Privacy Policy

Last updated: January 9, 2026

1. Introduction

This Privacy Policy explains how MYR WEBOPS LIMITED ("we", "us", "our") collects, uses, and protects your personal data when you use our Ticket Transcripts service ("Service"). We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller & Data Processor

Data Controller:
MYR WEBOPS LIMITED
Company Number: 15868430
Registered in England and Wales
Email: privacy@myr-gruppe.de

Data Processor (Payment & Transactions):
MYR Creative GmbH
Hanauer Landstraße 204
60314 Frankfurt am Main, Germany
Email: legal@myr-creative.com

3. Data We Collect

When you use our Service, we collect the following data:

3.1 Data from Discord OAuth

  • Discord User ID: Your unique Discord identifier
  • Username: Your Discord username
  • Avatar: Your Discord profile picture URL
  • Guild memberships: List of Discord servers you are a member of (to verify access rights)

3.2 Session Data

  • Session ID: A unique identifier for your login session
  • Session expiry: Timestamp when your session expires

3.3 Ticket Data

  • Messages: Text content of messages in tickets you created
  • Attachments: Files uploaded to your tickets (stored encrypted)
  • Metadata: Timestamps, message IDs, ticket status

4. Purpose of Data Processing

We process your data for the following purposes:

  • Authentication: To verify your identity and grant access to your transcripts
  • Service provision: To display your ticket transcripts and attachments
  • Access control: To ensure you can only access your own tickets
  • Security: To protect against unauthorized access and abuse

5. Legal Basis for Processing

We process your personal data based on:

  • Contract performance (Art. 6(1)(b) GDPR): Processing is necessary to provide the Service you requested
  • Legitimate interests (Art. 6(1)(f) GDPR): For security measures and fraud prevention
  • Consent (Art. 6(1)(a) GDPR): For optional cookies (if applicable)

6. Data Storage and Retention

Your data is stored as follows:

  • Session data: Stored for 7 days, then automatically deleted
  • Ticket transcripts: Stored as long as your Discord account exists and you have access to the associated server
  • Attachments: Stored encrypted using AES-256-GCM encryption

Data is stored on servers located in the European Union and/or with providers that comply with GDPR requirements.

7. Cookies

We use the following cookies:

7.1 Essential Cookies

Cookie Name Purpose Duration
transcript_session Maintains your login session 7 days
cookie_consent Stores your cookie consent preference 1 year

Essential cookies are necessary for the Service to function and cannot be disabled.

8. Data Sharing

We do not sell your personal data. We may share your data with:

  • Service providers: Hosting providers (Vercel, Cloudflare R2) who process data on our behalf
  • Legal authorities: When required by law or to protect our rights

All service providers are bound by data processing agreements ensuring GDPR compliance.

9. Your Rights

Under GDPR, you have the following rights:

  • Right of access (Art. 15): Request a copy of your personal data
  • Right to rectification (Art. 16): Request correction of inaccurate data
  • Right to erasure (Art. 17): Request deletion of your data ("right to be forgotten")
  • Right to restriction (Art. 18): Request limitation of data processing
  • Right to data portability (Art. 20): Receive your data in a machine-readable format
  • Right to object (Art. 21): Object to processing based on legitimate interests
  • Right to withdraw consent (Art. 7(3)): Withdraw consent at any time

To exercise these rights, contact us at privacy@myr-gruppe.de.

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • HTTPS encryption for all data transmission
  • AES-256-GCM encryption for stored attachments
  • Secure session management with HttpOnly cookies
  • Regular security audits and updates
  • Access controls and authentication

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission

12. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

14. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Germany, you can contact your state's data protection authority or:

Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Graurheindorfer Str. 153
53117 Bonn
Germany

15. Contact

For any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@myr-gruppe.de