HCPD seal Highfield City PD Service · Integrity · Honour

Privacy Policy

Last updated: 1 May 2026

This Privacy Policy describes how the Highfield City Police Department ("HCPD", "we", "us", or "our") collects, uses, stores, and discloses information in connection with your use of the web portal located at hcpd.owlsk-v.com (the "Service"). By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Scope

This Privacy Policy applies solely to information collected through the Service. It does not apply to information collected by Discord, Roblox, or any other third-party platform, even where the Service interacts with those platforms. Your use of those platforms is governed by their respective privacy policies.

2. Information We Collect

HCPD collects only the information necessary to authenticate you, maintain your session, and provide community features. Specifically:

2.1 Information from Discord

When you sign in via Discord OAuth 2.0, we receive from Discord:

  • Your Discord user identifier (a numeric ID);
  • Your Discord username and global display name;
  • Your Discord avatar URL, if set.

We do not request access to your Discord email address, direct messages, or any other Discord data not listed above.

2.2 Information from Roblox

When you link your Roblox account, we collect from publicly available Roblox endpoints:

  • Your Roblox user identifier (a numeric ID);
  • Your Roblox username and display name;
  • Your Roblox avatar headshot URL;
  • Your group membership and rank information for HCPD-affiliated Roblox groups.

We verify ownership of your Roblox account by issuing a temporary verification code which you place in your Roblox profile description. We do not request, store, or retain your Roblox password or any authentication tokens issued by Roblox.

2.3 Discord Server Role Information

Where you are a member of an HCPD-affiliated Discord server, our Discord bot may retrieve, on demand and at the time of viewing your profile within the Service, the roles assigned to you within those servers. This information is not stored persistently and is fetched live from Discord each time it is displayed.

2.4 Session and Activity Information

We automatically collect:

  • Session cookies necessary to keep you signed in;
  • The Internet Protocol (IP) address from which you access the Service, for security and audit purposes only;
  • Timestamps of authentication events, administrative actions, and account modifications;
  • Audit log entries for actions taken by, or affecting, your account (for example, suspensions, account unlinking, permission changes).

3. How We Use Information

HCPD uses the information described above only for the following purposes:

  • To authenticate you and maintain your signed-in session;
  • To verify your eligibility to access the Service and specific features within it, including your group rank and assigned permissions;
  • To display your identity and rank to other authorised users where appropriate (for example, in administrative interfaces visible to command staff);
  • To enable community features such as notifications and handbooks;
  • To investigate suspected violations of these Terms or Departmental Policies;
  • To maintain the security and integrity of the Service.

We do not use your information for advertising. We do not sell, rent, or trade your information to any third party.

4. Legal Basis for Processing

Where applicable data protection law requires a legal basis for processing personal data, HCPD relies on:

  • Consent, given when you initiate Discord OAuth sign-in and link your Roblox account;
  • Legitimate interests, namely the operation, security, and integrity of a private community portal, where such interests are not overridden by your rights and freedoms.

5. Sharing and Disclosure

HCPD does not share your information with third parties except in the following limited circumstances:

  • Within the Service: your username, display name, rank, and avatar may be visible to other authorised users in administrative interfaces;
  • Service providers: our hosting provider and Cloudflare may process information incidentally as part of delivering the Service, subject to their respective security and privacy commitments;
  • Legal requirements: we may disclose information where required to do so by applicable law or valid legal process;
  • Protection of rights: we may disclose information where reasonably necessary to enforce these Terms, protect the safety of users, or investigate suspected fraud or abuse.

6. Data Retention

We retain your account information for as long as your account remains active. If your account is unlinked or removed by you or by command staff, the underlying user record is permanently deleted, and active sessions associated with that account are immediately invalidated.

Audit log entries may be retained beyond account deletion for the legitimate purpose of maintaining the integrity of administrative records, but will not be used to identify or contact you following deletion.

Server access logs are retained only for a short rolling period for security and diagnostic purposes.

7. Cookies

The Service uses a single first-party session cookie, set by the server, to maintain your authenticated session. This cookie is marked HttpOnly and, in production, Secure. The Service does not use third-party cookies, advertising cookies, or analytics cookies.

8. Security

HCPD takes reasonable technical and organisational measures designed to protect your information against unauthorised access, alteration, disclosure, or destruction, including:

  • Transmission over HTTPS, terminated at Cloudflare;
  • Server-side session storage backed by an authenticated database;
  • Role-based access control limiting administrative functions to specific ranks;
  • Audit logging of administrative actions.

No system can be guaranteed to be completely secure. You acknowledge that you provide your information at your own risk.

9. Your Rights

Subject to applicable law, you may have rights in relation to your personal data, including:

  • The right to access information we hold about you;
  • The right to request correction of inaccurate information;
  • The right to request deletion of your information (which you may exercise by requesting that command staff unlink your account);
  • The right to object to or restrict certain processing;
  • The right to withdraw consent at any time, by ceasing to use the Service and requesting account deletion.

To exercise any of these rights, contact HCPD command staff via the official HCPD Discord server.

10. Children's Privacy

The Service is intended for users who are at least thirteen (13) years of age, in line with the minimum age requirement of Roblox. We do not knowingly collect personal information from individuals under the age of thirteen. If we become aware that we have inadvertently collected such information, we will delete it without undue delay.

11. International Transfers

Information processed by the Service may be stored or processed in jurisdictions other than your own. By using the Service, you consent to such transfers where permitted by applicable law.

12. Changes to This Policy

HCPD may update this Privacy Policy from time to time. The "Last updated" date at the top of this Policy indicates when it was last revised. Material changes will, where reasonably practicable, be communicated through the Service. Continued use of the Service following the posting of a revised Privacy Policy constitutes acceptance of those changes.

13. Contact

Questions, concerns, or requests relating to this Privacy Policy or to your information should be directed to HCPD command staff via the official HCPD Discord server.