Privacy Policy for The Sentinel Discord Bot
Last Updated: July 2026 (Image moderation, ML spam classifier, and summarize disclosures)
Introduction
The Sentinel Discord Bot ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Discord bot service.
Information We Collect
Discord User Information
When you interact with our bot, we collect the following information from Discord:
- User ID: Your unique Discord user identifier
- Username: Your current Discord username
- Discriminator: Your Discord discriminator (if applicable)
- Avatar URL: Link to your Discord profile picture
- Server Information: Guild ID, server name, and your role within servers
Activity Data
We track the following activities to provide our services:
- Message Statistics: Message count per channel and user
- Voice Activity: Time spent in voice channels (when enabled)
- Moderation Actions: Warnings, bans, kicks, and other moderation actions
- Server Analytics: Member counts, message counts, and activity metrics
- Summarize Usage Metadata: When
/summarize or weekly recaps run, we may store operational metadata such as guild/channel/user IDs, timeframe, success or error status, message counts, and token usage. This metadata is for quotas, abuse prevention, and service reliability—not for training AI models.
Content Data
We may store:
- Message Content: For moderation purposes, spam detection, message logging (when enabled), and optional channel summarization
- Deleted Messages: Temporarily stored for audit purposes (purge-related records expire after 24 hours)
- Attachments and Embeds: Metadata and Discord CDN URLs associated with messages for moderation logs
- Image Attachments (when image moderation is enabled): Image bytes may be downloaded and analyzed in real time. We may store image fingerprints (for example SHA-256 and perceptual hashes), attachment filenames, Discord attachment URLs, classifier scores, and related message identifiers (guild, channel, message, and author IDs) for blocklisting and staff review
How We Use Your Information
We use the collected information to:
- Provide Bot Services: Enable moderation, analytics, and utility features
- Maintain Server Security: Detect spam, inappropriate content, and abuse
- Generate Analytics: Create server statistics and activity reports
- Audit Trail: Maintain records of moderation actions for accountability
- Improve Services: Analyze usage patterns to enhance bot functionality
Channel Summarization (/summarize and Weekly Recaps)
When summarization features are enabled for a server, we may read recent message text from configured channels (including content previously stored in message logs) and send that text to a self-hosted language model solely to generate a short summary for the requesting user or channel.
- Limited lookback: Summarization can only use message content from up to the past 14 days. That limit matches our message-log content retention: older message text is cleared and is not available to
/summarize or weekly recaps.
- Inference only: Message text used for summarization is processed to produce a summary response. We do not use summarize transcripts, prompts, or outputs to train, fine-tune, or otherwise improve any machine learning or AI model.
- No training logs: We do not retain summarize message transcripts as a training dataset, and we do not log summarize content for model training purposes.
- What we may retain: Operational metadata only (for example who ran the command, when, which channel, token usage, and success/error status), as described under Activity Data above.
Image Moderation and Machine Learning Spam Detection
Servers may enable optional image moderation. When enabled, Sentinel may inspect image attachments on messages in that server as follows:
- Fingerprint / blocklist matching: We compute fingerprints of image file bytes (such as cryptographic hashes and perceptual hashes) and compare them to a curated blocklist of known spam images. Matching images may trigger automatic moderation actions configured by the server (for example delete, warn, mute, kick, or ban).
- Automated image classifier (inference): Images may be sent to our self-hosted image spam classifier for a spam/not-spam score. This step is used to decide whether to take a moderation action or to queue an image for staff review. Running the classifier on an image for a live moderation decision is inference (scoring an image), not automatic addition of that image to a training set.
- Staff review: Borderline or reported images may be posted to a moderation review queue. Review records may include author and message identifiers, attachment URL, filename, hashes, and classifier score so moderators can confirm or reject the detection.
- Moderator-labeled training data: Only when a moderator explicitly labels an image (for example as spam or not spam), we may retain a copy of that image and its label on our infrastructure—including a separate inference/training system—to improve the image spam classifier. This training path is moderator-initiated. We do not automatically add every scanned image to the training set.
Message text is not used to train the image spam classifier. The classifier is trained on labeled images (and associated labels/hashes), not on chat transcripts from /summarize or general message logs.
Server administrators can disable image moderation features in the dashboard. Global blocklist fingerprints and moderator-labeled training images may be retained for abuse prevention across servers, as described under Data Retention below.
Data Storage and Security
Storage Location
- Operational bot data (configuration, message logs, moderation records, review metadata, and similar) is stored in secure MariaDB databases on our infrastructure
- Image spam classifier inference and moderator-labeled training images may be stored on a separate self-hosted system used only for spam detection and model improvement
- We implement appropriate technical and organizational measures to protect your data
Data Retention
We implement automated data retention policies to balance service functionality with privacy:
Permanent Retention (No Automatic Deletion)
- Moderation Records: Warnings, bans, kicks, and other moderation actions are retained permanently for audit compliance, accountability, and server security. These records are anonymized (not deleted) if you request data deletion, but the audit trail is preserved for server administrators.
- Global Spam Image Fingerprints: Hashes of known spam images on our global blocklist are retained so the same spam content can be blocked across servers. These entries identify image content, not a user profile, though related moderation actions may still reference user IDs.
- Moderator-Labeled Training Images: Images explicitly labeled by moderators for classifier improvement may be retained until we remove them as part of model maintenance or a specific removal request. They are not covered by the automatic message-content clearing schedule below.
Automatic Deletion Policies
- Purge Records: Message purge tracking data is automatically deleted after 24 hours
- Message Logs: Message log records (metadata: who, when, where) are retained for 365 days for statistics. Message content is automatically cleared after 14 days for privacy, but the records remain for accurate statistics.
- Message Statistics: Message count and activity statistics are retained for 365 days (1 year), then automatically deleted
- Image Classifier Review Records: Per-server review queue metadata may be retained for moderation history and feedback tracking; attachment URLs may stop working when Discord expires them
- Orphaned User Data: User profiles are retained for 30 days after the user leaves all servers, then automatically deleted if no longer referenced
- Deleted Discord Accounts: User data for deleted Discord accounts is retained for 7 days (grace period), then automatically deleted after verification
User-Initiated Deletion
- You may request deletion of your personal data (including activity data such as message logs, message statistics, and voice activity) by contacting us using the methods in Contact Information below
- Please include your Discord user ID and a clear description of your request (for example, deletion of activity data)
- Bot administrators can process approved requests using the
/deleteuserdata command
- Upon request, the following data will be immediately deleted:
- Message logs and statistics
- Voice activity records
- Leveling/XP data
- Reminders
- Deleted messages from purges
- User profile (if no moderation records exist)
- Moderation records will be anonymized (not deleted) to preserve server audit trails
- Image blocklist and training exceptions: Global spam image fingerprints and moderator-labeled training images may not be fully removed by
/deleteuserdata, because they are used for cross-server abuse prevention and model quality. If you need a specific image or hash removed from the blocklist or training set, contact us using the methods in Contact Information and we will review the request.
Guild Removal
- When the bot is removed from a server, data associated with that server is deleted from our primary databases (including messages, statistics, moderation records, and user data tied to that server)
- Global spam image fingerprints and moderator-labeled training images that originated from that server may remain on our abuse-prevention and training systems, because they protect other communities from the same spam content. Contact us to request removal of a specific image or hash.
Data Security
- Database connections are encrypted
- Access to data is restricted to authorized personnel only
- Regular security audits and updates are performed
- Data is backed up securely and regularly
Information Sharing
We do not sell, trade, or otherwise transfer your personal information to third parties except:
- Legal Requirements: When required by law or legal process
- Service Providers: Trusted third parties who assist in operating our service (under strict confidentiality agreements)
- Consent: When you explicitly consent to sharing
Your Rights
Access and Control
- You can request information about data we have collected about you
- You can request correction of inaccurate data
- You can request deletion of your data (including activity data) by contacting us using the methods in Contact Information below (subject to legal and operational requirements)
- Moderation records will be anonymized rather than deleted to preserve server audit trails
Right to Deletion (GDPR)
- You have the right to request deletion of your personal data, including activity data
- Contact us by email at [email protected] or through our support Discord server
- Bot administrators can process deletion requests using the
/deleteuserdata command
- Deletion requests are processed promptly after we verify the request
- Note: Moderation records are anonymized (not deleted) for server audit compliance
Data Portability
- You can request a copy of your data in a portable format
- We will provide this within 30 days of a valid request
- Contact us using the methods in Contact Information below to request a data export
Opt-Out
- You can stop using the bot to prevent further data collection
- Server administrators can remove the bot from their servers (which deletes server-associated data as described under Guild Removal)
- Server administrators can disable features such as AutoMod, message logging, image moderation, and summarization in the dashboard
- Your data will be automatically deleted according to our retention policies, subject to the moderation, blocklist, and training exceptions described above
Third-Party Services
Our bot integrates with:
- Discord API: For core bot functionality
- Database Services: For data storage and management
- Analytics Services: For usage statistics (anonymized)
These services have their own privacy policies, and we encourage you to review them.
Children's Privacy
Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.
International Users
If you are located outside the United States, please note that the information you provide to us will be transferred to and processed in the United States. By using our service, you consent to the transfer of your information to the United States.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date
- Notifying server administrators of significant changes
Contact Information
If you have any questions about this Privacy Policy, our data practices, or to request access, correction, export, or deletion of your personal data (including activity data such as message logs, message statistics, and voice activity), please contact us:
When requesting deletion or export of your data, include your Discord user ID and a brief description of your request so we can locate and process it.
Compliance
This Privacy Policy is designed to comply with:
- Discord's Terms of Service
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Other applicable privacy laws
Note: This Privacy Policy is effective as of the date listed above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.