Skip to content

Privacy Policy

Jump to bottom
David edited this page Jul 30, 2022 · 1 revision

I, the developer of the Mazi website and the Mazi Discord bot, care deeply about privacy and security. I am committed to being as transparent as possible about the data I store and collect from the users of the Mazi Website and the Mazi Discord bot. I know that most developers, gamers, and other types of users care about their own privacy and security as well, so I put this Privacy Policy together as a show of trust between myself and the community.

The data I collect.

On the Mazi website, you are first asked to log in (or create an account) to be able to use the Mazi Discord bot. I do collect and store the email so you are able to log in again using Firebase Authentication. I do not have access to the passwords that you registered with, or any password that you change your password to (using the forgot password page). I do though, can see the email that you registered with. If this is a concern to you, please do not use the Mazi bot. Plex Watch Together is a great service and is easy enough to set up manually. You are then asked to link both you Discord, and Plex accounts. This is the data I collect: Discord ID, Discord Email, Plex Auth Token (encrypted securely in AES), Plex email, Plex ID, Plex UUID, Plex Username, Plex Server URL, and your Plex User Profile Image. This data is stored securely in Firebase Firestore and I cannot decrypt your Plex Auth Token, or access either of your Discord or Plex accounts in any way.

Why do I collect all this data?

  • The Mazi account is needed to link your Plex and Discord accounts to a single point of interaction. It was near impossible to link the two together without having an intermediary account in between. It was also needed to make the website experience a little bit better.
  • The Discord ID is needed for the Bot to verify who you are in Discord, so it can decrypt your Plex Auth Token.
  • The Discord Email is needed for the bot to encrypt the Plex Auth Token, that way, the token cannot be decrypted without knowing the Discord Email. The email is also salted so I cannot access it myself. The Bot gets the salts from the backend.
  • The Plex Auth Token allows the bot to access different parts of your Plex account and add other users as friends automatically. This is a crucial part of the Mazi, and if the Bot didn't have access to it, any Plex function would be unusable. This token is encrypted with AES using the Discord Email which is salted for even higher security.
  • The Plex ID, Plex UUID, Plex Username, and the Plex User Profile Image is all needed to create and/or join the watch together sessions.
  • The Plex Server URL is needed to access your Plex server and allow hosting Watch together sessions.

I want to remove my data!

You may click the Unlink Data button in the user panel. This will completely delete any data linked to your account. It will not delete your Mazi account. If you would like to delete your Mazi account, either email account@mazi.pw with your email, or message me on Discord.

Clone this wiki locally