Legal
This Privacy Policy describes how Timely ("the bot", "we") collects, uses, and stores data when you interact with it on Discord. We are committed to handling your data responsibly and only collecting what is strictly necessary for the bot to function.
When you use Timely, the following data is stored in a self-hosted database:
| Data | Purpose |
|---|---|
| Discord User ID | Identifying appointment requesters and participants |
| Discord Guild (Server) ID | Associating panels and appointments with a server |
| Discord Channel ID | Storing the channel a panel is posted in |
| Discord Message ID | Tracking DMs sent by the bot for automatic deletion after 7 days |
| Appointment title & description | Provided by the user when creating an appointment request |
| Proposed time slots & timezone | Provided by the user during the scheduling process; the event timezone is stored alongside the selected time slots |
| Availability votes | Submitted by participants to indicate which time slots work for them |
| Personal timezone preference | Voluntarily set by the user via /timely timezone; stored as an IANA timezone name (e.g. Europe/Berlin) to display appointment times in the user's local time |
We do not collect:
The personal timezone preference (set via /timely timezone) is optional. It is stored as a standardised IANA timezone identifier and may indirectly indicate a user's approximate geographic region. This data is not shared with third parties and is used solely to convert appointment times into the user's preferred local display format.
Legal basis (GDPR): The processing of timezone preference data is based on Art. 6(1)(a) GDPR (consent), as the user actively and voluntarily provides this information by executing the command. Alternatively, Art. 6(1)(f) GDPR (legitimate interest) applies where the bot is operated for internal organisational scheduling purposes.
Timely includes an optional web-based admin dashboard. If the dashboard is enabled by a server administrator, the following additional data may be processed:
| Data | Purpose |
|---|---|
| Discord User ID | Identifying admin accounts and pending access requests |
| Discord username | Displaying the user's name in the admin interface |
| Discord avatar hash | Displaying the user's profile picture in the admin interface |
| Access request timestamp | Recording when a login attempt was made |
| Access approval status | Recording whether a request was approved, denied, or is pending |
| API key hash (SHA-256) | Authenticating external applications via the REST API; the raw key is never stored |
| Session cookie | Maintaining the logged-in state during a browser session (signed, stored client-side) |
| Guild membership & permissions | Retrieved via OAuth2 guilds scope at login to determine whether a user qualifies as a Guild Admin; not stored in the database beyond the session cookie |
Discord OAuth2: The dashboard uses Discord's OAuth2 authentication with the identify and guilds scopes. The identify scope retrieves the user's ID, username, and avatar. The guilds scope retrieves the list of Discord servers the user belongs to and their permission flags within each server. This information is used exclusively to determine the appropriate access level (Timely Admin or Guild Admin) and is stored only in the signed session cookie for the duration of the browser session — it is not written to the database. No email address or message content is accessed.
The OAuth flow uses prompt=consent, which means Discord will ask the user to re-authorise the requested scopes on every login. This ensures the bot always has an up-to-date view of the user's server memberships.
Legal basis (GDPR): Processing of dashboard user data is based on Art. 6(1)(f) GDPR (legitimate interest in securing the administrative interface to an installed bot) and, for voluntarily added admin accounts, Art. 6(1)(a) GDPR (consent). The temporary processing of guild membership data via the guilds scope is based on Art. 6(1)(f) GDPR (legitimate interest in restricting dashboard access to authorised server administrators only). Access attempt records serve the legitimate interest of the server administrator in auditing who has attempted to access the administrative interface.
Retention: Admin account data and access request records are retained until explicitly deleted by an administrator via the dashboard or manage.py revoke-admin. Session cookies expire when the browser session ends. API key hashes are deleted immediately when a key is revoked.
The admin dashboard is an internal tool operated solely by the server administrator. End users of the Discord bot do not interact with the dashboard and their data is not additionally processed by it.
Data is used exclusively to provide the scheduling functionality of Timely:
/timely restore command (which replaces all data) or a server-level database reset.We do not sell, trade, or share your data with any third parties. Data is stored exclusively in a self-hosted database controlled by the server administrator.
When a confirmed appointment is sent via DM, the message contains an optional "Add to Google Calendar" button. Clicking this button opens a URL on calendar.google.com with the appointment title, date, and description pre-filled as URL parameters. By clicking the button, this data is transmitted to Google's servers. Timely does not store any Google account information and has no access to your Google Calendar. Use of this feature is entirely voluntary. Google's own Privacy Policy applies to any interaction with Google services.
Timely stores data in a PostgreSQL database hosted in Germany, European Union. All data processing takes place within the EU and is subject to the General Data Protection Regulation (GDPR).
Security practices include strong access controls, encrypted connections, and regular backups. We recommend that any self-hosted instances follow the same standards.
Depending on your jurisdiction, you may have the following rights regarding your personal data:
/timely timezone set:<timezone>./timely timezone set:clear. For all other data (User IDs, appointment history), please contact the administrator of the Discord server you are using Timely on.To exercise these rights, please contact the administrator of the Discord server you are using Timely on, or open an issue on the GitHub repository.
Timely is not directed at children under the age of 13. We do not knowingly collect data from children. If you believe a child has submitted data through the bot, please contact us so it can be removed.
This Privacy Policy may be updated at any time. The date at the top of this document reflects the most recent revision. Continued use of the bot after changes are published constitutes acceptance of the updated policy.
For privacy-related questions or requests, please open an issue on the GitHub repository.