We keep this policy plain and honest. HoneyGate collects the minimum data needed to run the service. We do not sell your data. We do not use third-party analytics trackers.
HoneyGate is a Discord bot and web application operated by Apex Studio, a business based in Indianapolis, Indiana, USA. References to "HoneyGate", "we", "our", or "us" in this policy mean Apex Studio and the HoneyGate service at https://honeygate.app.
Contact us at: [email protected]
Mailing address: 8465 Keystone Crossing Suite 115 #1726, Indianapolis, IN 46240
When you log in to the HoneyGate web panel using your Discord account, we receive from Discord:
email scope (we request this for account communications)We store your Discord user ID and username to maintain your session and identify you within guilds where HoneyGate is installed.
HoneyGate's core function is token-gating: verifying that Discord members hold specific NFTs or tokens. When you connect a Solana wallet, we store:
Wallet addresses are public on-chain data. We use them solely to verify your token holdings against gate conditions configured by server administrators.
For servers using the Leveling, Points, or Quest features, we collect:
Payments for HoneyGate Pro are processed entirely by Stripe. We do not store credit card numbers, CVVs, or full payment details on our servers. We store:
Stripe's handling of payment data is governed by Stripe's Privacy Policy.
When the Alt Detection module is enabled by a server administrator, we collect a non-reversible device fingerprint based on browser attributes (user-agent, timezone, screen resolution, fonts) to help identify accounts that may be operated by the same person. This data:
Server administrators configure HoneyGate settings through the web panel. We store all configuration choices (gate conditions, module settings, channel and role IDs) to operate the service.
We maintain operational logs including:
| Data | Purpose |
|---|---|
| Discord user ID / username | Authentication, session management, member identification within guilds |
| Wallet addresses | Verifying token/NFT holdings against gate conditions; role assignment |
| XP / activity data | Calculating levels, populating leaderboards, powering quest completion |
| Billing data | Managing your subscription; detecting payment events |
| Alt fingerprints | Detecting multi-account abuse within a single server (Pro only) |
| Audit logs | Transparency for server admins; security review; dispute resolution |
We do not use your data to train AI or machine-learning models. We do not sell data to advertisers or data brokers.
| Data Category | Retention Period |
|---|---|
| Audit log entries | 180 days, then automatically pruned |
| Webhook delivery records | 30 days, then automatically pruned |
| Wallet verifications | Until you disconnect the wallet or delete your account |
| XP / level / activity data | Until the Discord server removes HoneyGate, or you request deletion |
| Billing records | As required by law (typically 7 years for financial records) |
| Error / operational logs | 30–180 days depending on severity |
We share data with the following third parties only to the extent necessary to operate the service:
We do not share data with any other third parties. We do not use Google Analytics, Meta Pixel, Mixpanel, or any third-party analytics services.
Depending on where you are located, you may have the following rights regarding your personal data:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may ask you to verify your identity before fulfilling a request.
California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete, and the right to non-discrimination. We do not sell personal information as defined by the CCPA. To submit a verifiable request, contact us using the email above.
If you are located in the European Economic Area or the United Kingdom, you may also have the right to lodge a complaint with your local data protection authority. Our lawful bases for processing are: performance of a contract (operating the service you have signed up for), legitimate interests (security, fraud prevention, service improvement), and consent (for optional features such as alt-detection fingerprinting).
We use session cookies solely to maintain your login state. We do not use advertising cookies, tracking pixels, or persistent third-party cookies. You can disable cookies in your browser settings, but this will prevent you from logging in to the web panel.
HoneyGate is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately so we can delete it.
We take reasonable technical and organizational measures to protect your data, including encrypted connections (TLS), hashed tokens, and access controls. No system is perfectly secure. If you discover a security vulnerability, please disclose it responsibly by emailing [email protected].
We may update this Privacy Policy from time to time. Material changes will be communicated to server administrators via the HoneyGate web panel. Continued use of the service after the effective date of a revised policy constitutes acceptance.
Questions or concerns about this policy? Contact:
Apex Studio
[email protected]
8465 Keystone Crossing Suite 115 #1726, Indianapolis, IN 46240