Privacy Policy

Last updated: 29 April 2026

This policy explains what data the tip.cx Discord bot ("the Service") collects, how it's used, and what we do not collect. By using the Service you agree to the practices described here.

1. What we collect

To run a custodial Discord wallet, we record the minimum needed to credit deposits, settle tips and games, and pay out withdrawals. Specifically:

• Discord user ID — a numeric snowflake (e.g. 1481468707426275388). We use this as your identity inside the bot.
• Discord username — cached so logs and tools display human-readable names. Updated whenever we observe a new username for the same ID.
• Wallet addresses — your derived deposit addresses for SOL, LTC, BTC, and ETH, plus the HD index used to derive them.
• Balances and transaction history — internal tip / rain / airdrop / coinflip / connect3 / tictactoe / voice-reward / claim records, plus on-chain deposits and withdrawals.
• Guild and channel IDs for messages the bot interacted with (e.g. the giveaway message id, an active game's message id), so the bot can resume after restart.
• Per-user preferences — for example whether you've opted out of being mentioned ($mention off).
• Voice-reward state — accrued unmuted time per active session, while a voice-reward session is running.

2. What we do NOT collect

• No email addresses, phone numbers, or government IDs. We don't run KYC.
• No message content beyond what's needed to process commands. When you run a command in a channel, the bot reads the command line itself; it doesn't store or log other messages in the channel.
• No IP addresses are stored by us for end users. Discord delivers messages via gateway; we don't have your IP.
• No third-party tracking on this website. No Google Analytics, no Facebook pixel, no third-party cookies. The site is hosted on Netlify; Netlify may log standard server-side request data (IP, user agent) for abuse prevention.
• We don't sell your data. Ever.

3. How we use what we collect

• To credit on-chain deposits to the right user.
• To settle tips, rains, airdrops, games, and withdrawals atomically and recoverably across bot restarts.
• To enforce rate limits (e.g. cooldowns on tips, rains, withdrawals) and prevent abuse.
• To display lifetime stats ($profile, $leaderboard) and recent history ($transactions) to you and to the server.
• To diagnose bugs, investigate user-reported deposits, and operate the Service. Diagnostic logs may include user IDs, command text, transaction IDs, and amounts.
• To DM users about deposits, withdrawal confirmations, claim notices, and (rarely) operator announcements.

4. On-chain data is public

Cryptocurrency transactions are recorded on public blockchains. Your tip.cx deposit address, all incoming deposits, and all outgoing withdrawals are visible to anyone with a block explorer. We have no control over this — it's how cryptocurrency works.

5. Sharing with third parties

• Discord — by definition, since the bot operates inside Discord.
• Public chain RPC providers (CoinGecko, mempool.space, blockstream.info, litecoinspace.org, Helius, publicnode, blastapi, blockchair, blockcypher) — used to query balances, broadcast transactions, and fetch prices. These providers see the deposit addresses we query, transaction IDs we look up, and broadcast tx data. Standard for any non-custodial-key bot.
• Netlify — hosts this website. Standard server-side logs apply.
• We do not share user data with advertisers, marketing platforms, or data brokers.
• We may comply with valid legal process (subpoena, court order) if we receive one, scoped to the data we actually hold (which is what's listed in section 1).

6. Data retention

• Wallet records are retained as long as your tip.cx account is active.
• Transaction history is retained indefinitely so that lifetime stats and reconcile audits remain consistent.
• Diagnostic logs are retained for up to 30 days, then rotated. They may be archived longer for unresolved incidents.
• Database backups are kept for up to 24 hours on the operator host.

7. Your rights

You can:

• Withdraw your balance at any time via $withdraw <coin>.
• Stop receiving DMs by closing DMs from the bot in Discord's privacy settings.
• Request deletion of your tip.cx records by contacting us via the support server. Note: on-chain deposit addresses cannot be deleted from the blockchain (they're public), but we can remove your username cache, transaction history, and Discord-specific records on request after you've withdrawn your balance.
• Request a copy of the data we hold about you, by contacting us via the support server.

For users in the EU/UK, the GDPR/UK GDPR rights of access, rectification, erasure, restriction, portability, and objection apply where we hold personal data about you. Contact us via the support server to exercise them.

8. Children

The Service is not for users under 18. We don't knowingly collect data from children. If you believe a child is using the Service, contact us and we'll remove their records.

9. Security

Funds are held in derived wallets controlled by a master mnemonic stored on the operator host. Database backups are taken hourly. We use HTTPS for all chain RPC calls. We don't run a web app — the Service is exclusively a Discord bot, so the standard web-app attack surface (auth, CSRF, XSS, session theft) doesn't apply.

That said, no system is perfectly secure. We make no guarantee that operator infrastructure cannot be compromised. The Terms of Service describe your remedies in the event of a loss.

10. Changes to this policy

We may update this policy. The "Last updated" date at the top reflects the latest revision. Continued use of the Service after a change constitutes acceptance.

11. Contact

Reach us in the tip.cx Discord support server.

This page is not a substitute for legal advice. If you have specific compliance obligations (GDPR, CCPA, state-level money-transmitter law, etc.), consult counsel.