JonKazama-Hellion/HellionChat
1
0
Fork 0
Code Issues Pull Requests Actions Releases 28 Activity
Files
3f2e56be67f580a181bc18bb26897dd1595b35a0
HellionChat/PRIVACY.md
T
JonKazama-Hellion 1b63765caa docs: community standards, privacy notice and release-body automation 
Closes the remaining gaps in GitHub's community-standards check, adds
explicit privacy and dependency documentation matching the plugin's
"DSGVO-by-design" claim, and removes the stale upstream Crowdin
artefact so the repo no longer suggests it ships its own translation
pipeline.

New community-health files:

- CODE_OF_CONDUCT.md: project-specific, short and direct, single
  reporting path to kontakt@hellion-media.de
- CONTRIBUTING.md: scope, accepted vs declined contributions, build
  and test instructions, EUPL-1.2 contribution terms, translation
  policy split between Hellion-specific (here) and upstream strings
  (Chat 2 repo)
- SUPPORT.md: routing for bugs, security, privacy and casual feedback
- .github/PULL_REQUEST_TEMPLATE.md: summary, change-type checklist,
  testing notes, compatibility notes for migrations and manifest
  fields, contribution checklist
- .github/FUNDING.yml: comments-only file, no platforms enabled,
  points donors at the upstream Chat 2 maintainers' Ko-fi pages

New privacy and compliance documentation:

- PRIVACY.md: what the plugin stores locally (config, SQLite,
  EmoteCacheV1), retention defaults, the two outbound network calls
  (BetterTTV API+CDN with ShowEmotes opt-out, Square Enix Lodestone
  font once-off), explicit no-telemetry statement, GDPR
  Art. 15/17/18/20/21 rights mapped to plugin features, third-party
  privacy-policy links
- THIRD_PARTY_NOTICES.md: direct NuGet dependencies with versions
  pinned to v0.5.4 (MessagePack, Microsoft.Data.Sqlite, morelinq,
  Pidgin, SixLabors.ImageSharp under Six Labors Split License 1.0),
  Dalamud SDK and .NET tooling, bundled Exo 2 font (OFL-1.1) and
  plugin icon, network-touch status per component, re-audit commands

Crowdin cleanup:

- crowdin.yml deleted (was upstream Chat 2's project_id 663694,
  pointed at /ChatTwo/Resources/Language.resx, never wired to
  HellionChat strings)
- README, CONTRIBUTING and CODE_OF_CONDUCT no longer suggest
  HellionChat operates a Crowdin project; remaining mentions are
  explicitly framed as upstream Chat 2's workflow

Contact and version consistency:

- Maintainer email switched from maintainer@hellion-media.de to
  kontakt@hellion-media.de in SECURITY.md and NOTICE.md
- README version references updated to 0.5.4 (header, project status
  block) and the update-tag pattern generalised from v0.1.x to v0.X.Y
- bug_report.yml version placeholder bumped to 0.5.4
- Project-documents table added to README footer linking all health
  and reference files in one place

Release-body automation:

- .github/workflows/release.yml now extracts the matching version
  block from ChatTwo/HellionChat.yaml's changelog and combines it
  with a static install / docs footer (custom-repo URL, project
  document links, licence) before passing the result to
  softprops/action-gh-release@v3 via body_path
- Workflow fails fast if no changelog block exists for the tagged
  version, automating the existing "yaml + repo.json + release body
  kept in sync" rule
- Tag value passed via env: TAG_NAME with strict ^v\d+\.\d+\.\d+$
  validation before any string concatenation, so the tag input cannot
  break out into shell evaluation
2026-05-03 10:42:07 +02:00

11 KiB
Raw Blame History

Privacy notice

HellionChat is a Dalamud plugin for FINAL FANTASY XIV that focuses on giving the user explicit control over what their chat client stores locally. This document describes what the plugin does with your data, what it does not do, and how you exercise the rights the GDPR gives you over data you generate yourself.

This document is informational. The maintainer of HellionChat is not a controller or processor of your data in the GDPR sense, because no data ever leaves your machine on the maintainer's infrastructure. Independently of that, the plugin is built so that you can act on your own data the way the GDPR expects.

Last reviewed: 2026-05-03 (HellionChat v0.5.4).

TL;DR

  • All chat data the plugin stores stays on your machine, in your Dalamud pluginConfigs/HellionChat/ directory.
  • The plugin does not phone home. There is no telemetry, no analytics, no crash reporter, no usage counter, no remote update check beyond what Dalamud itself does.
  • Two outbound network calls exist by design: the BetterTTV emote service (for chat emotes) and the Square Enix Lodestone font CDN (for the in-game symbol font). Both are documented in detail below and both can be reasoned about per request.
  • You can export every message the plugin has stored, in Markdown, JSON or CSV, and you can wipe stored history per channel, per date range, or globally.

What the plugin stores locally

HellionChat keeps three kinds of state on your machine, all under %appdata%\XIVLauncher\pluginConfigs\HellionChat\ on Windows (~/.xlcore/pluginConfigs/HellionChat/ on Linux/macOS via XIVLauncher Core):

  1. Configuration (HellionChat.json) Plugin settings, channel whitelist, retention values, layout state, theme colours. Contains no chat content.

  2. Message database (SQLite file in the same directory) Chat messages from the channels on your whitelist, stored as MessagePack-encoded blobs. Default whitelist out of the box covers only your own conversations: tells, party, free company, linkshells, cross-world linkshells, alliance, ExtraChat. Public chat, NPC dialogue, system messages and battle logs are dropped on the storage layer and never written to disk.

  3. Cached emote images (EmoteCacheV1/ directory) Image files downloaded from BetterTTV when an emote appears in a message you receive. See "Outbound network calls" below.

There is no shared state with the upstream Chat 2 plugin. pluginConfigs/HellionChat/ is independent from pluginConfigs/ChatTwo/.

Retention defaults

  • Tells: 365 days
  • Your-conversation channels (party, FC, linkshells, cross-world LS, alliance, ExtraChat): 90 days
  • Global default for anything else: 30 days

Retention is off by default. The plugin does not delete anything on its own until you explicitly turn the retention sweep on in the settings. Until then, stored messages stay until you clear them.

What the plugin does not store

  • Public chat (/say, /yell, /shout), NPC dialogue, system messages and battle logs. These are filtered before they reach the storage layer.
  • Anything from channels you remove from the whitelist. The privacy filter runs on the way in, not on the way out.
  • Login credentials, character IDs, account IDs. The plugin uses whatever Dalamud already exposes about the local character to attribute messages; nothing of that is sent anywhere or persisted beyond the message itself.

Outbound network calls

HellionChat makes two kinds of automatic outbound network requests. Both are inherited from upstream Chat 2 and both are documented here because "DSGVO-by-design" means you should know what your client does on your behalf.

1. BetterTTV emote service (api.betterttv.net, cdn.betterttv.net)

  • What it does: When a chat message arrives that references a BetterTTV emote, the plugin asks the BetterTTV API for the emote metadata and downloads the image from the BetterTTV CDN to display it inline.
  • What is sent: A standard HTTPS GET request. Your IP address reaches BetterTTV (unavoidable for any HTTPS request); the request itself contains no identifying user data, no character name, no message text. Only the emote ID being looked up is in the URL path.
  • When it triggers: Only when an incoming message contains an emote token that is on the BetterTTV emote list.
  • Cached: Yes, in emoteCache/. A given emote is downloaded once per machine and reused.
  • How to opt out: Turn off the Show emotes option in Settings → Chat. With it disabled, the emote cache does not load and no requests to BetterTTV are made for the rest of the session.
  • BetterTTV's privacy policy: https://betterttv.com/privacy

Source: ChatTwo/EmoteCache.cs.

2. Square Enix Lodestone font (img.finalfantasyxiv.com)

  • What it does: Downloads the FFXIV_Lodestone_SSF.ttf font file from the official Square Enix Lodestone CDN once during font setup, so the plugin can render in-game special symbols (job icons, item glyphs, etc.) inside ImGui.
  • What is sent: A single HTTPS GET request to the public Square Enix font URL. Your IP address reaches Square Enix (unavoidable); no character data, no plugin identifier, no message content.
  • When it triggers: Once per font initialisation, not per session if the file is already cached locally.
  • Cached: Yes, by Dalamud's font subsystem.
  • How to opt out: This call is part of the font pipeline inherited from upstream Chat 2 and not toggleable from the settings UI today. If a user-facing opt-out for this would be useful for you, please open a feature-request issue.

Source: ChatTwo/FontManager.cs.

Links you click yourself (no automatic traffic)

The settings panel contains a few buttons that open external pages in your browser when you click them: the upstream Chat 2 GitHub repo, the upstream maintainers' Ko-fi pages, the HellionChat issue tracker and hellion-media.de. Nothing happens until you click. They are documented here for completeness, not because they generate background traffic.

What the plugin does not do

  • No telemetry. Source verified: no calls to AppInsights, Sentry, PostHog, Plausible, Google Analytics, Microsoft Clarity or any comparable service exist in the codebase, nor in the direct dependencies the plugin pulls in. See THIRD_PARTY_NOTICES.md.
  • No crash reporting. Crashes go to Dalamud's local xllog, not to a remote endpoint controlled by HellionChat.
  • No usage counters. The plugin does not count installs, sessions, feature usage, channel activity or anything else for the maintainer.
  • No phone-home update check. Updates are delivered through Dalamud's plugin installer, which polls the custom-repo repo.json on GitHub. That is GitHub's traffic and falls under GitHub's privacy policy; the plugin code does no separate update check.
  • No background sync. Messages stay on your machine. There is no cloud backup, no sharing feature, no remote viewer.

Your data, your rights

The GDPR gives you specific rights over data about you. Because HellionChat stores everything locally, those rights translate directly into plugin features:

Right to access (Art. 15)

Use the export feature in the plugin settings. You can export to Markdown, JSON or CSV, filtered by channel, date range or sender substring. The export goes through a Dalamud file dialog and writes wherever you point it, on your machine.

Right to erasure (Art. 17)

Two options:

  1. Targeted deletion — the "retroactive cleanup" feature lets you apply your current whitelist to the existing database. It shows a preview of what will be removed before you confirm with Ctrl+Shift, runs in the background, and calls VACUUM afterwards to actually shrink the file.
  2. Full deletion — close the game and delete the pluginConfigs/HellionChat/ directory. Next plugin start will produce a fresh, empty configuration.

Right to portability (Art. 20)

The JSON and CSV exports are open formats. The Markdown export is human-readable and machine-parseable. Nothing is locked into a proprietary container.

Right to object / restrict processing (Art. 21, 18)

Adjust the channel whitelist or set retention to a low value. Both take effect immediately on new messages; existing data needs the retroactive cleanup to apply retroactively, by design.

Third parties involved

Party Why they appear What reaches them Their privacy policy
BetterTTV (NightDev LLC) Optional emote rendering HTTPS request for an emote ID; your IP https://betterttv.com/privacy
Square Enix Lodestone font download (once) HTTPS request for the font file; your IP https://www.square-enix.com/privacy
GitHub (Microsoft) Plugin distribution via custom repo, issue tracker Whatever GitHub sees from any HTTPS request to a public repo https://docs.github.com/site-policy/privacy-policies/github-general-privacy-statement
Dalamud / XIVLauncher (goatcorp) Plugin loader, font subsystem, repo polling Whatever Dalamud reports for itself; out of HellionChat's scope https://github.com/goatcorp/Dalamud

Square Enix and GitHub are unavoidable for anyone playing FFXIV through Dalamud at all. BetterTTV is the only third party HellionChat introduces on top of the baseline that is not also part of using FFXIV or Dalamud, and BetterTTV is opt-out via settings.

Dependencies that touch the network

For a full dependency inventory see THIRD_PARTY_NOTICES.md. Of the direct dependencies the plugin pulls in:

  • MessagePack — local serialisation, no network.
  • Microsoft.Data.Sqlite — local SQLite access, no network.
  • morelinq — LINQ helpers, no network.
  • Pidgin — parser combinators, no network.
  • SixLabors.ImageSharp — image decoding (used for the BetterTTV emote pipeline), no network on its own.

The two network calls listed under "Outbound network calls" are written directly in HellionChat's own source, not delegated to a dependency.

Changes to this notice

If a future release changes what HellionChat stores, sends or caches, this document will be updated and the change called out in the changelog block of that release. The "Last reviewed" date at the top tracks the version this document is accurate for.

Questions

For privacy-related questions specific to HellionChat:

  • Email: kontakt@hellion-media.de
  • Discord DM: @j.j_kazama

Security-relevant findings (e.g. the plugin storing or sending something this document says it does not) go through the private advisory in SECURITY.md, not a public issue.

Reference in New Issue View Git Blame Copy Permalink