Privacy Policy
Last updated: June 25, 2026
This Privacy Policy explains how Veil, a Discord bot and web dashboard service, processes information when you use the bot, dashboard, public website, OAuth login, ticket system, moderation tools, logging, music features and temporary upload tools.
1. Who this policy applies to
This policy applies to Discord users, server administrators, dashboard users and visitors of Veil web pages such as veil.autos. It covers the Veil bot, the dashboard, public pages, OAuth login flow, support links and temporary upload features.
2. Information Veil may process
Server IDs, user IDs, role IDs, channel IDs, category IDs, message IDs, invite codes and interaction IDs.
Username, display name, discriminator when available, avatar URL, server membership and permissions needed for dashboard access.
Module settings, selected language, channels, roles, categories, permission choices, ticket setup, automod rules, log routing and dashboard preferences.
Command usage, moderation cases, warnings, punishments, reports, suggestions, tickets, transcript metadata, leveling data and music queue state.
OAuth session metadata, JWT authentication cookie, legacy panel username and bcrypt password hash if legacy login is used.
IP address, user agent, request path, timestamps, rate-limit state, upload metadata and server logs needed for security and abuse prevention.
3. Why Veil processes data
- To provide moderation, automod, anti-nuke, logging, tickets, leveling, music, welcome messages, reaction roles and server utilities.
- To let authorized administrators configure each server through the web dashboard.
- To verify dashboard access through Discord OAuth and server permissions.
- To maintain security, prevent abuse, rate-limit login attempts and investigate errors.
- To preserve server-specific settings, audit trails and owner-managed premium or bot identity settings.
Veil does not sell personal data and does not use personal data for third-party advertising.
4. Cookies and local storage
The dashboard uses essential cookies for authentication. The main cookie is usually authToken, which contains a signed JWT session token and is set as HttpOnly. Discord OAuth may also use a temporary state cookie during login.
Local storage may store interface preferences such as language, selected guild, UI state or cookie consent. These values are used to improve the dashboard experience and are not advertising cookies.
5. Discord OAuth
When you log in through Discord, Veil uses Discord OAuth to identify your Discord account and list servers where you have management permissions. Veil uses this information to show either an Add bot action or a Dashboard action for eligible servers.
Veil does not ask for your Discord password. Authentication is handled by Discord.
6. Tickets, logs and moderation records
If a server enables tickets, logging or moderation modules, Veil may process ticket messages, ticket metadata, closure reasons, transcripts, warnings, moderation action reasons, deleted/edited message metadata and related staff actions. These records are controlled by the server configuration and should be routed only to trusted staff channels.
7. Music and third-party platforms
Music features may process search queries, track URLs, track titles, requester IDs, voice channel IDs and queue state. Playback can depend on external platforms such as YouTube or other providers. Veil does not control third-party platform availability or their privacy practices.
8. Temporary uploads
If temporary uploads are used, Veil may process file name, size, MIME type, upload timestamp, download state and related metadata. Temporary uploads are intended to expire automatically according to service configuration.
9. Data sharing
Veil may share data only in limited cases:
- With Discord, because the bot operates through Discord APIs.
- With server administrators and staff when logs, tickets or dashboard pages are configured for that server.
- With infrastructure providers that host the website, bot, database or logs.
- When required to comply with law, protect the service, investigate abuse or enforce these terms.
10. Data retention
Retention depends on module configuration. Server configuration, logs, moderation records, ticket metadata, transcripts and dashboard audit entries may remain until removed by an authorized administrator, cleaned by retention settings, or deleted during a server removal request. Temporary uploads are intended to expire automatically.
11. Security
- Panel passwords are stored as bcrypt hashes when legacy login is used.
- Dashboard sessions use signed JWT cookies.
- OAuth access is scoped to Discord accounts and manageable guilds.
- Config data is separated by Discord server ID.
- Login and upload routes may use rate limits to reduce abuse.
No online service is perfectly secure. Administrators should keep bot tokens, dashboard secrets and server access private.
12. User and administrator choices
- Server administrators can disable modules, change logging channels, remove selected data and remove the bot from the server.
- Users can ask their server administrators about data processed inside that server.
- For full deletion requests, provide the Discord server ID, user ID when relevant and the requested scope.
13. Children and age requirements
Veil is intended for Discord users who are allowed to use Discord under Discord's own terms and local law. Server owners are responsible for running their communities appropriately.
14. Changes to this policy
This policy may be updated as Veil changes. The updated version will be posted on this page with a new last-updated date.
15. Contact
For questions, join the support Discord or contact the administrator of the Discord server where Veil is installed.