Back to Home

Privacy Policy

Effective July 6, 2026

This Privacy Policy explains how PulseRoster ("PulseRoster", "we", "us") collects, uses, shares, and protects information when you use our roster-management platform and related websites, apps, integrations, and Discord bot (the "Service"). PulseRoster is a product of PulseTech, a division of PJL Telecom LLC, located at 9169 W State St. Unit 2215, Boise, ID 83714. By using the Service you agree to this Policy.

Operators, please note: if you run a community on PulseRoster, you decide what member information to enter and are the controller of that data for your community. PulseRoster processes it on your behalf to provide the Service. You are responsible for having a lawful basis to add members and for telling your members how their data is used.

1. Information We Collect

Account information

When you register with email we collect your email address, a display name, and a password (stored only as a bcrypt hash, never in plain text). If you sign in with Discord we create your account from your Discord profile instead (see Integrations). We also record sign-in metadata such as your last login time and method.

Member and roster data

Operators and their staff enter roster data about community members, which may include a member's display name and (optionally) first and last name, join and termination dates and reasons, department and rank assignments, subdivisions, callsign, badge number, unit number, certifications, roleplay character names, custom fields defined by the community, and internal member notes. This data describes participation in a fictional roleplay organization.

Sensitive community records

Depending on the features a community uses, the Service stores administrative records that may contain free-text detail, including disciplinary records and appeals, probation records, leave-of-absence requests (and their reasons and review notes), commendations, callsign-change history, transfer requests, and private member notes. Operators control who within their community can view these records; some are limited to command staff or marked private.

FiveM and game identifiers

A community may store game-account identifiers for a member, such as a FiveM license, Steam ID/Hex, or similar values entered in custom fields, to identify the member in-game and to power the optional PulseCAD integration.

Billing information

Paid plans are handled by our separate billing provider (see Integrations). PulseRoster itself stores your community's subscription tier and status and billing-sync metadata; it does not store your card number or full payment details, which are handled by the billing provider and its payment processor.

Uploads

You may upload images (such as community, department, and member avatars and logos) and PDF documents to the built-in documentation library. These files are stored on our servers and served to authorized users of your community.

Technical and log data

To operate and secure the Service we collect standard technical data, including IP address, browser/user-agent, timestamps, and audit and event logs of actions taken in the Service (for example, sign-ins and administrative changes).

2. How We Use Your Information

  • Provide, operate, and maintain the Service and its features;
  • Authenticate you and link your Discord identity at your request;
  • Power roster, department, certification, activity, LOA, disciplinary, and documentation features;
  • Sync Discord roles and post notifications to channels an operator configures;
  • Send service email (verification, magic-link sign-in, password reset, invitations, and account/community lifecycle and billing notices);
  • Process and manage subscriptions through our billing provider;
  • Secure the Service, prevent fraud and abuse, and enforce our Terms;
  • Understand aggregate usage and measure our marketing, with your consent where required (see Cookies);
  • Comply with legal obligations.

3. Cookies, Analytics & Advertising

We and our providers use cookies and similar technologies:

  • Strictly necessary — our session cookie pulseroster_session (a signed, HTTP-only login token with a rolling ~7-day lifetime) and short-lived cookies used during Discord sign-in. For browsers that block cookies, we mirror the session token in your browser's local storage so you stay signed in. These are required for the Service to work.
  • Preferences — local storage that remembers settings such as your theme.
  • Analytics and advertising — where you consent, we use Google Analytics 4 and Google Ads (Google) and the Reddit Pixel (Reddit) to measure aggregate usage and the effectiveness of our advertising, and our hosting provider (Cloudflare) may collect privacy-focused performance metrics. These set cookies and share data with those providers. Where consent is required (for example in the EEA and UK), these analytics and advertising technologies are disabled by default and load only after you accept them in our cookie banner (using Google Consent Mode); until then they are off. You can change your choice at any time through the banner or your browser settings.

Separately, to measure the effectiveness of our advertising we may confirm certain events (such as creating an account) to advertising partners (for example, Reddit) through server-side conversion measurement. This is done from our servers, is limited to the event and basic attribution data, and does not rely on cookies in your browser — so it operates independently of the cookie banner above.

We do not sell your personal information for money. Some privacy laws (such as the California CPRA) treat the use of advertising cookies or advertising conversion measurement as a "sale" or "sharing"; you can opt out by declining advertising cookies in our banner and by emailing us to opt out of server-side conversion measurement. Blocking strictly necessary cookies will prevent sign-in.

4. Public Rosters

A community operator may choose to publish a public roster page for their community. This feature is off by default and is controlled by the operator per community, per department, and per subdivision. When an operator turns it on, the fields they enable become viewable by anyone with the link, without signing in. Depending on the operator's settings and display-name format, a public roster can show a member's display name (which may include a real first/last name if the operator's format uses it), Discord username and avatar, department, rank, callsign, badge number, join date, subdivisions, status, and certifications. Member email addresses and internal/administrative records (notes, disciplinary, LOA, etc.) are never shown on public rosters. If you do not want your information on a public roster, contact your community's operator, who controls this setting.

5. Integrations (Discord, PulseCAD, FiveM)

Discord (sign-in and bot)

If you sign in with or link Discord, we use Discord OAuth with the scopes identify, email, guilds, and guilds.members.read. We store your Discord user id, username, discriminator, avatar, and email. We read your list of Discord servers and your membership in them only at the moment you sign in or when an operator imports members — this is used to let operators pick a server and match members, and it is not stored as a separate profile. We do not receive your Discord password.

Our optional Discord bot, and the Service acting through it, use the "Guilds" and "Guild Members" permissions to run slash commands (which reply with links to the app), synchronize Discord roles to match roster ranks, certifications, and subdivisions, and post notifications to channels an operator configures. The bot does not read the content of members' ordinary Discord messages. Operators control the bot and can remove it at any time.

PulseCAD

PulseCAD is our companion Computer-Aided Dispatch product (also operated by PJL Telecom LLC). An operator on a qualifying paid plan may connect PulseCAD to their PulseRoster community using a service API key (only a hash of the key is stored). When connected, PulseCAD reads roster data at the operator's direction, including each member's display name, email, Discord id, FiveM license, Steam ID, department and rank assignments, callsign, badge and unit number, staff role, and certifications, so members can be set up and managed in PulseCAD. Disconnecting the key stops this access. Because PulseCAD and PulseRoster are operated by the same company, this is a first-party integration; your use of PulseCAD is also governed by its own terms and privacy policy.

6. How We Share Information

We do not sell your personal information for money. We share information only:

  • Within your community — operators and staff can see the roster and records you or your members create, according to the permissions the operator sets;
  • With service providers / sub-processors under confidentiality obligations, including our hosting/infrastructure and CDN provider (Cloudflare), our email provider (Mailgun, and a secondary email provider), our billing provider (billing.mypulsetech.com) and its payment processor, Google (Analytics and Ads), and Reddit (advertising);
  • With platforms you connect — Discord, and PulseCAD where you enable it;
  • Publicly — only the fields an operator chooses to publish on a public roster (see section 4);
  • For legal reasons — to comply with law or protect rights, safety, and the integrity of the Service;
  • In a business transfer — if PJL Telecom LLC is involved in a merger, acquisition, or sale of assets, subject to this Policy.

7. Data Storage and Security

We use industry-standard measures including encryption in transit (HTTPS), bcrypt-hashed passwords, hashed service API keys, tenant isolation between communities, and access controls. No method of transmission or storage is 100% secure, but we work to protect your data and will notify affected users and any required authorities of a data breach as required by law.

8. Data Retention

We keep information as long as needed to provide the Service, and otherwise as described here:

  • Account and community data are retained while your account or community is active;
  • When a community is deleted, it is scheduled for permanent deletion after a grace period of about 30 days. Free communities with no staff sign-in for an extended period (about 14 days) may be marked inactive and, after about 30 days, scheduled for deletion following the same grace period. Paid communities are exempt from inactivity deletion;
  • Audit logs and user-event logs (including IP addresses) are retained for about 90 days;
  • Email-verification links expire after 24 hours; magic-link sign-in and password-reset links expire after 1 hour.

You may delete records, unlink Discord, or request deletion of your account at any time (see Your Rights). We delete or de-identify associated personal data except where retention is required by law.

9. Your Rights

Depending on where you live, you may have rights under laws such as the GDPR or California CCPA/CPRA, including the right to:

  • Access and receive a copy of your personal data, and export your community data;
  • Correct inaccurate data;
  • Delete your account and associated personal data;
  • Unlink Discord and manage analytics/advertising cookies through our banner;
  • Opt out of the "sale"/"sharing" of personal information (decline advertising cookies), without discrimination.

To exercise these rights, email [email protected]. We will verify and respond within 30 days (or as your local law requires). If your data is held by a community you belong to, we may direct your request to that community's operator, who controls that data.

10. Children's Privacy

The Service is not directed to children, and you must be at least 13 years old (or the higher minimum age required in your jurisdiction, such as 16 in parts of the EEA) to create an account. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will delete it.

11. International Transfers

We are based in the United States and process and store information in the United States and other countries where our providers operate. Where required, we take steps to protect your information consistent with this Policy.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be reflected by updating the effective date above and, where appropriate, additional notice.

13. Contact Us

Questions or requests about this Policy or your data: email [email protected], or write to PulseTech, a division of PJL Telecom LLC, 9169 W State St. Unit 2215, Boise, ID 83714, phone (208) 992-5045.