bests.lolBeta
Back

Privacy Policy

Last updated: 22 January 2026

Introduction

We collect and use your data to provide bests.lol. This policy explains what we collect, how we use it, and your rights.

2. Information We Collect

When you use bests.lol, we collect the following types of information:

2.1 Account Information

  • Discord Authentication: Username, email address, avatar, Discord user ID, and discriminator when you sign in with Discord
  • Google Authentication: Name, email address, profile picture, and Google user ID when you sign in with Google

2.2 Profile Information

  • Username, display name, and bio that you provide
  • Social media links (65+ platforms supported) and custom website links you add to your profile
  • Background images, videos, GIFs, and audio files you upload
  • Profile customization preferences (colors, themes, layouts, username effects)

2.3 Usage and Analytics Data

  • Profile view counts and visitor analytics
  • Link click tracking and interaction metrics
  • Referrer information (where visitors came from)
  • Geographic location data (country/region level, not precise location)
  • Device and browser information

2.4 Technical and Security Data

  • IP addresses for security, fraud prevention, and rate limiting
  • Browser type, version, and user agent strings
  • Device information (operating system, screen resolution)
  • Cookies and session tokens for authentication
  • Activity logs for security monitoring and abuse prevention

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and maintain the Service: Create and manage your profile, display your content, and enable core functionality
  • Authentication and security: Verify your identity, prevent unauthorized access, and protect against fraud and abuse
  • Analytics and insights: Generate profile performance metrics, visitor statistics, and engagement analytics for your dashboard
  • Service improvement: Analyze usage patterns, identify bugs, and improve user experience and platform performance
  • Communication: Send important service updates, security alerts, and respond to your inquiries
  • Legal compliance: Comply with legal obligations, enforce our Terms of Service, and respond to legal requests

4. Information Sharing and Disclosure

We respect your privacy and do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

  • With your explicit consent: When you authorize us to share specific information
  • Public profile information: Your username, bio, social links, and background media are publicly visible to anyone who visits your profile URL
  • Service providers: We use third-party services like Cloudinary for media hosting and MongoDB for database storage - these providers are bound by strict confidentiality agreements
  • Legal requirements: When required by law, court order, or government request
  • Protection of rights: To protect our rights, property, safety, or the rights of our users and the public
  • Business transfers: In connection with a merger, acquisition, or sale of assets (you will be notified of any such change)

5. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

  • Encryption: All data transmission is encrypted using HTTPS/TLS protocols
  • Secure storage: Data is stored in secure, encrypted databases with access controls
  • Authentication: OAuth 2.0 authentication through Discord and Google for secure login
  • Access controls: Limited employee access to personal data on a need-to-know basis
  • Regular audits: Periodic security audits and vulnerability assessments
  • Monitoring: Continuous monitoring for suspicious activity and potential security threats

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Update

You can access and update your profile information at any time through your account settings.

6.2 Data Export

You can request a copy of your data by contacting us. We will provide your data in a machine-readable format.

6.3 Analytics Opt-Out

You can disable analytics tracking for your profile through your privacy settings, though this will limit the insights available in your dashboard.

6.4 Account Deletion

You can delete your account at any time through your profile settings. See section 7 for details on our data retention policy.

7. Account Deletion and Data Retention

When you delete your account:

  • Immediate effect: Your profile becomes immediately invisible to other users and is removed from public search
  • 14-day grace period: Your data is marked for deletion but retained for 14 days to allow account recovery
  • Reactivation option: You can reactivate your account within 14 days by logging in with Discord or Google - all your data will be fully restored
  • Permanent deletion: After 14 days without reactivation, all your personal data is permanently deleted, including:
    • Profile information (username, bio, social links)
    • Uploaded media files (images, videos, audio)
    • Comments and interactions
    • Analytics and usage data
    • Authentication tokens and session data
  • Retained data: Some anonymized, aggregated analytics data may be retained for service improvement and statistical analysis, but this data cannot be linked back to you

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential cookies: Required for authentication, security, and core functionality
  • Analytics cookies: Help us understand how users interact with the Service (optional, can be disabled)
  • Preference cookies: Remember your settings and customization choices

You can control cookie preferences through your browser settings, but disabling essential cookies may affect Service functionality.

9. Third-Party Services

We use the following third-party services that may collect and process your data:

  • Discord OAuth: For authentication (see Discord's Privacy Policy)
  • Google OAuth: For authentication (see Google's Privacy Policy)
  • Cloudinary: For media hosting and delivery (see Cloudinary's Privacy Policy)
  • MongoDB Atlas: For database hosting (see MongoDB's Privacy Policy)
  • Vercel: For hosting and deployment (see Vercel's Privacy Policy)

These third-party services have their own privacy policies. We encourage you to review them.

10. Children's Privacy

Our Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information from our systems.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to these countries.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through our Discord server:

We will respond to your inquiry as soon as possible, typically within 7-14 business days.

By using bests.lol, you agree to this Privacy Policy.