Tixora is a powerful Discord ticket bot that helps communities manage support tickets. It includes a web dashboard, ticket panels, transcripts, SLA tracking, automations, and more.

Yes! Tixora has a free plan that lets you create ticket panels and manage support. Paid plans unlock advanced features like SLA tracking, custom branding, and the REST API.

How do I add the Tixora ticket bot to my Discord server?

Simply click 'Get started' on tixora.xyz, log in with Discord, and invite the bot to your server. Setup takes less than 2 minutes.

What makes Tixora the best Discord ticket bot?

Tixora offers a premium web dashboard, unlimited ticket categories, custom forms, transcript saving, SLA tracking, automation rules, and Tebex verification — all in one platform with a free tier.

Legal

Privacy Policy

Last updated: May 15, 2025

Tixora Studios (“we,” “us,” or “our”) operates the Tixora platform. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.

1. Information We Collect

1.1 Information from Discord OAuth2

When you sign in via Discord we receive:

Your Discord user ID, username, and avatar hash.
Your email address (if you grant the email scope).
A list of guilds (servers) you belong to and your permissions in each.
An OAuth2 access token and refresh token to make Discord API calls on your behalf.

1.2 Workspace and Support Data

When you connect a Discord server to the Service we store:

Server metadata: name, icon, owner Discord ID, locale, and member count.
A cached snapshot of your server’s roles and channels, refreshed on demand.
Ticket data: messages, attachments (links only — we do not store Discord CDN files), status, tags, and agent assignments.
Panel and category configurations you create in the dashboard.
Automation rules and their execution history.
Audit log entries for meaningful actions taken by workspace members.

1.3 Bring Your Own Bot Token

If you use the BYOB feature, your Discord bot token is encrypted with AES-256-GCM before being stored. The plaintext token is only held in memory for the duration of the bot process and is never logged or transmitted in plain text.

1.4 Usage and Technical Data

IP addresses and browser/device information from web requests.
Server-side logs containing request paths, response codes, and timestamps — retained for up to 30 days.
Error traces for debugging, stripped of personally identifiable information where possible.

1.5 Billing Data

Payment processing is handled by a third-party provider (e.g., Stripe). We store only a customer reference ID and subscription status — no raw card numbers or bank details are held by us.

2. How We Use Your Information

Providing the Service — authenticating your session, routing you to the correct workspace, storing and displaying ticket data.
Bot operations — using your OAuth2 token to sync roles/channels, post panel embeds, and respond to Discord interactions.
Billing — creating and managing your subscription through our payment provider.
Communication — sending transactional emails (plan changes, security notices) and, with your consent, product updates.
Security and integrity — detecting abuse, preventing unauthorized access, and maintaining audit logs.
Product improvement — aggregated, anonymized usage analytics to understand which features are used and where the product can be improved.

We do not sell your personal data to third parties. We do not use ticket message content for advertising.

3. Data Sharing and Third Parties

We share data only in the following circumstances:

Service providers — infrastructure providers (database, hosting, CDN) that process data on our behalf under confidentiality agreements.
Payment processor — billing-related data with our payment partner (e.g., Stripe) to process subscriptions.
Discord — we make API calls to Discord on your behalf using the OAuth2 token you granted. Discord’s own Privacy Policy governs their data handling.
Legal compliance — when required by law, court order, or to protect the rights and safety of users or the public.
Business transfer — in the event of a merger, acquisition, or sale of assets, data may be transferred to the successor entity. We will notify you before your data is transferred and subject to a different privacy policy.

4. Data Retention

Ticket transcripts are retained for the period defined by your plan (7 days for Free, up to 2 years for Business).
Audit log entries are retained for the period defined by your plan.
If you delete your workspace, associated ticket data, panel configurations, and audit logs are permanently deleted within 30 days.
OAuth2 access tokens are stored for the duration of your session and revoked upon sign-out.
Encrypted bot tokens (BYOB) are deleted immediately upon plan downgrade below Business tier or upon manual removal.

5. Security

We use industry-standard security measures including TLS in transit, AES-256-GCM encryption for sensitive credentials, HMAC-signed internal API communication, and per-tenant data isolation enforced at the database query level. Access to production systems is restricted to authorised personnel only.

No system is perfectly secure. If you believe you have discovered a security vulnerability, please report it responsibly to support@tixora.xyz.

6. Your Rights and Choices

Depending on your location, you may have the right to:

Access — request a copy of the personal data we hold about you.
Correction — ask us to correct inaccurate or incomplete data.
Deletion — request that we delete your personal data, subject to our legal obligations and legitimate interests.
Portability — receive your data in a structured, machine-readable format.
Objection — object to certain processing activities, including direct marketing.

To exercise any of these rights, contact us at support@tixora.xyz. We will respond within 30 days.

7. Cookies and Local Storage

We use an HTTP-only session cookie to maintain your authenticated session. No third-party advertising or tracking cookies are set. We may use browser local storage for non-personal UI preferences (e.g., sidebar state).

8. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. International Transfers

Your data may be processed in countries other than your own. By using the Service you consent to such transfers. We ensure appropriate safeguards (such as standard contractual clauses) are in place where required.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy with an updated “Last updated” date and, for material changes, notify you via dashboard notice or email. Continued use of the Service after changes constitutes acceptance.

11. Contact

Questions or concerns about this Privacy Policy should be sent to support@tixora.xyz.

Tixora Studios · tixora.xyz