HoneyGate ← Back to HoneyGate

Privacy Policy

Effective date: June 11, 2026 · Apex Studio · Indianapolis, Indiana, USA

We keep this policy plain and honest. HoneyGate collects the minimum data needed to run the service. We do not sell your data. We do not use third-party analytics trackers.

1. Who We Are

HoneyGate is a Discord bot and web application operated by Apex Studio, a business based in Indianapolis, Indiana, USA. References to "HoneyGate", "we", "our", or "us" in this policy mean Apex Studio and the HoneyGate service at https://honeygate.app.

Contact us at: [email protected]
Mailing address: 8465 Keystone Crossing Suite 115 #1726, Indianapolis, IN 46240

2. What Data We Collect

2.1 Discord Account Data (via OAuth2 Login)

When you log in to the HoneyGate web panel using your Discord account, we receive from Discord:

We store your Discord user ID and username to maintain your session and identify you within guilds where HoneyGate is installed.

2.2 Solana Wallet Addresses

HoneyGate's core function is token-gating: verifying that Discord members hold specific NFTs or tokens. When you connect a Solana wallet, we store:

Wallet addresses are public on-chain data. We use them solely to verify your token holdings against gate conditions configured by server administrators.

2.3 XP, Level, and Activity Data

For servers using the Leveling, Points, or Quest features, we collect:

2.4 Billing Data (Pro Tier)

Payments for HoneyGate Pro are processed entirely by Stripe. We do not store credit card numbers, CVVs, or full payment details on our servers. We store:

Stripe's handling of payment data is governed by Stripe's Privacy Policy.

2.5 Alt-Detection Fingerprint Data (Pro Feature)

When the Alt Detection module is enabled by a server administrator, we collect a non-reversible device fingerprint based on browser attributes (user-agent, timezone, screen resolution, fonts) to help identify accounts that may be operated by the same person. This data:

2.6 Server Configuration Data

Server administrators configure HoneyGate settings through the web panel. We store all configuration choices (gate conditions, module settings, channel and role IDs) to operate the service.

2.7 Audit and Operational Logs

We maintain operational logs including:

3. How We Use Your Data

DataPurpose
Discord user ID / usernameAuthentication, session management, member identification within guilds
Wallet addressesVerifying token/NFT holdings against gate conditions; role assignment
XP / activity dataCalculating levels, populating leaderboards, powering quest completion
Billing dataManaging your subscription; detecting payment events
Alt fingerprintsDetecting multi-account abuse within a single server (Pro only)
Audit logsTransparency for server admins; security review; dispute resolution

We do not use your data to train AI or machine-learning models. We do not sell data to advertisers or data brokers.

4. Data Retention

Data CategoryRetention Period
Audit log entries180 days, then automatically pruned
Webhook delivery records30 days, then automatically pruned
Wallet verificationsUntil you disconnect the wallet or delete your account
XP / level / activity dataUntil the Discord server removes HoneyGate, or you request deletion
Billing recordsAs required by law (typically 7 years for financial records)
Error / operational logs30–180 days depending on severity

5. Who We Share Data With

We share data with the following third parties only to the extent necessary to operate the service:

We do not share data with any other third parties. We do not use Google Analytics, Meta Pixel, Mixpanel, or any third-party analytics services.

6. Your Rights

Depending on where you are located, you may have the following rights regarding your personal data:

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may ask you to verify your identity before fulfilling a request.

6.1 California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete, and the right to non-discrimination. We do not sell personal information as defined by the CCPA. To submit a verifiable request, contact us using the email above.

6.2 EEA / UK Residents (GDPR)

If you are located in the European Economic Area or the United Kingdom, you may also have the right to lodge a complaint with your local data protection authority. Our lawful bases for processing are: performance of a contract (operating the service you have signed up for), legitimate interests (security, fraud prevention, service improvement), and consent (for optional features such as alt-detection fingerprinting).

7. Cookies and Local Storage

We use session cookies solely to maintain your login state. We do not use advertising cookies, tracking pixels, or persistent third-party cookies. You can disable cookies in your browser settings, but this will prevent you from logging in to the web panel.

8. Children's Privacy

HoneyGate is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately so we can delete it.

9. Security

We take reasonable technical and organizational measures to protect your data, including encrypted connections (TLS), hashed tokens, and access controls. No system is perfectly secure. If you discover a security vulnerability, please disclose it responsibly by emailing [email protected].

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to server administrators via the HoneyGate web panel. Continued use of the service after the effective date of a revised policy constitutes acceptance.

11. Contact

Questions or concerns about this policy? Contact:
Apex Studio
[email protected]
8465 Keystone Crossing Suite 115 #1726, Indianapolis, IN 46240