Privacy Policy

Last updated: May 22, 2026

1. Introduction

Elite Squadrons ("the Platform") is a free, fan-made squadron management tool for the game Elite Dangerous. It is operated by Vintenxe, an individual hobbyist based in Nevada, USA, who acts as the data controller for the purposes of applicable data protection law.

This Privacy Policy explains what information the Platform collects, how it is used, who can see it, how long it is kept, and the rights you have over it. The Platform is used by players worldwide. Data is stored and processed in the United States.

2. Information We Collect

We collect the following categories of information:

2.1 Account & Authentication Data

When you sign in via Discord, we receive and store your Discord user ID, username, display name, avatar URL, email address, and information about your membership in Discord servers linked to squadrons on the Platform. This information is required to authenticate you and to verify squadron membership.

2.2 Profile & Squadron Data

You may provide a commander name (your in-game handle), timezone, playstyle, platform, and a short introduction. While you are a member of a squadron we also store your squadron membership status (such as active, inactive, on-leave, suspended, left, kicked, or banned), join date, rank, functional tags (such as diplomat), and custom status. Squadron officers may record administrative notes and warnings about you. Membership history (joins, departures, kicks, and bans across squadrons, including the departure reason and date) is retained for squadron governance and moderation.

2.3 User-Generated Content

Content you create or upload on the Platform, including operation proof screenshots, after-action reports, lore entries, diplomatic messages and actions, colonization notes, recruitment application text, donation proof screenshots, and other textual or image content you submit.

2.4 Operational & Activity Data

When you participate in squadron activities, we store:

  • Operation signups, assignments, and proof submissions
  • After-action reports
  • Colonization project deliveries, in-transit shipments, and notes
  • Fleet carrier data: jump schedules, commodity inventories, carrier services, and locations
  • Diplomatic pact data: stances, actions, and messages exchanged with other squadrons or factions
  • Awards and achievements granted to you
  • Donation proofs (amounts, screenshots, optional system and station name)
  • Recruitment applications and their review status

2.5 Optional Frontier Account Data

If you choose to link your Frontier Developments account, we store credentials issued by Frontier's OAuth flow together with your linked commander name. This is entirely optional and is used to import in-game data via the Frontier Companion API. You can unlink your Frontier account at any time, which removes the stored credentials.

2.6 Optional Telemetry / Plugin Data

If you choose to use a compatible Elite Dangerous plugin (such as an EDMC plugin), in-game activity events may be sent to the Platform. Telemetry data may include your commander name, current star system, station docked at, faction influence readings, market, outfitting, and shipyard data, and fleet carrier status events. Each telemetry client records limited metadata for security monitoring, including the last IP address used and event counts. Use of telemetry is optional; you may stop sending telemetry at any time by uninstalling the plugin or revoking its tokens.

2.7 Security & Technical Data

To keep the Platform running safely we generate and process temporary technical records used for rate limiting, fraud prevention, abuse prevention, and security. These may include IP addresses, request metadata, short-lived access logs, and signals from anti-abuse and bot-protection providers. We also keep audit logs of administrative actions (such as promotions, demotions, bans, settings changes, faction linking, and proof reviews) for accountability.

2.8 In-Game Location Data

If you submit telemetry or manually update your location, we store your current star system, the time it was last updated, and the source (telemetry or manual). This is shown to other members of your squadron for operational coordination.

2.9 Browser Local Storage

We store a small amount of data in your browser's local storage. This data stays on your device and is not transmitted to our servers:

  • Pinned BGS systems for quick access
  • Carrier and member directory display preferences (layout, sort, grouping)
  • Whether you have completed the onboarding tour
  • PWA install prompt dismissal timestamp

These are not cookies and do not track you across sites.

2.10 Notifications

We store in-app notifications including category, type, severity, read status, and timestamps. You may configure per-category notification preferences (enabled or disabled, minimum severity level).

2.11 Analytics

If analytics is enabled, the Platform collects limited, aggregate usage data using a first-party, cookie-free analytics tool. See Section 13 for details on what is collected and how it is used.

3. How We Use Your Information

  • Authenticate you and verify Discord server membership
  • Display your profile within the squadron management interface
  • Coordinate squadron operations, fleet carriers, and BGS campaigns
  • Track colonization project progress and coordinate deliveries
  • Manage diplomatic relationships and facilitate inter-squadron communication
  • Publish lore entries and after-action reports
  • Display leaderboard rankings and awards
  • Record donation proofs for squadron transparency
  • Display event calendars aggregating operations, carrier jumps, and milestones
  • Process recruitment applications
  • Send Discord webhook notifications about squadron activity, where squadron administrators have configured them
  • Deliver in-app notifications about squadron activity
  • Detect BGS conflicts and create operations
  • Update member location data from telemetry for operational coordination
  • Maintain audit logs for administrative accountability
  • Rate-limit requests, prevent abuse and fraud, and protect the Platform and its users
  • Generate backups to protect against data loss
  • Improve the Platform

The Platform may automatically process game, telemetry, and public galaxy data to update BGS records, discover faction presence, synchronize Discord-related membership information, and create or suggest operations. The Platform does not use automated processing to make decisions that produce legal or similarly significant effects about you.

4. Visibility of Your Data

Different categories of data on the Platform are visible to different audiences. In general:

  • Public visitors can see information squadrons or members have chosen to publish publicly, such as public squadron pages, public lore entries, and limited aggregate statistics. They do not see email addresses, IP addresses, telemetry contents, or private squadron records.
  • Squadron members can see profile and activity information about other members of the same squadron, including commander name, rank, status, location (if shared), operation participation, award history, and other operational context.
  • Squadron officers, admins, and owners can additionally see administrative information such as warnings, notes, moderation history, recruitment applications, and donation records relating to members of their squadron.
  • Vintenxe (the operator) can access data on the Platform as needed to operate, secure, moderate, debug, back up, and support the Platform, including in response to abuse reports or legal obligations.
  • Discord channels and webhooks configured by squadron administrators may receive notifications about activity (such as operation signups, carrier jumps, or moderation events). What is sent, and to which channel, is controlled by the squadron, not by the Platform operator.

Squadron leadership and administrators are independently responsible for how they handle data about their members.

5. Third-Party Services

We use a small number of third-party services to operate the Platform:

  • Discord— Authentication, server membership verification, avatar delivery, and webhook notifications configured by squadron administrators. Your use of Discord is subject to Discord's own terms and privacy policy.
  • Frontier Developments— If you choose to link your Frontier account, we use the Frontier Companion API to import in-game data on your behalf. Your use of Frontier services is subject to Frontier's own terms and privacy policy.
  • Ko-fi— External, voluntary donation platform (ko-fi.com/elitesquadrons). If you choose to donate via Ko-fi, Ko-fi's own terms and privacy policy apply. The Platform does not process payments and does not share your account information with Ko-fi.
  • EDDN, EDSM, and Spansh — Public, community-maintained Elite Dangerous galaxy data sources. The Platform reads public data from these sources for BGS tracking and galaxy data. We do not share personal data with these services.
  • Hosting, storage, backup, security, and anti-abuse providers — The Platform relies on infrastructure providers for server hosting, cloud storage and backup of files and database snapshots, secure connections, content delivery, and bot and abuse protection. These providers process limited data (such as connection metadata and stored files) on our behalf under their own terms.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We do not use advertising cookies. We do not share personal data with third parties for purposes beyond operating and securing the Platform.

6. Data Storage & Security

Data is stored and processed in the United States. We apply reasonable technical and organizational safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. Connections to the Platform are encrypted in transit. Sensitive tokens and credentials (such as Frontier OAuth credentials and telemetry API tokens) are protected using appropriate safeguards, and raw API tokens are shown to you only once at creation.

Access to underlying servers, databases, and backups is restricted to the Platform operator. Encrypted backups are generated on a regular schedule and stored with a cloud storage and backup provider.

No online service can be guaranteed 100% secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security.

7. Legal Basis for Processing (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following bases:

  • Performance of the service (Art. 6(1)(b)): Processing necessary to provide the features you use, including account creation, squadron management, operations, BGS tracking, fleet carrier coordination, colonization, diplomacy, recruitment, notifications, and other core functionality.
  • Consent (Art. 6(1)(a)): Optional features that you opt into, such as linking a Frontier account or submitting optional plugin/telemetry data. You may withdraw consent at any time by unlinking the service or disabling telemetry.
  • Legitimate interests (Art. 6(1)(f)): Security, abuse prevention, fraud prevention, rate limiting, audit logging, moderation, defending legal claims, and operating and improving the Platform.
  • Legal obligation (Art. 6(1)(c)): Where we need to comply with legal requirements, including responding to lawful requests and complying with applicable breach-notification obligations.

8. Data Controller

The data controller for the Platform is:

Vintenxe
Nevada, USA
contact@vintenxe.com

As an individual hobbyist operator, Vintenxe is not required to designate a Data Protection Officer (DPO) under Article 37 of the GDPR. Data protection inquiries can be sent to the contact email above.

If you are located in the EEA or UK, you have the right to lodge a complaint with your local data protection supervisory authority if you believe your personal data has been processed in violation of applicable data protection law.

9. Data Retention

We keep personal data only as long as we reasonably need it. Typical retention periods are:

  • Raw telemetry ingress envelopes: Approximately 30 days, after which they are automatically deleted. Aggregated or derived data (such as faction influence history) may be retained longer.
  • Session data: Expires according to session duration or when you sign out.
  • Rate-limit and security technical records: Short-lived, unless needed for an active abuse or security investigation.
  • Active squadron data:Operational, colonization, diplomacy, carrier, lore, award, and notification data is retained for the duration of your membership and the squadron's use of the Platform.
  • Donation proof images: Screenshots are retained only until the reviewer approves or denies the proof, then deleted. Limited donation metadata (such as amount, date, and outcome) may be retained for squadron transparency, auditability, and abuse prevention.
  • Membership history and moderation records: Retained as long as reasonably necessary to enforce bans, prevent abuse, preserve squadron governance records, or resolve disputes.
  • Audit logs: Retained as long as reasonably necessary for security, accountability, legal defense, abuse prevention, and operational integrity.
  • Browser local storage: Persists until you clear your browser data or the Platform removes the key.
  • Backups: Deleted data may persist in encrypted backups until those backups are rotated out under our normal backup schedule.
  • Other personal data on account deletion: When you request account deletion, your active personal data is removed within a reasonable period, typically within 30 days, subject to the exceptions above.

10. International Data Transfers

The Platform is operated from the United States, and data is stored and processed in the United States. If you access the Platform from outside the United States, your data will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

Where required by applicable law, the operator relies on appropriate safeguards, service-provider commitments, or permitted derogations under applicable data protection law for international data transfers. The Platform is offered globally as a fan-made tool and does not specifically target users in any particular jurisdiction.

11. Data Breach Notification

If we become aware of a security incident that affects your personal data, we will investigate it, take reasonable steps to mitigate it, and notify affected users and/or regulators where required by applicable law. Notice may be provided by email and/or in-app notification where practical.

As a hobbyist project operated by an individual, we will make reasonable efforts to respond promptly, but our response capacity is limited.

12. Your Rights

Depending on where you live, you may have the right to:

  • Request a copy of personal data we hold about you (right of access)
  • Request correction of inaccurate data (right to rectification)
  • Request deletion of your data and account (right to erasure)
  • Request a machine-readable export of your data (right to data portability)
  • Object to processing based on legitimate interests (right to object)
  • Request restriction of processing (right to restriction)
  • Withdraw consent for optional processing at any time
  • Unlink your Frontier account at any time
  • Opt out of telemetry by revoking your telemetry tokens or not using a telemetry plugin
  • Lodge a complaint with your local data protection authority, where applicable

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

To exercise any of these rights, email contact@vintenxe.com. We will respond within a reasonable period, generally within 30 days. We may need to verify your identity before acting on a request. Some data may be retained where we have a legal basis to do so (for example, moderation history, audit logs, or backups described above).

13. Analytics

If analytics is enabled, the Platform uses a privacy-respecting, first-party, cookie-free analytics tool to understand how the Platform is used. Analytics data is not used for advertising, is not sold or rented, is not shared with third parties, and is not used for cross-site tracking. Analytics data is not linked to your Discord account, Frontier account, telemetry tokens, or squadron membership unless we explicitly implement authenticated analytics events in the future.

13.1 What we use analytics for

  • Understanding overall site usage and traffic patterns
  • Improving Platform performance and user experience
  • Identifying which pages and features are most used
  • Diagnosing product issues at an aggregate level

13.2 What analytics may collect

  • Page path (with the query string and URL fragment stripped before recording)
  • Referrer URL
  • Browser type and version
  • Operating system
  • Device type (desktop, mobile, tablet)
  • Approximate country, region, or city-level location derived from IP at collection time, where geolocation is enabled
  • Timestamps and aggregated visit and session counts
  • Custom events only if and when we explicitly implement them

The analytics tracker is configured to honour the browser Do Not Track signal. When DNT is enabled, no analytics events are recorded.

14. Cookies & Local Storage

The Platform uses first-party cookies that are necessary for authentication and account security, including a session cookie used to keep you signed in. These are not tracking or advertising cookies.

We do not use advertising cookies and do not use any third-party cookie-based tracking services. Our analytics tracker is cookie-free. Browser local storage items (described in Section 2.9) are stored on your device and are not cookies.

15. Children's Privacy

The Platform is not intended for and does not knowingly allow use by anyone under the age of 13. Users under the age of 18 must have the permission of a parent or legal guardian.

If we learn that we have collected personal information from a user under 13, we will delete or disable the account and the associated personal information as required by applicable law. If you believe a user under 13 has provided us with personal data, please contact contact@vintenxe.com.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Material changes will be highlighted where reasonably practical.

17. Contact

For any privacy-related questions or requests, contact contact@vintenxe.com.