Privacy Policy

Last updated: March 25, 2025

1. Overview

This Privacy Policy describes how Foundation Medical Service ("FMS", "we", "us", or "our") collects, uses, and handles information when you use the FMS Discord bot ("FMS Bot") and the FMS staff portal ("the Portal"). We are committed to handling your information responsibly and transparently.

By using the Services, you acknowledge and agree to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information from Discord

When you authenticate with the Portal via Discord OAuth2, or when the Bot observes your activity in the FMS Discord server, we may collect:

  • Discord user ID
  • Discord username and display name
  • Discord server nickname
  • Discord server roles (to determine access level and permissions)
  • Profile avatar URL
  • Email address (only when provided via Discord OAuth2 with your consent)

2.2 Information from Roblox

When you submit a codename request containing a Roblox username, or use commands that involve Roblox account linking, we may collect:

  • Roblox username (as provided by you)
  • Roblox numeric user ID (retrieved from the Roblox API for validation)

2.3 Activity Data

When you use the Services, we may collect:

  • Shift and timeclock records (start/end times, duration, break logs)
  • Deployment logs and self-deployment submissions
  • Point transaction history
  • Rank request history
  • Patient file submissions
  • Quiz activity
  • Codename request history
  • Permission and role change audit logs
  • Session data including IP address and user agent (for security purposes)

3. How We Use Your Information

We use the information we collect solely to operate the Services. Specifically:

  • To authenticate your identity and grant appropriate access to the staff portal.
  • To assign and manage website roles based on your Discord server roles.
  • To display your profile, activity records, and statistics within the portal.
  • To process codename requests, deployment submissions, point requests, and rank requests.
  • To maintain an audit trail of administrative actions for accountability.
  • To operate Bot commands and respond to interactions within the Discord server.
  • To maintain the security and integrity of the Services.

We do not use your information for advertising, marketing, or any purpose unrelated to the operation of FMS.

4. How We Store Your Information

Your data is stored in a private MySQL database hosted on a secured server. Access to this database is restricted to FMS system operators. Data in transit between the Bot, Portal, and database is encrypted.

Session data is stored temporarily and expires after a defined period of inactivity.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to any third party.

We interact with the following third-party APIs in order to operate the Services:

  • Discord API — Used to authenticate users, read server membership and roles, and operate the Bot. Data shared with Discord is governed by Discord's Privacy Policy.
  • Roblox API — Used to validate Roblox usernames and retrieve associated user IDs. Only usernames you explicitly provide are sent to Roblox. This is governed by Roblox's Privacy Policy.

We may disclose information if required to do so by law, or if we believe in good faith that disclosure is necessary to protect the rights or safety of our members or others.

6. Data Retention

We retain your data for as long as you are an active member of Foundation Medical Service. If you leave the FMS Discord server or your access is revoked, your data may be retained for a reasonable period for record-keeping and audit purposes before deletion.

To request deletion of your data, please contact FMS Leadership through the Discord server.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — Request a summary of the personal data we hold about you.
  • Correction — Request correction of inaccurate data.
  • Deletion — Request deletion of your personal data, subject to our operational and record-keeping needs.
  • Objection — Object to certain processing of your data.

To exercise any of these rights, contact FMS Leadership via the Foundation Medical Service Discord server.

8. Children's Privacy

The Services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will take steps to remove that information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the "Last updated" date at the top of this page. Continued use of the Services after changes are posted constitutes acceptance of the updated policy. We encourage you to review this page periodically.

10. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact FMS Leadership through the Foundation Medical Service Discord server or via the staff portal.

View our Terms of Service