Privacy Policy

Last updated: April 4, 2026

This Privacy Policy explains how Knife ("we", "us") collects, uses, shares, and protects information when you visit knife.rip, use our Discord bot or related integrations, or otherwise interact with our services (the "Service"). By using the Service, you acknowledge the practices described here.

1. Who we are

The Service is operated in connection with the Knife project and the knife.rip website. For privacy requests, contact support@knife.rip. If you need a formal legal entity name, registered address, or EU/UK representative for compliance, confirm those details with counsel and publish them in this section.

2. Information we collect

Depending on how you use the Service, we may process:

Account and profile data: When you sign in with Discord, we receive identifiers Discord provides (such as user ID, username, avatar, and, if your app configuration requests it, email). We store account records needed to maintain your session and link your profile to purchases.
Guild / server metadata: For features like the dashboard, we may request and cache information about Discord servers your account can manage (for example, server IDs, names, icons, and permission-related flags) as returned by Discord's APIs.
Billing data: If you purchase Knife Pro, Stripe processes payment details. We store Stripe customer identifiers and purchase-related status—not full payment card numbers (Stripe holds those).
Technical and security data: Standard server logs, IP address, device/browser type, timestamps, and similar diagnostics used to secure and operate the Service.
Analytics: If NEXT_PUBLIC_PLAUSIBLE_DOMAIN is configured, we load Plausible Analytics to understand traffic in a privacy-oriented way. See plausible.io for how their product handles data.

3. How we use information

We use information to:

Provide, operate, and improve the Service;
Authenticate users and personalize the dashboard;
Process payments and record Pro access;
Detect, prevent, and respond to fraud, abuse, and security issues;
Comply with legal obligations and enforce our terms;
Communicate with you about the Service where appropriate.

4. Legal bases (EEA/UK visitors)

If the GDPR or UK GDPR applies, we rely on one or more of: contract (providing the Service you request), legitimate interests (security, product improvement, analytics balanced against your rights), legal obligation, and where required consent (for example, certain cookies or marketing, if offered). You may withdraw consent where processing is consent-based.

5. How we share information

We share information with service providers who process it on our instructions, including:

Discord (authentication and API data);
Stripe (payments and billing portal);
Hosting and infrastructure providers;
Plausible Analytics, if enabled.

We may also disclose information if required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset sale (with notice where required).

6. International transfers

We and our subprocessors may process data in countries other than where you live. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for transfers from the EEA, UK, or Switzerland. Details can be provided on request where applicable.

7. Retention

We retain personal information for as long as necessary to fulfill the purposes in this Policy, including legal, accounting, and security requirements. When data is no longer needed, we delete or anonymize it in line with our practices, subject to legal holds.

8. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing, and to data portability. You may also lodge a complaint with a supervisory authority. To exercise rights, contact us using the footer support channel. We may need to verify your request.

9. California residents (CPRA summary)

California consumers may have additional rights under the CPRA, including to know categories of personal information collected, to delete certain information, to correct inaccuracies, and to opt out of certain "sale" or "sharing" (we do not sell personal information for money; adjust this sentence if your practices change). Authorized agents may submit requests as permitted by law.

10. Children

The Service is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps to delete it.

11. Security

We implement technical and organizational measures designed to protect personal information. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

12. Changes to this Policy

We may update this Policy from time to time. We will post the revised version here and update the "Last updated" date. For material changes, we will provide additional notice where appropriate.

13. Contact

For privacy-related requests, contact us using the support email or link in the site footer.

Important: This is not legal advice. The Policy is detailed starter text for a Discord-related web app with Stripe billing—it must be reviewed by qualified counsel for GDPR, CPRA, cookie/consent requirements, subprocessors list, DPA needs, and any bot-specific data processing before high-traffic or regulated use.