Security and data

Pengy Trust Center.

A plain-language overview of Pengy security, retention, service providers, support, and incident handling.

Last updated July 14, 2026

Security practices

  • Discord installation uses an explicit permission list and never requests Administrator.
  • Dashboard access is checked against Discord server permissions and configured reviewer roles.
  • Production refuses placeholder secrets and requires encrypted public connections.
  • Configuration snapshots use authenticated encryption and every restore creates an audit record.
  • Background work uses persistent leases, retries, duplicate protection, and dead-letter review.

Retention

  • Free operational activity records are retained for up to 7 days.
  • Pro operational activity records are retained for up to 30 days.
  • Branded operational activity records are retained for up to 60 days.
  • Configuration remains while the server uses Pengy. Billing and security evidence may follow separate legal or fraud-prevention requirements.
  • Offboarded servers can request an export followed by deletion of eligible server data.

Service providers

These providers support Pengy. Optional integrations receive data only when a server administrator enables the related feature.

  • Discord provides account sign in, server installation, and community events.
  • Vercel and Bloom.host provides application hosting and network delivery.
  • Bloom.host MySQL stores server configuration and operational records.
  • Stripe processes paid subscriptions. Pengy does not store full payment card numbers.
  • Patreon supports optional membership verification when connected by an administrator.
  • Google supports optional calendar synchronization when connected by an administrator.
  • Configured alert destination receives bounded operational incident details with secrets and message content removed.

Public feed sources such as Twitch, GitHub, YouTube, Reddit, Kick, and RSS are contacted only for feeds an administrator configures. Provider changes will be published here before the new provider handles external server data.

Incident response

Pengy monitors readiness, delivery failures, billing events, queues, and security-sensitive operations. Confirmed incidents are contained, investigated, documented, and communicated to affected server administrators when action is required.

Support and reporting

Use Feedback for product issues. Open a private ticket in the Pengy support server for privacy questions or security reports. The public status page shows current service health.