controls. Staff access is limited to what is necessary to perform their duties. Role permissions are verified against Discord at regular intervals — removing someone from a staff role revokes their access automatically.
Database Security. Hosted databases use per-user credentials with access scoped to the relevant database only. Credentials are stored in secured configuration files with restricted filesystem permissions.
No system is perfectly secure. If you believe your data has been compromised, please contact us immediately via our Discord server.
Under UK data protection law, you have the following rights regarding your personal data:
Right of Access. You may request a copy of the personal data we hold about you.
Right to Rectification. You may ask us to correct inaccurate data we hold about you.
Right to Erasure. You may request deletion of your personal data where we have no overriding legal obligation to retain it.
Right to Restriction. You may ask us to restrict how we process your data in certain circumstances.
Right to Data Portability. You may request a machine-readable copy of data you provided to us.
Right to Object. You may object to processing based on legitimate interests.
To exercise any of these rights, contact us via a support ticket in our Discord server at discord.gg/NGpmHrw9Eu. We will respond within 30 days. If you are dissatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
Our main website does not use tracking or advertising cookies. We use a single session cookie solely to maintain your authenticated session when you are logged in to the bot hosting panel or admin panel. This cookie is strictly necessary for the operation of the service and does not track you across other websites.
Third-party services embedded or linked from our platform (such as Discord's OAuth2) may set their own cookies in accordance with their own privacy policies.
Our services are not directed at children under the age of 13, and we do not knowingly collect personal data from children under 13. Use of our services is also subject to Discord's minimum age requirements. If you believe a child has provided us with personal data, please contact us and we will take steps to delete the information promptly.
We may update this Privacy Policy from time to time to reflect changes in our services or legal requirements. When we do, we will update the "Last updated" date at the top of this page and, for material changes, post a notice in our Discord server. Continued use of our services after an update constitutes acceptance of the revised policy.
For any questions, concerns, or data rights requests relating to this Privacy Policy, please open a support ticket in our Discord server:
Discord: discord.gg/NGpmHrw9Eu
Website: arden-systems.co.uk
We aim to respond to all queries within 5 business days.