Privacy Policy and Terms of Service Agreement

Plain English Summary & Disclosures

Naramo Logistics Agency (the trading name of Martin Ze Consumer, "we," "us," or "our") is committed to proportionate and transparent data processing to secure our digital spaces.

• Data Controller: Martin Ze Consumer is the individual data controller responsible for your personal information.
• Data Collection: We collect your persistent platform identifiers (Discord/Roblox IDs) and utilize automated keyword and behavioral triggers strictly within channels where our Service is active.
• Purpose of Processing: Our systems scan for malicious activity, harassment, and severe platform violations to enforce our Acceptable Use Policy based on documented security risks.
• Automated Enforcement: Our systems assign a dynamic "Safety Score." Decreases in this score trigger automated actions including warnings, mutes, or cross-platform restrictions.
• User Rights & Control: You maintain the right to access your data, appeal automated decisions, and request erasure.
• Opting Out: Where processing is strictly necessary for service security, objection may require discontinuing use. Data Removal is separate from opting out, and requires emailing our Data Protection contact. Leaving the service stops ongoing processing; deletion requests address previously stored data.

PRIVACY POLICY

1. Identity of the Data Controller and Legal Contacts

In compliance with Article 13 and 14 of the General Data Protection Regulation (GDPR), the data controller responsible for the processing of your personal data is an individual operating under a trading name:

• Legal Controller Name: Martin Ze Consumer (operating as "Naramo Logistics Agency")
• Primary Physical Address: 350 Chem. du Pré Neuf, 38350 La Mure, France
• Country of Residence/Operation: France

Designated Data Protection Contact: Due to the systematic monitoring of publicly accessible areas and processing of behavioral data at scale, we have designated a data protection contact to oversee compliance. You may contact the Data Protection contact directly regarding your data rights at dataprotection@naramologistics.com.

2. Scope of Collection and Processing Activities

To maintain the security and regulatory compliance of our digital communities, the Service ("Logistics Specialist Nora" and "Junior Contractor Sora") processes specific categories of data using restricted technical constraints.

2.1. Discord-Originating Information

• Persistent Identifiers: Your unique Discord User ID, alphanumeric username, discriminator, account creation timestamp, and avatar hash.
• Targeted Communications Analytics: The Service utilizes automated keyword and behavioral triggers strictly within channels where the Service is active. We do not conduct continuous surveillance. If a message triggers a defined moderation heuristic, the specific content is captured and logged solely for evidentiary review and moderation enforcement.

2.2. Roblox-Originating Information

• Cross-Platform Identity Resolution: Upon your explicit consent, we utilize OAuth2 and API bridging to securely link your Discord User ID with your Roblox User ID to enforce unified security policies.
• Public Platform Telemetry: We retrieve public data associated with your Roblox account via the platform's API, focusing strictly on Group affiliations and account age to assess security risks.
• Proprietary In-Game Communications: Within the explicitly owned virtual environments managed by Naramo Logistics Agency on the Roblox platform, we log in-game chat. We do not monitor Roblox chat globally.

3. Legal Basis and Lawful Processing Justifications

We process your personal data under the following exhaustive legal bases:

• Legitimate Interest (GDPR Art. 6(1)(f)): We process data strictly necessary for immediate network security and content moderation. We have conducted a Legitimate Interests Assessment (LIA), which concluded that our processing is strictly limited to identifying violations of our Terms, relies on pseudonymized identifiers where possible, and does not override your fundamental rights and freedoms. To minimize intrusion, we do not analyze private messages outside integrated channels. Users reasonably expect moderation in managed digital spaces, and opt-out is available by leaving the integrated servers.
• Explicit Consent (GDPR Art. 6(1)(a)): Where processing involves cross-platform identity linking or querying external fraud prevention databases, consent is obtained through a clear, affirmative action separate from general use of the Service. You may withdraw this consent at any time. Refusal to provide consent may limit access to certain protected communities but will not prevent general use of the Service where feasible.
• Legal Obligation (GDPR Art. 6(1)(c)): Processing mandated by statutory laws or valid law enforcement subpoenas.

4. Automated Decision-Making and Article 22 Compliance

To facilitate timely security interventions, our Service utilizes fully automated decision-making processes that produce significant effects regarding your access to our spaces (GDPR Article 22). This automated processing is necessary to provide a secure and functional service environment, which is an essential element of the contractual relationship, and where required by law, relies on your explicit consent. Non-automated fallback moderation is not reasonably scalable, however human moderation may still be used at times.

• Algorithmic Logic: The "Safety Score" algorithm evaluates specific, documented factors: linguistic signals (flagged keywords), message frequency (spam detection), and network reputation flags. No decision is based solely on a single, isolated data point or fully opaque automated inference. No single factor is determinative; repeated violations and network risk signals carry greater weight than isolated keyword flags.
• Concrete Consequences: A Safety Score falling below predefined thresholds results in automated, immediate restrictions, up to and including removal from affiliated Discord servers and Roblox experiences.
• Safeguards and Your Rights: In compliance with Article 22(3), you have the explicit right to obtain human intervention, to express your point of view, and to contest the automated decision. All automated restrictions are subject to formal, meaningful human review upon request.

5. Third-Party Data Disclosure and International Transfers

Disclosures are limited strictly to the following parameters:

• Infrastructure Processors: Data is processed on servers provided by Railway Corp. (USA) and Replit Inc (USA). Our providers may process data on servers located in both EEA and USA. International data transfers to non-EEA locations (e.g., between servers in EEA and USA) are safeguarded by the execution of Standard Contractual Clauses (SCCs). In light of ongoing transfer risk assessments (Schrems II), we apply supplementary safeguards, including industry-standard encryption measures, including TLS in transit and encryption at rest where applicable. You may request a copy of applicable safeguards by contacting us.
• Security and Reputation Databases: We transmit pseudonymized data (cryptographic hashes or User IDs) to specific categories of external services: fraud prevention networks and known-threat reputation databases. These entities operate as Data Processors and, where applicable, independent controllers, subject to strict contractual data protection obligations and are subject to contractual safeguards and due diligence reviews.

6. Data Security and Retention Protocols

We implement robust security measures, including role-based access controls, verifiable audit logs, and appropriate technical and organizational measures, including encryption where applicable. We employ a strict retention schedule tied to purpose limitation:

• Tier 1 (Non-Violations): Ephemeral communications that do not trigger heuristics are processed in volatile memory and systematically discarded.
• Tier 2 (Minor Violations): Data pertaining to temporary mutes is retained for ninety (90) days solely to track recidivism, after which it is purged.
• Tier 3 (Severe Violations): Data documenting severe infractions (e.g., exploitation, illegal content) is retained for up to two (2) years to prevent ban evasion. Retention beyond this period occurs only in exceptional, documented cases involving ongoing, active security threats or legal mandates.

7. Children's Privacy

We enforce rigorous compliance with the US Children's Online Privacy Protection Act (COPPA) and GDPR Article 8. Age determination is based entirely on platform-provided signals (Discord/Roblox) and user disclosures; we do not independently verify age beyond available platform mechanisms.

• Data Minimization: If platform signals indicate a user is under thirteen (13), we do not build or retain behavioral profiles. Moderation data is processed exclusively for immediate contextual safety. Where we have reason to believe a user is under the applicable age of digital consent (13–16 depending on jurisdiction), we take additional steps including restriction or deletion of data. User accounts pending age clarification will be temporarily suspended from accessing our services. If we discover profiling data has been inadvertently collected on a minor outside these parameters, it is immediately purged.
• Parental Rights: Parents or legal guardians may contact us to exercise their rights to review or delete their child's data.

8. Data Subject Rights and Procedural Execution

Under the GDPR and applicable local laws, you possess the Right to Access, Portability, Rectification, Erasure, and the Right to Restrict/Object to Processing. Additional explanation of your rights will be provided upon request to our Data Protection contact within one (1) month of receipt.

• DSAR Submission and Identity Verification: To submit a Data Subject Access Request (DSAR) or formal appeal, please email our Data Protection contact. You must provide your Discord User ID. We may require secondary verification via a platform-authenticated message to confirm your identity before releasing data.
• Statutory Timelines: We will acknowledge and fulfill valid DSARs within one (1) month of receipt, subject to a two-month extension for complex requests as permitted by law.
• Formal Appeals Channel:
  • Primary Legal/Privacy Email: legal@naramologistics.com
  • Secondary Ticketing/Support Server: discord.gg/pRKDVMSnfr

TERMS OF SERVICE

1. Acceptable Use Policy (AUP)

These Terms of Service ("Terms") govern your access to the Service and constitute a legally binding agreement between you and Martin Ze Consumer, operating as Naramo Logistics Agency. You agree to utilize the Service strictly for lawful purposes. Prohibited behaviors include, but are not limited to:

• Hostile Conduct: Hate speech, targeted harassment, doxxing, or threats.
• Exploitation: Malicious software distribution, phishing, or unauthorized Roblox client modifications.
• Circumvention: Employing proxy services or alternate accounts to circumvent active restrictions.
• Illicit Material: Hosting material that violates law (e.g., explicitly illicit imagery, unauthorized copyrighted IP).

2. Content Licensing and Intellectual Property

We retain all rights to the Service. By submitting user-generated content within our managed spaces, you grant us a limited, royalty-free license to use and process that content strictly for the purposes of moderation, policy enforcement, and security analysis. This license persists only for as long as the content is retained under our documented Data Retention Protocols.

3. Policy Updates and Service Termination

• Policy Updates: Material changes to these Terms will be communicated via official announcements within our primary spaces at least fourteen (14) days prior to taking effect.
• Termination: We reserve the right to terminate or restrict your access to the Service acting in good faith, based specifically on documented policy violations, reasonable risk indicators, or sustained breaches of the Acceptable Use Policy and subject to applicable law.

4. Disclaimers and Limitation of Liability

DISCLAIMER OF WARRANTIES: THE SERVICE IS PROVIDED STRICTLY ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTIES OF ANY KIND.

LIMITATION OF LIABILITY: TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL Martin Ze Consumer (OPERATING AS NARAMO LOGISTICS AGENCY) BE LIABLE FOR ANY INDIRECT, PUNITIVE, OR CONSEQUENTIAL DAMAGES. FOR USERS OUTSIDE THE EUROPEAN ECONOMIC AREA, OUR TOTAL CUMULATIVE LIABILITY SHALL BE LIMITED TO A REASONABLE AND PROPORTIONATE AMOUNT.

EU CONSUMER EXCEPTION: NOTHING IN THIS SECTION EXCLUDES OR LIMITS LIABILITY WHERE SUCH EXCLUSION IS NOT PERMITTED UNDER APPLICABLE EU OR MEMBER STATE LAW (including liability for death, personal injury caused by negligence, or fraudulent misrepresentation).

5. Governing Law and Dispute Resolution

• Governing Law: This Agreement shall be governed by and construed in accordance with the laws of France, without regard to its conflict of laws principles.
• Mandatory Consumer Protection Override: Nothing in this Agreement limits the mandatory consumer protection rights granted to you by the laws of your specific country or state of residence.
• Dispute Resolution (Non-EU Users): For users residing outside the European Union, any controversy or claim shall be settled by binding arbitration. You agree to bring claims only in your individual capacity, not as a class member.
• Dispute Resolution (EU Users): This binding arbitration clause and class action waiver do not apply to consumers residing within the European Union. EU consumers retain their statutory right to bring legal proceedings in the competent courts of their member state of residence.