PRISM
  • Home
  • Docs
  • Terms
  • Privacy
  • Dashboard

◈ Legal

Privacy Policy

Effective: January 1, 2025  ·  Last updated: 2026

Contents

  • 1. Overview
  • 2. Data We Collect
  • 3. What We Don't Store
  • 4. How Data Is Used
  • 5. Storage & Encryption
  • 6. Third Parties
  • 7. Retention
  • 8. Your Rights
  • 9. Children
  • 10. Changes
  • 11. Contact
Short version: Prism stores the minimum data needed to work — encrypted OAuth tokens, your Discord user ID, and guild config. Your message content is never stored. Handles are derived live and not persisted. You can delete your data at any time.

01 Overview

This Privacy Policy describes how Prism collects, uses, and protects information when you use the Prism Discord bot and Dashboard at prism.officialchaos.com. We are committed to a minimal-data philosophy: we only store what is strictly necessary to operate the service.

02 Data We Collect

DataWhy StoredHow Stored
Discord User IDSession authentication and permission scopingPlaintext (non-sensitive identifier)
Discord Guild IDScoping platform connections per serverPlaintext (non-sensitive identifier)
OAuth Access TokensPublishing to platforms on your behalfAES-256-GCM encrypted at rest
OAuth Refresh TokensMaintaining long-lived connectionsAES-256-GCM encrypted at rest
Minds UsernameRequired by Minds API for authenticationAES-256-GCM encrypted at rest
Nostr Public KeyDerived locally from nsec; stored for status displayPlaintext (public key — not a secret)
Mirror Channel IDRouting publish logs to your Discord channelPlaintext (non-sensitive identifier)
Guild Permission RolesControlling which roles can use PrismPlaintext JSON in guild_permissions table
Session DataMaintaining logged-in state in DashboardServer-side sessions via connect-pg-simple

03 What We Do Not Store

  • Message content — processed in memory at publish time, immediately discarded
  • Social handles — derived live from each platform's API; not persisted
  • Post history or analytics — Prism does not log what you posted or when
  • Nostr private keys (nsec) — used only in-browser; never transmitted to our servers
  • Payment details — handled entirely by Stripe; we receive no card data

04 How Data Is Used

We use data exclusively to provide the Prism service. OAuth tokens are decrypted in memory at publish time only. We do not use your data for advertising, profiling, or AI model training.

05 Storage & Encryption

  • Algorithm: AES-256-GCM
  • IV: 12-byte randomly generated per token
  • Auth tag: 128-bit
  • Keys: Environment variables only — never written to disk or database

Database: Hosted on dedicated infrastructure. Access restricted to the application process only.

06 Third-Party Services

ServicePurposeData Shared
DiscordAuthentication and bot platformDiscord OAuth flow
StripePayment processingBilling info only — no card data received by us
Groq / OllamaAI content rewritingMessage text sent for transformation only
NeynarFarcaster managed signersFarcaster signer approval flow
Social platformsPublishing contentOAuth token used to authenticate per publish action

We do not sell, rent, or share your data with any third party for marketing purposes.

07 Data Retention

  • On disconnecting a platform — associated token deleted immediately
  • On removing the bot — guild data purged within 30 days
  • On deletion request — all data deleted within 30 days of verified request

Session data expires after 24 hours of inactivity.

08 Your Rights

👁
Access

Request a copy of the data we hold about you

✏️
Correction

Request correction of inaccurate data

🗑️
Deletion

Request deletion of your data

🚫
Objection

Object to processing in certain circumstances

📦
Portability

Request your data in a machine-readable format

⏸️
Restriction

Request restriction while a dispute is resolved

Email legal@prism.officialchaos.com — we respond within 30 days.

09 Children's Privacy

Prism is not directed at children under 13. We do not knowingly collect data from children. Contact legal@prism.officialchaos.com if you believe a child has provided data.

10 Changes to This Policy

Material changes will be reflected in the "Last updated" date above. Continued use after changes constitutes acceptance.

11 Contact

Privacy & Legal legal@prism.officialchaos.com Response time Within 30 days

See also: Terms of Service

PRISM
  • Home
  • Documentation
  • Terms of Service
  • Privacy Policy
  • Contact

© 2026 Prism · officialchaos.com