Last Updated: November 2025
TierSync ("we," "our," or "us") is operated by BuiltByInk. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at tiersync.app (the "Service").
By using TierSync, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described, please do not use our Service.
- Account Information: Email address, password (encrypted), and account preferences
- Payment Information: Processed securely through Stripe; we do not store credit card details
- Discord Credentials: Bot tokens, OAuth access tokens, and refresh tokens (encrypted using AES-256-GCM)
- Configuration Data: Discord server (guild) IDs, role IDs, Stripe webhook secrets, and subscription metadata
- Usage Data: Subscription status, trial periods, payment events, and webhook processing logs
- Technical Data: IP addresses, browser type, device information, and access timestamps
- Session Data: Authentication cookies and session identifiers
- Discord API: Guild membership, role information, and OAuth user data (with your explicit authorization)
- Stripe API: Payment transactions, subscription status, customer information, and webhook events
We use the collected information for the following purposes:
- Service Delivery: To provide Discord role automation, process payments, and manage subscriptions
- Authentication: To verify your identity and maintain secure access to your account
- Payment Processing: To process subscription payments, manage billing cycles, and handle refunds
- Webhook Processing: To receive and process Stripe payment events and automatically grant/revoke Discord roles
- Communication: To send service-related notifications, support responses, and important updates
- Legal Compliance: To comply with applicable laws, regulations, and legal processes
- Service Improvement: To analyze usage patterns, troubleshoot issues, and enhance functionality
Your data is stored in SQLite databases on secure servers. Sensitive information, including:
- Discord bot tokens
- OAuth access tokens and refresh tokens
- Stripe secret keys
- Webhook signing secrets
are encrypted at rest using AES-256-GCM encryption before storage.
We implement industry-standard security measures including:
- Encryption of sensitive credentials using AES-256-GCM
- Secure password hashing using bcrypt
- HTTPS/TLS encryption for all data transmission
- Regular security audits and updates
- Access controls and authentication requirements
- Active Accounts: Data is retained while your account is active and for 30 days after cancellation
- Webhook Events: Processed webhook data is retained for 90 days for audit and troubleshooting purposes
- Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes
TierSync integrates with Discord's API to:
- Authenticate users via OAuth
- Retrieve guild (server) and role information
- Automatically assign or remove roles based on subscription status
Discord's use of your information is governed by Discord's Privacy Policy. TierSync is not affiliated with Discord, Inc.
TierSync uses Stripe for payment processing. Stripe collects and processes:
- Payment card information
- Billing addresses
- Transaction data
- Subscription management data
Stripe's use of your information is governed by Stripe's Privacy Policy. TierSync is not affiliated with Stripe, Inc.
If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights:
To exercise any of these rights, please contact us at the address provided in Section 10.
We use cookies and similar technologies to:
- Maintain your login session
- Remember your preferences
- Analyze service usage
For detailed information about our cookie usage, please see our Cookie Policy.
We do not sell your personal data. We may share your information only in the following circumstances:
- Service Providers: With third-party service providers (Discord, Stripe) necessary to deliver our Service
- Legal Requirements: When required by law, court order, or government regulation
- Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
- Consent: With your explicit consent for any other purpose
Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions where applicable
- Compliance with applicable data protection laws
For privacy-related inquiries, data subject requests, or to exercise your GDPR rights, please contact:
BuiltByInk (TierSync)
Email: support@tiersync.app
Website: https://tiersync.app/legal/support
We will respond to your request within 30 days.
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy on our website
- Updating the "Last Updated" date
- Sending email notifications for significant changes (where applicable)
Your continued use of TierSync after changes become effective constitutes acceptance of the updated Privacy Policy.
TierSync is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
---
*This Privacy Policy is effective as of the date listed above and applies to all users of TierSync.*