1. Privacy summary
Lotra is designed to keep sensitive brokerage information on the user’s computer. The Discord bot processes only the information reasonably needed to authenticate users, verify access, deliver time-limited signals, prevent duplicate execution, and protect the Service. Lotra does not sell personal information or use bot data for targeted advertising.
2. Information the Discord application processes
Discord identity and access information
- Discord user ID and OAuth authorization status;
- authorized server, role, and channel IDs;
- whether the user currently holds the required Premium role; and
- short-lived session identifiers used to keep the user signed in.
Lotra does not receive your Discord password, Discord 2FA codes, or backup codes.
Commands, signals, and interaction records
- the Discord ID of an authorized administrator issuing or approving a command;
- ticker symbol, share quantity, signal deadline, and timestamps;
- signal status such as pending, approved, cancelled, expired, or completed;
- quoted prices and general broker labels shown in an order preview; and
- opaque delivery or completion identifiers used to prevent duplicate execution.
Opaque identifiers are designed not to contain brokerage account numbers. Lotra does not intentionally post full brokerage account numbers in Discord order reviews.
Technical and security information
Cloudflare may process IP address, request time, user agent, routing, error, abuse, and security-event information when providing hosting, network protection, and bot endpoints. The static legal pages themselves contain no analytics or advertising scripts and do not set their own cookies.
3. Information that remains local
The Lotra Discord application and Cloudflare backend are not designed to collect or store the following sensitive brokerage data:
- brokerage usernames, passwords, one-time codes, or security answers;
- broker session cookies, browser profiles, or authentication tokens;
- full brokerage account numbers;
- complete portfolio holdings, balances, transaction history, or tax records; or
- payment-card or bank-account information.
Brokerage credentials, browser sessions, locally saved portfolio records, and broker communications remain on the user’s device or travel directly between the desktop application and the selected brokerage service. Brokerage providers independently control their own data practices.
4. How information is used
Lotra uses the information described above to:
- complete Discord login and confirm the identity of the current user;
- verify server membership and the required Premium role;
- restrict administrator commands to approved users and channels;
- create, review, deliver, expire, cancel, and complete stock signals;
- prevent a user or local execution target from executing the same signal twice;
- apply deadlines and security controls;
- investigate service errors, abuse, unauthorized access, or security incidents; and
- comply with applicable law and enforce the Terms of Service.
6. Retention and deletion
- OAuth access information is used to complete authentication and is not embedded in the desktop executable.
- Lotra sessions expire and can be ended by logging out or revoking Discord authorization.
- Active signal and delivery records are retained only until the command’s stated deadline, then removed by automated cleanup.
- Expired signals are rejected immediately even if scheduled deletion has not yet completed.
- Cloudflare security and operational logs may remain for the period controlled by the configured Cloudflare plan and security settings.
Limited information may be retained longer when reasonably required for security, legal compliance, dispute resolution, or preventing repeated abuse.
7. Security
Lotra uses measures intended to reduce unauthorized access, including server-side role verification, Discord interaction-signature checks, restricted administrator IDs and channels, short-lived sessions, one-time signal identifiers, encrypted transport, and Cloudflare secrets that are not compiled into the desktop executable. No security measure can guarantee absolute protection.
8. Your choices and requests
You may:
- decline or revoke Discord authorization;
- leave the relevant Discord server or remove the application from your server;
- stop the Lotra desktop signal listener or stop using the Service; and
- request access, correction, or deletion of bot records associated with your Discord user ID, subject to applicable law and necessary verification.
Submit a request through the official Lotra Discord community. Do not post passwords, authentication codes, brokerage account numbers, or other sensitive information in a public channel.
9. Children’s privacy
The Service is not intended for anyone below the minimum age required by Discord or applicable law. Lotra does not knowingly request information from an underage user. If you believe an underage person has used the Service, contact the Lotra team so the relevant bot records can be reviewed and removed where appropriate.
10. International processing
Discord and Cloudflare operate infrastructure in multiple locations. Information may therefore be processed outside your region and may be subject to different data laws. Those providers describe their international processing and safeguards in their own privacy documentation.
11. Changes to this Policy
Lotra may update this Policy when features, data practices, laws, or platform requirements change. The updated date will appear at the top of this page. Material changes may also be announced in the official Discord community.
12. Contact
Privacy questions or requests may be submitted through the official Lotra Discord community.