72nd website banner
Login

Privacy Policy

Effective Date: February 8th, 2026

Quick summary: We use Discord OAuth for login. The primary information we use to identify you is your Discord user ID and display name. We also process your roles on our Discord server for access control, store a last-login timestamp, and store the content you submit (event sign-ups, AARs, logbook entries, uploads). We process limited technical data (such as IP address in server logs) for security and debugging. We do not run analytics or advertising trackers, and we do not sell your data. Traffic is encrypted in transit with TLS (HTTPS). Hosting is in the EU, but some data may be accessed from or processed in the USA by US-based administrators.

1. Overview and who we are

This website (the “Service”) is operated by the administrators of the 72nd Virtual Fighter Wing (“72nd VFW”, “we”, “us”, or “our”), an online community dedicated to flight simulations.

If you are in the EU/EEA (or another region with similar data-protection laws), the administrators act as the data controller for personal data processed through this Service. You can contact us using the Contact Us form in the footer, via Discord (link below), or by email (revealed further down).

The Service mainly exists to let you sign up to events, post flight logs, and access member-only resources.

2. The information we process

When you log in and use the Service, we process:

  • Discord user ID (used as your account identifier)
  • Discord display name (shown on the site next to your contributions)
  • Roles on the 72nd VFW Discord server (role IDs/names synchronized from the 72nd VFW Discord server for access control)
  • Last login timestamp (for security and basic account activity tracking)
  • Participation data you submit (e.g., event sign-ups, AARs, logbook entries, uploads)
  • Technical and security data (e.g., IP address, user agent, timestamps, and request metadata in server logs; and limited error/debug information when something fails)

We do not ever request or store your Discord email address, phone number, friend list, or any payment information. We do not use analytics or advertising trackers or embed any third party services.

3. How we use your information

  • Authentication — to verify your identity using Discord OAuth.
  • Access management — to determine your access rights based on Discord roles.
  • Service operation — to store and display your participation data (event sign-ups, AARs, logbook).
  • Security — to track logins and help prevent unauthorized access.
  • Support and operations — to troubleshoot issues you report and to maintain the Service.

4. Legal bases (GDPR)

If the GDPR applies to you, we process your personal data only when we have a lawful basis under Article 6 GDPR. In practice, this typically includes:

  • Performance of a contract / steps at your request (Art. 6(1)(b)) — providing core features such as authentication, event sign-ups, logbook functionality, and member-only access.
  • Legitimate interests (Art. 6(1)(f)) — keeping the Service secure, preventing abuse, and maintaining basic logs to diagnose problems.
  • Consent (Art. 6(1)(a)) — where we ask you to voluntarily provide information beyond what is needed for the Service (for example, when you choose to contact us or submit optional content).

5. Visibility and sharing

We do not sell your personal information. Visibility and sharing work like this:

We are not responsible for the privacy practices or content of external sites, services, or resources that we do not provide or control, even if they are linked from this Service.

  • Within this site — your display name may appear next to content you post. Some pages may be publicly visible; member-only resources require login.
  • Discord — we use Discord for authentication and role checks. Discord may process personal data as a separate controller and may transfer data outside the EU/EEA. See the Discord Privacy Policy .
  • Legal Compliance — We may disclose information only when required by applicable law or a valid legal request.

6. Cookies, security, hosting, and international transfers

  • Cookies — we use an essential authentication cookie to keep you logged in.
  • Security — we use TLS (HTTPS) in transit and restrict access to operational data.
  • Hosting — the Service is hosted in the European Union .
  • International access/transfers — some personal data may be accessed from or processed in the United States of America due to the Service being administered by US-based administrators (for example, to handle support requests, moderation, and operations). Where the GDPR applies, we will only transfer personal data outside the EU/EEA using a lawful transfer mechanism and appropriate safeguards (such as EU Standard Contractual Clauses where applicable) and we limit access to what is necessary.

7. Data retention and deletion

  • Account identifiers (Discord ID and display name) are retained while your account exists.
  • Role membership is retained to enforce access control and may be refreshed from Discord.
  • Last login is retained for basic security and activity tracking.
  • Content you submit (event sign-ups, AARs, logbook entries, uploads) is retained unless you delete it or request deletion.
  • Technical logs (including IP address and error/debug records) are retained only as long as needed for security and troubleshooting, and are typically rotated or deleted within a reasonable period.

8. Your rights and contact

Depending on where you live, you may have rights to access, correct, or delete your personal data.

If you are in the EU/EEA, you generally have the right to request: access to your data, rectification, erasure, restriction of processing, and (where applicable) data portability. You may also have the right to object to processing based on legitimate interests. Where we rely on consent, you can withdraw consent at any time (this does not affect processing that happened before withdrawal).

You also have the right to lodge a complaint with your local supervisory authority.

Users in the United States may have additional state-law rights. We do not sell or share personal data for advertising purposes.

Participation in the 72nd VFW's activities generally requires users to be at least 18 years old. We do not knowingly collect personal information from children under 13.
Should we become aware that we have inadvertently collected personal data from a child under 13, we will take steps to delete that information as soon as possible.

For privacy-related requests or questions, please use the Contact Us form in the footer of this page, reach out on our Discord Server , or email us at [click to reveal email] .

9. Changes to this policy

We may update this Privacy Policy to reflect changes to the Service or legal requirements. We will update the “Effective Date” above when significant changes are made.