EpikChat

Connect & Chat Instantly

Developer Policy

Guidance for users looking to develop scripts, bots, or other extensions for the EpikChat platform.

To connect and interact with EpikChat servers programmatically, your application must adhere to this developer policy at all times.
In line with EpikChat's commitment to user privacy, we enforce strict limits on how your application may use and retain certain types of data.

1. Bot Functionality Guidelines

  • Proper Use:

    • Use permitted API endpoint or Websocket connection as intended.
    • Avoid abusing or exploiting API functionality.

  • Respect Room Owner Rules:

    • Bots should comply with room-specific rules or permissions as set by the owner of the room.

  • Authentication and Authorization:

    • Your bot must authenticate itself via API keys or Bearer tokens provided by EpikChat.
    • Follow specific User-Agent formatting when connecting to EpikChat servers.
    • Store API keys or tokens securely and do not hardcode them into your bot's code.

2. Interaction with EpikChat Servers

To interact with EpikChat servers programmatically, follow these principles:

  • WebSocket Connections:

    • Bots may establish WebSocket connections to receive real-time events (e.g., messages, user status updates).
    • Avoid reconnecting excessively: If a bot disconnects, use a backoff strategy before attempting to reconnect.

  • Avoid Spamming

    • Bots should not spam chat rooms, send excessive commands, or flood servers with messages.
    • Example: Limit the number of automated replies your bot sends in a short period.

3. Data Retention Limits

EpikChat requires developers to adhere to the following rules when storing data:

  • Message Content Retention:

    • You may store message content only as long as it is necessary for the feature or service provided by your bot.
    • For example:
      • If your bot provides a logging feature, you can retain messages solely to generate logs.
      • If your bot performs sentiment analysis, store only the data required to complete the analysis.
    • Once the purpose has been fulfilled, you must delete the message content.

  • Other Data Retention:

    • User IDs and Room IDs can typically be stored for longer durations, as these are considered "non-sensitive" identifiers and are necessary for ongoing bot functionality (e.g., user tracking for bans, moderation, or leaderboards).
    • Avoid storing sensitive data like user socket identifiers, locations, or personally identifiable information (PII) unless absolutely necessary.

4. What Is Considered Unnecessary Data?

EpikChat's guidelines emphasize that you should only store data directly required for your bot’s functionality. Examples of unnecessary data include:

Unnecessary:

  • Entire messages if only partial information (e.g., keywords or statistics) is needed.
  • Message contentfor general logging if it isn't part of your bot’s intended functionality.
  • Irrelevant metadata: Any metadata (timestamps, socket IDs, locations) that doesn't serve a specific purpose.

Necessary:

  • User IDs and Room IDs: Required to identify users or rooms and apply bot functions like messaging or commands.
  • Relevant message content: If your bot is designed to analyze or act on message content (e.g., moderation, sentiment analysis, or saving user-submitted commands).

3. Best Practices for Compliance

To stay compliant, follow these practices:

  1. Document the Purpose:

    • Have a clear definition of why your bot collects and stores data.
    • Be prepared to explain and justify your retention practices to EpikChat.

  2. Use Selective Storage:

    • Avoid storing full message histories unless absolutely required.
    • If you don’t need message content permanently, store only metadata or summary statistics.

  3. Implement Automated Data Deletion:

    • Add expiration mechanisms for data you store. In most cases bots should delete user and message data after 30 days.
    • Example: Automatically delete message logs older than 30 days if they are no longer needed.

  4. Be Transparent with Users:

    • A privacy policy must be included when requesting an API key and a description that explains how you handle data.

  5. Minimize Scope of Data:

    • If you’re analyzing message trends, don’t store individual messages; instead, store aggregate data.
    • Bots providing searchable archives (e.g., to retrieve commands or historical discussions) can store messages longer than 30 days, provided users are aware of this feature.
    • If your bot helps admins track rule-breaking behavior, you can retain chat logs or flagged messages beyond 30 days to support investigations or appeals.

5. General Privacy Guidelines

To ensure compliance with privacy standards, your bot must adhere to the following:

  • Minimize Data Retention: Retain data only for as long as necessary to fulfill the intended purpose.
  • Avoid Sharing Data:Do not share user data with third parties unless it is required for your bot's functionality and explicitly permitted.
  • Facilitate User Rights:
    • Ensure users can request access to their stored data.
    • Request deletion of their data, particularly for privacy or compliance with regulations like GDPR.
  • Automate Data Deletion: Set automated processes to delete old or unneeded data on a regular basis.

By following these guidelines, you demonstrate a commitment to safeguarding user data, ensuring trust and compliance with privacy standards.


6. Consequences of Non-Compliance

  • API Key Suspension: If your bot violates EpikChat’s rate limits or API policies, its key might be temporarily or permanently suspended.
  • Account Bans: Severe violations, like spamming or excessive reconnecting, can result in the suspension of your bot's account.
  • Legal Implications: Improper handling of user data or intentional abuse of APIs can lead to legal consequences.