Last updated: 10 June 2026
PelicanNET collects the minimum information needed to run a voice-comms relay service. This page explains what that is, where it lives, and your choices.
PelicanNET is operated by Gary Bissett, based in Australia. For anything privacy-related, contact [email protected].
| Data | When | Why |
|---|---|---|
| Email address & password | Account signup | Sign-in and account recovery. Passwords are stored only as secure hashes by our auth provider — we never see them. |
| Org name & callsign | Signup / profile | Linking your account to your organisation and seat. |
| Seat assignments & relay keys | Org provisioning | Authorising which channels each seat can key. |
| Discord server & channel IDs | Org provisioning | Connecting the relay bots to the right channels. We don't access message history. |
| Support tickets | When you open one | Resolving your issue; kept as a record of the conversation. |
| Audit & service logs | While you use the service | Security and troubleshooting — e.g. sign-ins, downloads, channel open/close events. Logs are operational metadata only, never voice content. |
Standard web-server logs (IP address, browser type, pages requested) are processed by our hosting provider to serve the site and defend against abuse.
We don't sell personal information, share it with advertisers, or use it for profiling.
We use essential cookies only: a session cookie (pn_session) to keep you signed in, and a preview-access cookie used while the site is gated. No analytics or advertising cookies.
We use a small number of service providers to run PelicanNET: Supabase (account database and authentication), Cloudflare (website hosting and security), and a virtual private server provider (the relay itself, reachable only over a private VPN). Discord carries the voice channels under its own privacy policy. Some providers store data outside Australia (typically the United States); we choose providers with strong security practices and contractual safeguards.
Account and org data is kept while your account is active. Support tickets and audit logs are kept as long as they're useful for security and support, then deleted. When your account is closed, we delete or de-identify your personal information within a reasonable period, except where we must keep records to meet legal obligations.
You can ask us at any time to access, correct, or delete the personal information we hold about you, or to close your account — email [email protected]. We handle personal information in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth). If you're unhappy with how we've handled a complaint, you can raise it with the Office of the Australian Information Commissioner (OAIC).
The relay runs behind its own VPN, off the open internet. Access to systems and data is limited to what's needed to operate the service, credentials are issued per seat, and transport is encrypted. No system is perfectly secure, but minimising what we collect is our first line of defence — data we don't hold can't leak.
The service is not directed at children under 16, and we don't knowingly collect their information. If you believe a child has created an account, contact us and we'll remove it.
If we change this policy, we'll post the new version here with an updated date and make reasonable efforts to notify account holders of material changes.
