Data Processing Agreement
1. Purpose and Scope
This Data Processing Agreement ("DPA") forms part of the Terms of Service between Guardiobot (the "Processor") and any server administrator or organisation using the Service (the "Controller"). It governs the processing of personal data by Guardiobot on behalf of the Controller in connection with the provision of the Service.
This DPA is required under Article 28 of the UK GDPR, which mandates that processing by a processor on behalf of a controller must be governed by a binding contract.
By using the Service, you agree to the terms of this DPA. No separate signature is required.
Note on dual roles: In many cases, Guardiobot acts as an independent data controller — not a processor — for data processed through the Service. See Section 3 for a detailed explanation of the parties' respective roles.
2. Definitions
Terms used in this DPA have the meanings given in the UK GDPR and Data Protection Act 2018. In particular:
- "Controller" means the server administrator or organisation that determines the purposes and means of processing personal data within their Discord server or Roblox experience
- "Processor" means Guardiobot, acting on the Controller's instructions to provide moderation and safety services
- "Personal Data" means any information relating to an identified or identifiable natural person processed in connection with the Service
- "Processing" has the meaning given in the UK GDPR — any operation performed on personal data
- "Sub-Processor" means any third party engaged by Guardiobot to process personal data in connection with the Service
3. Roles of the Parties
3.1 Where Guardiobot acts as a Processor
Where a server administrator configures specific content filter rules, detection thresholds, or enforcement actions for their server, Guardiobot processes data in accordance with those instructions. In this context, the server administrator is the Controller and Guardiobot is the Processor.
3.2 Where Guardiobot acts as an independent Controller
For the following processing activities, Guardiobot acts as an independent data controller — not a processor — because the purposes and means of processing are determined by Guardiobot, not the server administrator:
- Cross-server ban enforcement and the Guardiobot network
- User risk classification (Class A through D) across the network
- CSAM detection and mandatory reporting to the NCMEC CyberTipline
- Volunteer operations, credentials, and dashboard access
- Subscription and payment processing
For these activities, the Privacy Policy governs processing. This DPA does not apply.
3.3 Practical implication
Where you configure Guardiobot to detect specific keywords, set enforcement thresholds, or adjust detection rules for your server, you are exercising control over how data about your community members is processed. This makes you a Controller for those processing activities and you must have a lawful basis under UK GDPR to process your members' data in that way.
4. Details of Processing
Subject matter
Automated moderation and content detection services for the Controller's Discord server or Roblox experience.
Duration
For the duration of the Controller's use of the Service, until the bot is removed or access is terminated.
Nature and purpose
Processing message content, user identifiers, and server activity data to detect policy violations, take enforcement action, and generate moderation records — in accordance with the Controller's configured settings.
Types of personal data
- Discord user IDs and Roblox usernames
- Message content and metadata
- Server activity data (joins, leaves, moderation events)
- Moderation action records
Categories of data subjects
Members of the Controller's Discord server or Roblox experience.
5. Obligations of the Processor
Guardiobot, as Processor, shall:
- Process personal data only on the documented instructions of the Controller, except where required to do so by law (in which case we will notify the Controller unless prohibited by law)
- Ensure that persons authorised to process personal data are bound by appropriate confidentiality obligations
- Implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, as described in our Security Policy
- Not engage sub-processors without the Controller's prior general or specific authorisation
- Assist the Controller in responding to data subject rights requests, to the extent possible given the nature of the processing
- Assist the Controller in meeting its obligations under Articles 32–36 of the UK GDPR (security, breach notification, DPIAs)
- Delete or return personal data at the end of the service relationship, in accordance with Section 12
- Make available to the Controller all information necessary to demonstrate compliance with Article 28 UK GDPR
6. Obligations of the Controller
The Controller shall:
- Ensure it has a valid lawful basis under UK GDPR for any processing it directs Guardiobot to perform on its behalf
- Provide any notices to data subjects required under Articles 13 and 14 of the UK GDPR regarding processing of their data by Guardiobot
- Comply with all applicable data protection law in connection with its use of the Service
- Not instruct Guardiobot to process personal data in a way that would violate applicable law or these Terms
- Promptly inform Guardiobot of any instruction that it believes may breach data protection law
7. Sub-Processors
The Controller provides general authorisation for Guardiobot to engage the following categories of sub-processors in connection with provision of the Service:
- External safety API providers (Roblox user risk scoring, VPN and proxy detection, URL safety)
- Payment processors
Guardiobot will notify Controllers of any intended changes to sub-processors by updating the Privacy Policy and, where reasonably practicable, providing direct notice. Controllers who object to a new sub-processor may terminate their use of the Service.
Guardiobot remains responsible to the Controller for the performance of sub-processors' obligations under UK GDPR.
8. Data Subject Rights
Where Guardiobot receives a data subject rights request relating to personal data processed on behalf of a Controller, we will:
- Notify the Controller promptly
- Not respond to the request directly unless instructed to by the Controller or required to by law
- Provide the Controller with reasonable assistance in fulfilling the request
Data subjects wishing to exercise rights in relation to processing for which Guardiobot acts as an independent Controller (see Section 3.2) should contact us directly at legal@guardiobot.org or submit a request through your Guardiobot dashboard.
9. Security
Guardiobot implements appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Details of our security measures are described in our Security Policy.
The Controller is responsible for the security of their own Discord server or Roblox experience, including access controls and the behaviour of their server members.
10. Data Breaches
In the event of a personal data breach affecting data processed on behalf of the Controller, Guardiobot will notify the Controller without undue delay — and in any event within 72 hours of becoming aware — providing:
- A description of the nature of the breach
- The categories and approximate number of data subjects and records affected
- The likely consequences of the breach
- The measures taken or proposed to address the breach
The Controller is responsible for determining whether to notify the ICO and affected data subjects under UK GDPR Articles 33 and 34.
11. Data Transfers
Some sub-processors are based outside the UK or EEA. Where personal data is transferred internationally, Guardiobot ensures that appropriate safeguards are in place in accordance with UK GDPR Chapter V, including adequacy decisions and standard contractual clauses where applicable. Details of international transfers are set out in the Privacy Policy.
12. Retention and Deletion
Upon termination of the service relationship (e.g. removal of the bot from a server), Guardiobot will delete or anonymise personal data processed on behalf of that Controller in accordance with the retention periods set out in the Privacy Policy, unless longer retention is required by law.
Certain data — such as records maintained for cross-network enforcement or legal reporting obligations — may be retained by Guardiobot acting as an independent Controller beyond the end of the service relationship. This data is not subject to deletion instructions from the Controller.
13. Termination
This DPA terminates automatically when the Controller's use of the Service ends. Obligations of confidentiality and data protection survive termination. Guardiobot's obligations as Processor continue until all personal data processed under this DPA has been deleted or returned in accordance with Section 12.
14. Liability
Each party's liability under this DPA is subject to the limitations set out in the Terms of Service. Nothing in this DPA limits either party's liability for death or personal injury caused by negligence, fraud, or any other liability that cannot lawfully be excluded.
Where both parties are responsible for a data protection breach, liability between them shall be apportioned according to their respective degree of responsibility for the damage caused, as provided for in UK GDPR Article 82.
15. Contact
For data protection enquiries relating to this DPA:
Guardiobot
Data protection: legal@guardiobot.org